URL: https://nordot.app/1103463313237606400
Submission: On January 31 via api from CA — Scanned from CA

Summary

This website contacted 115 IPs in 7 countries across 101 domains to perform 437 HTTP transactions. The main IP is 2001:4860:4802:32::15, located in United States and belongs to GOOGLE, US. The main domain is nordot.app. The Cisco Umbrella rank of the primary domain is 290750.
TLS certificate: Issued by GTS CA 1D4 on December 31st 2023. Valid for: 3 months.
This is the only time nordot.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2001:4860:480... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
4 13.32.208.44 16509 (AMAZON-02)
3 183.79.249.124 24572 (YAHOO-JP-...)
3 2a04:4e42::393 54113 (FASTLY)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
15 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
3 18.239.163.100 16509 (AMAZON-02)
3 54.192.51.66 16509 (AMAZON-02)
1 54.192.51.46 16509 (AMAZON-02)
3 2400:52e0:1a0... 200325 (BUNNYCDN)
5 99.84.242.155 16509 (AMAZON-02)
10 2607:f8b0:400... 15169 (GOOGLE)
5 23.209.57.14 16625 (AKAMAI-AS)
2 52.71.119.229 14618 (AMAZON-AES)
5 2a04:4e42:200... 54113 (FASTLY)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2602:803:c002... 26667 (RUBICONPR...)
6 34.235.214.237 14618 (AMAZON-AES)
5 157.230.1.97 14061 (DIGITALOC...)
6 14 68.67.160.132 29990 (ASN-APPNEX)
2 8 34.237.238.183 14618 (AMAZON-AES)
6 51.222.239.230 16276 (OVH)
6 202.233.84.2 131957 (MICROAD M...)
5 2606:4700:440... 13335 (CLOUDFLAR...)
10 69.194.240.11 26120 (RHYTHMONE)
5 2620:100:a001... 19750 (AS-CRITEO)
11 44.196.126.70 14618 (AMAZON-AES)
4 104.36.115.111 62713 (AS-PUBMATIC)
4 173.237.69.68 7979 (SERVERS-COM)
10 3.92.156.8 14618 (AMAZON-AES)
4 54.84.92.154 14618 (AMAZON-AES)
2 22 52.46.155.104 16509 (AMAZON-02)
9 52.87.69.37 14618 (AMAZON-AES)
4 34.225.168.29 14618 (AMAZON-AES)
1 34.102.146.192 396982 (GOOGLE-CL...)
9 2620:100:a001::4 19750 (AS-CRITEO)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 3.162.3.33 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 54.192.51.49 16509 (AMAZON-02)
8 8 35.211.178.172 15169 (GOOGLE)
1 1 23.221.252.28 16625 (AKAMAI-AS)
3 9 172.64.151.101 13335 (CLOUDFLAR...)
1 1 216.22.16.69 30633 (LEASEWEB-...)
4 4 2606:ae80:145... 25751 (VALUECLICK)
6 23.39.177.103 16625 (AKAMAI-AS)
1 1 2600:9000:230... 16509 (AMAZON-02)
2 2 35.236.220.17 396982 (GOOGLE-CL...)
1 1 35.208.249.213 19527 (GOOGLE-2)
7 23.20.238.88 14618 (AMAZON-AES)
2 2 50.31.142.255 23352 (SERVERCEN...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 8.28.7.81 62713 (AS-PUBMATIC)
5 5 35.207.24.140 15169 (GOOGLE)
1 1 213.19.162.90 3356 (LEVEL3)
2 2 207.198.113.93 13768 (COGECO-PEER1)
2 2 52.21.39.178 14618 (AMAZON-AES)
4 7 34.111.113.62 396982 (GOOGLE-CL...)
1 1 54.204.225.159 14618 (AMAZON-AES)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 34.193.13.213 14618 (AMAZON-AES)
1 1 3.21.9.176 16509 (AMAZON-02)
1 1 35.226.42.89 396982 (GOOGLE-CL...)
3 4 23.197.109.53 ()
6 8 142.251.111.154 15169 (GOOGLE)
7 7 3.33.220.150 16509 (AMAZON-02)
1 2600:1f18:61c... 14618 (AMAZON-AES)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
2 2 151.101.2.49 54113 (FASTLY)
5 2607:f8b0:400... 15169 (GOOGLE)
1 1 52.202.42.48 14618 (AMAZON-AES)
1 35.227.239.69 15169 (GOOGLE)
1 40.76.134.238 8075 (MICROSOFT...)
1 3 52.223.22.214 16509 (AMAZON-02)
8 8.28.7.83 62713 (AS-PUBMATIC)
2 3 2600:1f18:4e9... 14618 (AMAZON-AES)
1 2620:100:a001... 19750 (AS-CRITEO)
3 2607:f8b0:400... 15169 (GOOGLE)
2 54.192.51.78 16509 (AMAZON-02)
7 2620:116:800d... 16509 (AMAZON-02)
1 23.209.58.25 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 44.216.238.183 14618 (AMAZON-AES)
1 3 18.161.34.76 16509 (AMAZON-02)
1 35.190.39.111 15169 (GOOGLE)
3 162.19.138.116 16276 (OVH)
11 17 69.173.151.100 26667 (RUBICONPR...)
1 74.119.119.147 19750 (AS-CRITEO)
1 23.192.41.210 16625 (AKAMAI-AS)
2 129.80.143.41 31898 (ORACLE-BM...)
1 162.248.18.36 62713 (AS-PUBMATIC)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2001:19f0:5:5... 20473 (AS-CHOOPA)
12 2620:100:a001::9 19750 (AS-CRITEO)
2 2620:100:a001... 19750 (AS-CRITEO)
1 1 8.43.72.97 26667 (RUBICONPR...)
2 8.28.7.84 62713 (AS-PUBMATIC)
2 2620:100:a001::c 19750 (AS-CRITEO)
2 5 35.244.193.51 396982 (GOOGLE-CL...)
2 54.90.40.160 14618 (AMAZON-AES)
6 7 3.211.143.64 14618 (AMAZON-AES)
4 159.89.230.101 14061 (DIGITALOC...)
2 151.101.1.108 54113 (FASTLY)
4 5 172.240.155.84 7979 (SERVERS-COM)
2 2 52.73.214.211 ()
1 5 44.209.113.136 ()
1 192.132.33.69 ()
1 147.135.94.212 ()
1 2620:1ec:21::14 ()
1 67.220.228.201 ()
4 4 54.146.185.181 ()
2 147.75.198.144 ()
2 2 52.3.97.246 ()
1 2600:9000:210... ()
12 54.192.51.13 ()
1 54.192.51.99 ()
1 54.192.51.94 ()
4 23.203.242.17 ()
2 2 3.217.51.221 ()
1 2 34.235.77.155 ()
1 2 35.244.159.8 ()
1 54.146.20.223 ()
1 52.55.97.47 ()
1 1 34.200.65.202 ()
1 1 199.38.167.131 ()
2 2606:4700:10:... ()
4 69.194.240.13 ()
1 64.227.26.10 ()
2 2 18.210.70.9 ()
1 192.241.159.82 ()
1 2606:4700:10:... ()
1 2620:100:a001::3 ()
1 1 67.202.105.22 ()
1 2 67.202.105.32 ()
1 1 35.214.250.24 ()
2 2 35.186.253.211 ()
1 1 23.192.31.127 ()
2 162.19.138.82 ()
1 2606:4700::68... ()
437 115
Apex Domain
Subdomains
Transfer
32 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com
93 KB
31 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
eus.rubiconproject.com — Cisco Umbrella Rank: 579
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2084
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
pixel.rubiconproject.com
secure-assets.rubiconproject.com
53 KB
31 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 7198
trends.revcontent.com — Cisco Umbrella Rank: 2565 Failed
yeet.revcontent.com — Cisco Umbrella Rank: 8249
img.revcontent.com — Cisco Umbrella Rank: 9158
images.revcontent.com
media.revcontent.com Failed
267 KB
23 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
imageproxy.us.criteo.net — Cisco Umbrella Rank: 3202
csm.us.criteo.net — Cisco Umbrella Rank: 3277
318 KB
22 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 535
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
image6.pubmatic.com — Cisco Umbrella Rank: 805
image2.pubmatic.com — Cisco Umbrella Rank: 912
simage2.pubmatic.com — Cisco Umbrella Rank: 870
st.pubmatic.com — Cisco Umbrella Rank: 1309
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
image4.pubmatic.com
117 KB
20 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
528 KB
18 nextmillmedia.com
pbs.nextmillmedia.com — Cisco Umbrella Rank: 3013
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2123
9 KB
16 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
ce.lijit.com — Cisco Umbrella Rank: 859
he.lijit.com — Cisco Umbrella Rank: 2846
10 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
acdn.adnxs.com — Cisco Umbrella Rank: 598
secure.adnxs.com
48 KB
15 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1891
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4267
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
ups.analytics.yahoo.com
13 KB
15 nordot.jp
log.nordot.jp — Cisco Umbrella Rank: 364296
15 KB
11 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 978
match.sharethrough.com
5 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
ads.us.criteo.com — Cisco Umbrella Rank: 3179
cat.va.us.criteo.com — Cisco Umbrella Rank: 3347
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com Failed
rtb.va.us.criteo.com
48 KB
10 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 863
996 B
10 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
70 KB
9 googlesyndication.com
d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
115 KB
9 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
ssum.casalemedia.com
6 KB
9 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1337
sync.colossusssp.com — Cisco Umbrella Rank: 1430
4 KB
9 kueezrtb.com
exchange.kueezrtb.com — Cisco Umbrella Rank: 7361
sync.kueezrtb.com — Cisco Umbrella Rank: 7258
30 KB
9 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1603
mp.4dex.io — Cisco Umbrella Rank: 2539
50 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
4 KB
8 nordot.app
nordot.app — Cisco Umbrella Rank: 290750
27 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
3 KB
7 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
1 KB
7 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1299
lexicon.33across.com — Cisco Umbrella Rank: 1517
ssc-cms.33across.com
7 KB
6 quantserve.com
exch.quantserve.com — Cisco Umbrella Rank: 3807
secure.quantserve.com — Cisco Umbrella Rank: 1364
pixel.quantserve.com — Cisco Umbrella Rank: 1007
11 KB
6 microad.jp
s-rtb-pb.send.microad.jp — Cisco Umbrella Rank: 87784
3 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
3 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282
rtb-use.mfadsrvr.com
1 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
14 KB
5 solutionshindsight.net
static.solutionshindsight.net — Cisco Umbrella Rank: 36414
funes.solutionshindsight.net — Cisco Umbrella Rank: 39766
34 KB
5 whizzco.com
cdn.whizzco.com — Cisco Umbrella Rank: 98782
api.whizzco.com — Cisco Umbrella Rank: 98185
4 KB
4 1rx.io
sync.1rx.io
393 B
4 openx.net
us-u.openx.net
rtb.openx.net
1 KB
4 moatpixel.com
quantcast584928381.s.moatpixel.com
1004 B
4 bidr.io
match.prod.bidr.io
2 KB
4 quantcount.com
content.quantcount.com — Cisco Umbrella Rank: 5215
pixel.quantcount.com — Cisco Umbrella Rank: 3427
rules.quantcount.com
4 KB
4 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5046
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3439
1 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
13 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 857
id5-sync.com — Cisco Umbrella Rank: 425
27 KB
4 brainlyads.com
report2.hb.brainlyads.com — Cisco Umbrella Rank: 4627
3 KB
4 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 286
ajax.googleapis.com — Cisco Umbrella Rank: 369
81 KB
3 a-mo.net
prebid.a-mo.net
assets.a-mo.net
9 KB
3 cootlogix.com
bisrtb.cootlogix.com — Cisco Umbrella Rank: 11150
openrtb.cootlogix.com
sync.cootlogix.com Failed
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
3 KB
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 704
mb.moatads.com — Cisco Umbrella Rank: 809
113 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
772 B
3 addthis.com
e.dlx.addthis.com
x.dlx.addthis.com
2 KB
3 b-cdn.net
didna.b-cdn.net — Cisco Umbrella Rank: 41511
4 KB
3 cloudinary.com
nordot-res.cloudinary.com — Cisco Umbrella Rank: 299722
22 KB
3 yimg.jp
yads.c.yimg.jp — Cisco Umbrella Rank: 41156
s.yimg.jp Failed
93 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com
539 B
2 tynt.com
de.tynt.com
hde.tynt.com
736 B
2 yieldmo.com
ads.yieldmo.com
1 KB
2 ad.gt
ids.ad.gt
268 B
2 thrtle.com
thrtle.com
686 B
2 adgrx.com
cm.adgrx.com
959 B
2 ipredictive.com
sync.ipredictive.com
1 KB
2 w55c.net
pm.w55c.net
1 KB
2 agkn.com
fid.agkn.com — Cisco Umbrella Rank: 3001
1 KB
2 kueezssp.com
track.kueezssp.com — Cisco Umbrella Rank: 16569
gtrack.kueezssp.com — Cisco Umbrella Rank: 16553
859 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
641 B
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
2 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6940
ssbsync.smartadserver.com
279 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
11 KB
1 loopme.me
csync.loopme.me
279 B
1 ingage.tech
ex.ingage.tech
1 rfihub.com
p.rfihub.com
762 B
1 bfmio.com
sync.bfmio.com
425 B
1 kargo.com
crb.kargo.com
358 B
1 ftstatic.com
ajs-assets.ftstatic.com
agen-assets.ftstatic.com Failed
26 KB
1 linkedin.com
px.ads.linkedin.com
515 B
1 bttrack.com
bttrack.com
306 B
1 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 954
2 KB
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4356
494 B
1 vidazoo.com
static.vidazoo.com — Cisco Umbrella Rank: 3551
70 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
65 KB
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4022
1 didna.io
storage.didna.io — Cisco Umbrella Rank: 347959
3 KB
1 eqads.com
um4.eqads.com — Cisco Umbrella Rank: 2702
270 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1515
423 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1407
181 B
1 bluekai.com
stags.bluekai.com
513 B
1 alcmpn.com
p.alcmpn.com — Cisco Umbrella Rank: 2926
380 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1217
518 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
1 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1161
361 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
441 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1236
665 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948
3 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
93 KB
0 turn.com Failed
ad.turn.com Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 intentiq.com Failed
sync.intentiq.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
437 101
Domain Requested by
22 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ce.lijit.com
ssum-sec.casalemedia.com
ads.pubmatic.com
15 log.nordot.jp nordot.app
log.nordot.jp
13 ib.adnxs.com 5 redirects nordot.app
acdn.adnxs.com
12 images.revcontent.com nordot.app
12 imageproxy.us.criteo.net ads.us.criteo.com
12 securepubads.g.doubleclick.net storage.googleapis.com
securepubads.g.doubleclick.net
static.solutionshindsight.net
nordot.app
pagead2.googlesyndication.com
d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
11 pixel.rubiconproject.com 6 redirects s.amazon-adsystem.com
11 pbs.nextmillmedia.com nordot.app
cookies.nextmillmedia.com
10 c2shb.pubgw.yahoo.com nordot.app
10 targeting.unrulymedia.com nordot.app
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 static.criteo.net securepubads.g.doubleclick.net
nordot.app
ads.us.criteo.com
8 cm.g.doubleclick.net 6 redirects s.amazon-adsystem.com
8 x.bidswitch.net 8 redirects
8 yeet.revcontent.com assets.revcontent.com
8 ap.lijit.com 2 redirects nordot.app
cookies.nextmillmedia.com
8 nordot.app nordot.app
7 cookies.nextmillmedia.com 6 redirects nordot.app
7 match.adsrvr.org 7 redirects
7 pixel.tapad.com 4 redirects s.amazon-adsystem.com
sync.colossusssp.com
7 ce.lijit.com s.amazon-adsystem.com
ce.lijit.com
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
nordot.app
cookies.nextmillmedia.com
6 s-rtb-pb.send.microad.jp nordot.app
6 onetag-sys.com nordot.app
6 btlr.sharethrough.com nordot.app
5 match.sharethrough.com 1 redirects nordot.app
s.amazon-adsystem.com
5 sync.colossusssp.com 4 redirects nordot.app
5 lexicon.33across.com 2 redirects nordot.app
cdn-ima.33across.com
5 simage2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
5 trends.revcontent.com assets.revcontent.com
nordot.app
5 bidder.criteo.com nordot.app
5 mp.4dex.io nordot.app
5 exchange.kueezrtb.com nordot.app
5 fastlane.rubiconproject.com nordot.app
5 cdn.jsdelivr.net nordot.app
securepubads.g.doubleclick.net
5 ads.pubmatic.com assets.revcontent.com
s.amazon-adsystem.com
nordot.app
5 aax.amazon-adsystem.com c.amazon-adsystem.com
4 sync.1rx.io sync.colossusssp.com
4 quantcast584928381.s.moatpixel.com nordot.app
4 match.prod.bidr.io 4 redirects
4 sync.kueezrtb.com nordot.app
sync.kueezrtb.com
4 pixel.quantserve.com nordot.app
storage.didna.io
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
pagead2.googlesyndication.com
4 report2.hb.brainlyads.com nordot.app
4 colossusssp.com nordot.app
4 hbopenbid.pubmatic.com nordot.app
4 script.4dex.io nordot.app
script.4dex.io
4 api.whizzco.com cdn.whizzco.com
4 assets.revcontent.com nordot.app
assets.revcontent.com
3 rtb-use.mfadsrvr.com 3 redirects
3 id5-sync.com cdn.id5-sync.com
nordot.app
3 sb.scorecardresearch.com 1 redirects storage.didna.io
3 tpc.googlesyndication.com d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
3 pr-bh.ybp.yahoo.com 2 redirects s.amazon-adsystem.com
3 image2.pubmatic.com s.amazon-adsystem.com
3 eb2.3lift.com 1 redirects s.amazon-adsystem.com
cookies.nextmillmedia.com
3 didna.b-cdn.net nordot.app
3 static.solutionshindsight.net storage.googleapis.com
static.solutionshindsight.net
3 c.amazon-adsystem.com storage.googleapis.com
c.amazon-adsystem.com
3 nordot-res.cloudinary.com nordot.app
3 yads.c.yimg.jp nordot.app
yads.c.yimg.jp
3 storage.googleapis.com nordot.app
static.solutionshindsight.net
2 lb.eu-1-id5-sync.com nordot.app
2 rtb.openx.net 2 redirects
2 ads.yieldmo.com 2 redirects
2 ids.ad.gt sync.colossusssp.com
2 pubmatic-match.dotomi.com 2 redirects
2 us-u.openx.net 1 redirects s.amazon-adsystem.com
2 thrtle.com 1 redirects s.amazon-adsystem.com
2 cm.adgrx.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 prebid.a-mo.net s.amazon-adsystem.com
cookies.nextmillmedia.com
2 pm.w55c.net 2 redirects
2 acdn.adnxs.com nordot.app
2 fid.agkn.com nordot.app
2 gum.criteo.com
2 csm.us.criteo.net ads.us.criteo.com
2 mb.moatads.com z.moatads.com
2 content.quantcount.com nordot.app
2 sync-tm.everesttech.net 2 redirects
2 e.dlx.addthis.com 2 redirects
2 i.liadm.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 b1sync.zemanta.com 2 redirects
2 um.simpli.fi 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
2 funes.solutionshindsight.net static.solutionshindsight.net
2 cdnjs.cloudflare.com nordot.app
ads.us.criteo.com
1 assets.a-mo.net prebid.a-mo.net
1 secure-assets.rubiconproject.com 1 redirects
1 csync.loopme.me 1 redirects
1 ssum.casalemedia.com 1 redirects
1 hde.tynt.com cookies.nextmillmedia.com
1 de.tynt.com 1 redirects
1 ssc-cms.33across.com 1 redirects
1 rtb.va.us.criteo.com d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
1 ex.ingage.tech sync.colossusssp.com
1 secure.adnxs.com 1 redirects
1 sync.cootlogix.com sync.colossusssp.com
1 openrtb.cootlogix.com sync.colossusssp.com
1 p.rfihub.com 1 redirects
1 image4.pubmatic.com s.amazon-adsystem.com
1 ups.analytics.yahoo.com 1 redirects
1 sync.bfmio.com s.amazon-adsystem.com
1 crb.kargo.com s.amazon-adsystem.com
1 media.revcontent.com nordot.app
1 ajs-assets.ftstatic.com servedby.flashtalking.com
1 rules.quantcount.com secure.quantserve.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 px.ads.linkedin.com s.amazon-adsystem.com
1 ssbsync.smartadserver.com nordot.app
1 bttrack.com nordot.app
1 simage4.pubmatic.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 bisrtb.cootlogix.com nordot.app
1 gtrack.kueezssp.com nordot.app
1 track.kueezssp.com nordot.app
1 st.pubmatic.com nordot.app
1 servedby.flashtalking.com nordot.app
1 cat.va.us.criteo.com ads.us.criteo.com
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 secure.quantserve.com storage.didna.io
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 exch.quantserve.com nordot.app
1 static.vidazoo.com nordot.app
1 z.moatads.com nordot.app
1 pixel.quantcount.com nordot.app
1 www.googletagservices.com d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
1 ads.us.criteo.com d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 storage.didna.io nordot.app
1 um4.eqads.com 1 redirects
1 s.company-target.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 x.dlx.addthis.com ssum-sec.casalemedia.com
1 stags.bluekai.com 1 redirects
1 p.alcmpn.com 1 redirects
1 he.lijit.com 1 redirects
1 t.adx.opera.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 trace.mediago.io 1 redirects
1 s.ad.smaato.net 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 cs.media.net 1 redirects
1 img.revcontent.com nordot.app
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 www.googletagmanager.com nordot.app
1 ajax.googleapis.com nordot.app
1 cdn.whizzco.com nordot.app
0 agen-assets.ftstatic.com Failed ajs-assets.ftstatic.com
0 ad.turn.com Failed cookies.nextmillmedia.com
0 dpm.demdex.net Failed sync.colossusssp.com
0 bh.contextweb.com Failed ads.pubmatic.com
0 s.yimg.jp Failed yads.c.yimg.jp
0 sync.intentiq.com Failed s.amazon-adsystem.com
nordot.app
0 api.rlcdn.com Failed nordot.app
0 mug.criteo.com Failed nordot.app
437 172

This site contains no links.

Subject Issuer Validity Valid
nordot.app
GTS CA 1D4
2023-12-31 -
2024-03-30
3 months crt.sh
storage.googleapis.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
revcontent.com
Amazon RSA 2048 M02
2023-05-18 -
2024-06-16
a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4
2023-11-30 -
2024-12-29
a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2
2023-12-14 -
2024-06-22
6 months crt.sh
whizzco.com
Cloudflare Inc ECC CA-3
2023-03-31 -
2024-03-30
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
log.nordot.jp
GTS CA 1D4
2024-01-24 -
2024-04-23
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
solutionshindsight.net
Amazon RSA 2048 M02
2023-11-21 -
2024-12-19
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA
2023-11-05 -
2024-11-11
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2023-10-23 -
2024-10-22
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2023-08-02 -
2024-08-13
a year crt.sh
*.kueezrtb.com
Sectigo RSA Domain Validation Secure Server CA
2023-08-17 -
2024-09-14
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.lijit.com
Amazon RSA 2048 M02
2023-03-12 -
2024-04-10
a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-23 -
2025-01-29
a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018
2023-10-03 -
2024-11-03
a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2023-05-10 -
2024-05-10
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
pbs.nextmillmedia.com
Amazon RSA 2048 M01
2023-06-13 -
2024-07-12
a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2
2023-09-08 -
2024-10-09
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-10-17 -
2024-04-10
6 months crt.sh
report2.hb.brainlyads.com
R3
2023-12-21 -
2024-03-20
3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2024-01-01 -
2024-12-21
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2024-01-22 -
2024-04-22
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-15 -
2024-03-10
3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-12-23 -
2024-03-22
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
cdn.prod.uidapi.com
R3
2024-01-24 -
2024-04-23
3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018
2024-01-09 -
2024-07-04
6 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
d.adroll.com
Amazon RSA 2048 M01
2023-10-09 -
2024-11-06
a year crt.sh
storage.didna.io
GTS CA 1D4
2024-01-24 -
2024-04-23
3 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA
2023-04-03 -
2024-04-02
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-01-10 -
2024-06-26
6 months crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-12 -
2024-04-12
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
quantserve.com
R3
2023-12-27 -
2024-03-26
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-10-25 -
2024-10-24
a year crt.sh
vidazoo.com
Cloudflare Inc ECC CA-3
2023-12-24 -
2024-12-22
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2023-12-11 -
2024-12-10
a year crt.sh
esp.rtbhouse.com
GTS CA 1D4
2024-01-05 -
2024-04-04
3 months crt.sh
*.id5-sync.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-25 -
2024-02-22
3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-14 -
2024-09-14
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-06-20 -
2024-07-20
a year crt.sh
kueezssp.com
E1
2023-12-10 -
2024-03-09
3 months crt.sh
*.cootlogix.com
Sectigo RSA Domain Validation Secure Server CA
2023-10-19 -
2024-11-17
a year crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-27 -
2024-03-22
3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02
2023-06-13 -
2024-07-11
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2023-04-04 -
2024-04-21
a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2024-01-13 -
2024-12-22
a year crt.sh
*.ftstatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-06 -
2024-03-08
a year crt.sh
lexicon.33across.com
GTS CA 1D4
2024-01-23 -
2024-04-22
3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03
2023-12-11 -
2025-01-08
a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02
2023-03-17 -
2024-04-14
a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA
2023-07-28 -
2024-08-11
a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2023-07-18 -
2024-06-28
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-05 -
2024-09-30
a year crt.sh
*.a-mo.net
R3
2024-01-06 -
2024-04-05
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.eu-1-id5-sync.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh

This page contains 46 frames:

Primary Page: https://nordot.app/1103463313237606400
Frame ID: B65AC466BD5455BDFA2CD7CBC8511D0B
Requests: 217 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&dcc=t
Frame ID: 9ACF8120483B5692BC76C2458CE8457C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 6B6876118F891667022D742475FC66C1
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: BE123A724C9DA79B407E89E6EA1BD510
Requests: 8 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: E1DF2CD29B746215F55228048DD9611E
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: E1D372944846EE70B92EE4DA87F03C50
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6363052396704366778&gdpr=0&gdpr_consent=
Frame ID: F59866769A55080C5170AB2A4DC71038
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAG3Hzt1bougAMgDVAgAAAAAAA&expiration=1706747526&is_secure=true
Frame ID: B5B09DC525185D4CCA5CCFDBE78FF560
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 5ECA01534530B51B1D9A60EBBCD346E7
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: B353895345C39C1F66FC2B2FE959394F
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=1778145512646273912&ex=appnexus.com
Frame ID: 04C0B773D61D420F546FA958C402758C
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: 881717E1C10CC65F265ED8BD1CCEE47E
Requests: 7 HTTP requests in this frame

Frame: https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EFE9A044408C07625E1E64D91CC90EC7
Requests: 1 HTTP requests in this frame

Frame: https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A8DA2C723372CF03E5EFBF5402F62DF6
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi2Fya75tcs6T9U3zAJvdzpSl187HI786_9lQjh47-TSzBaSrPWosKYIBcQAMUL-UsZCXsl4VhJ6boaq6ZCD-DvWL5KWR9wyevEBzQPjV2mFc4ga57w0tuNg5_JBmVMwgBt0_wt8k2DWWhYyDdQmMDj7459I2mYDmaX_CeTOVUxCm1-Cq8K-Pe-ZNLF-fxmocL_47v_KhpFwrgFqJm_MIfFWXNLgm4LRDY52fDH2caDp7LLI8AfZ0xR3F4oojp7OYzzMjf-XLWqbbE0LTGvfIiiwHS7LRoayJPI9JbY6Dzez1QPzRf3rl4cIGsPByGtp-L-XwZn9XTbBkalnsvxK-gxbBSJu1wCdpYGa0VwMHcyGSroHz6njeYzzOVeqsl&sai=AMfl-YRUBp2Q5BJRFyq_vnOm7cG2818c-GvlvLlwbfwOw7iZb6SEKHkqbpLZtW8GE9_UdiYBW74x2-HDtV5VpQQ2ze-80EAgsg4VmmsBFAVyWiLE4tmxq1-8SufpICWnySYDFI0ERFyOF_xRqQx5MaF6CXLY&sig=Cg0ArKJSzJc1wLnFzQtvEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: A6A4A545D066B45D91F7CA81CD381F6E
Requests: 18 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=71a9e0d7-1e15-4c6e-a41c-87a88265702b&expiration=1714523527
Frame ID: 446F66F3C991380CC9ECC62881DD2664
Requests: 1 HTTP requests in this frame

Frame: https://storage.didna.io/didna_trackers.html
Frame ID: 072AAB71D22B5D6837A0F3F0B40DE29F
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&redir=true&gdpr=0&gdpr_consent=
Frame ID: 9799D85A1FF7167BD87166F67F9569FD
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID95DDCB8B-5B7B-462F-9F6F-623830FFB7BB
Frame ID: 8C554F1E0B848B54E5886ED669870F15
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Frame ID: 954CAE4FE7D413329F8D98B4F7D475B7
Requests: 25 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F44C2A2F65EFF5479A81CCFADBEE54D9
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=162110&siteId=973260&adId=4557769&imprId=98F88AD0-CC0E-4420-87CB-230219B79AFB&cksum=1838345C6AC02D96&adType=10&adServerId=243&kefact=0.215000&kaxefact=0.215000&kadNetFrequecy=0&kadwidth=300&kadheight=600&kadsizeid=26&kltstamp=1706661125&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.215000&dcId=2&tldId=0&passback=0&svr=BIDNYC30560&adsver=_1010669755&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=BZW5ZTqTBACkkp2u6PBwGe5RQUyY4cQ4AjEI-DrSRUG15IDq&ekaxefact=BZW5ZUyTBABo5hm6nNwlPV_4a6Ep_C4IV0kWeaiDDheflvjs&ekpbmtpfact=BZW5ZVuTBACq-Kli6fvMyH47SkXgf2O90X30YXQ5EjScfa5Q&enpp=BZW5ZWaTBAD0mxJz7Gx1wX1OXZJfZktF_P7xV85a-Gjq9p5D&pfi=1&domId=6233279978275228202&dc=NYC3&pubBuyId=48503&crID=4847247c-5cac-4637-9489-c5b8bc08c882&lpu=adobe.com&ucrid=3375697961946929607&wAdType=10&campaignId=19420&creativeId=0&pctr=0.000000&wDSPByrId=77&wDspId=153&wbId=0&wrId=0&wAdvID=1823&wDspCampId=29c19cfe-5b25-479b-ad1b-0d549031b1e9&isRTB=1&rtbId=B483EB70-8CFA-427C-8E76-4FEA491DDF6BB&burl=https%3A%2F%2Fus-east-pubmatic-rtb.quantserve.com%3A8443%2Fpubmatic_openrtb_notify%3FauctionId%3DB483EB70-8CFA-427C-8E76-4FEA491DDF6BB%26winPrice%3D0.215000%26rtbdata2%3DEAM6Emh0dHBzOi8vbm9yZG90LmFwcFokRk5JYktoM1dHVllfcGdCWElNUWJDeEwySXdNMDN3bjVsVms9gAHFsLqCAboBAMAB2I8NyAGjubjn1THaASVCNDgzRUI3MC04Q0ZBLTQyN0MtOEU3Ni00RkVBNDkxRERGNkJCsAIOyAIA0ALO4Yb7-J_3zKkB6AIX8gIOCMPJLhDUv73nr-mZ0HTyAgwIFxDYpoWk75vO0yj4AgCKAwYxNjIxMTCYAwCoAwCyAwSmAM0EugMSCZtHJVv-nMEpEemxMZBUDRutwgMSCTdGrFx8JEdIEYLICLy4xYmUyAPAgMAT2APHnQPiAw9wLTFSWXhlUFhUOWJDUzLqAwYIrAIQ2ATyAwloM2glMjAwYTH4AwCABLACigQCNzeaBBIJgk_186Hbn6YRTgLU6Qp__riiBBIJm0clW_6cwSkR6bExkFQNG62qBBIJm0clW_6cwSkR6bExkFQNG624BNAF0AQT8gQCQ0GABQGKBSoyMGRlYmU3NGU4ZmJhOTFlOWIzOWRmNjliMjM3NjcxNmFhMjAyY2JkMGKQBQGaBRUg3r506PupHps532myN2cWqiAsvQuiBSRGTkliS2gzV0dWWV9wZ0JYSU1RYkN4TDJJd00wM3duNWxWaz24BQDABajHqM8EyAWpmagE0gUGCAIQBBgD6AUFmgYUChIJgk_186Hbn6YRTgLU6Qp__rigBgCoBv3omL0DtQZyQMg3ugY-CgJDQRICUUMYrswHIghtb250cmVhbCoJaDNoJTIwMGExOhthY2UlMjBkYXRhJTIwY2VudGVycyUyMGluYy7JBuUQNqO0CI0B%26notificationType%3Dbilling%26labels%3D_qc.notification&pmr_m=BZW5ZXuTBAA_maoMI66d68e6Vb84Dr_y_uw9bXmE4WO2PvPZ&mdsp=BZW5ZY-TBAB8-tyjBRsvhIvmqKJHCho8bQyTaZmj-79ruiXY&ver=18&dateHr=2024013100&usrgen=0&usryob=0&layeringebl=1&oid=98F88AD0-CC0E-4420-87CB-230219B79AFB&country=CA&cntryId=232&sec=1&pAuSt=2&wops=0&sURL=nordot.app&BrID=5&oiabdvt=2
Frame ID: 8A0A09EB9DB4F8B1EE8F866AB5472725
Requests: 1 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/sync?type=iframe
Frame ID: A619C9154E341D4023D6685D1A8CAB6A
Requests: 1 HTTP requests in this frame

Frame: https://sync.kueezrtb.com/api/sync/iframe/?cid=65686dbe623fb8a7bb1324d7&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 422C9360CD267A0F7BDF68E4F4368DFB
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1706661125298
Frame ID: C509492CDC662B238D762AD239F199C1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2493B173C2A24CC758A04DC1BD739D82
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3F2F98107D25628D64B6FD6D38BE77C6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Frame ID: 53D218150E9D1B898A61999778D68145
Requests: 1 HTTP requests in this frame

Frame: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Frame ID: CDCB5C5D4B6C33C6956D6FBEEB58D6B5
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1E89765BC7E59FCC2438ED09DA3E5F59
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1778145512646273912&gdpr=0&gdpr_consent=
Frame ID: 7E556A7E1FD25E63E36F6C6636020DDB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=30f64be4-bfd0-11ee-9a1b-b4c1927a841e
Frame ID: 321B7FF3FC933AB7024F64E26B83F436
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?ev=AAAkHU7LcyoAABNITdS3Zw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Frame ID: B79412E16E269846394A3E24BAB2156D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID95DDCB8B-5B7B-462F-9F6F-623830FFB7BB
Frame ID: 9C5EC8EADD9E470560C1A90E61CE47BA
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Frame ID: 1D3660D2BB59DF43B6E17DADA83FDBAD
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 19A39E6ADBC08433DE086F8A772F9A82
Requests: 2 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=1778145512646273912
Frame ID: 6CB1B83AD390A8B7AF6F7A615ED22F4E
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=372da745-c861-4be4-a663-bb7abb9adcef
Frame ID: 40306B40BEB2E173DF172575D45C941B
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZbmVBm36UL0X6IZT6stR7gAA&128
Frame ID: AF1B3794F9B4EA30AD68ED982A2029A1
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=f7c22092-3c9d-49d6-ba8f-84519bc86b4e
Frame ID: 58D8CBB531C807966F903435F1A3BC47
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=51675f62-2557-4c27-b981-00abd48e6778
Frame ID: 813548D5729585963ED75C2A776F3749
Requests: 1 HTTP requests in this frame

Frame: https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent=
Frame ID: 850A041C32CA614CDFB4C8D2FA7CDD83
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Frame ID: 51067FC7E6C05C3237AE74F6FFB17D3F
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 9C7F39DBCFEE6D4569F35249AF3AD686
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 7126E3D613CF839F1F60175AF8D34244
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEDQE33vvQ33WAhuquvk
Frame ID: 331AE22F5382FE0C210AFACBDA579FBA
Requests: 1 HTTP requests in this frame

Screenshot


Page Statistics

437
Requests

79 %
HTTPS

28 %
IPv6

101
Domains

172
Subdomains

115
IPs

7
Countries

2536 kB
Transfer

9245 kB
Size


Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&dcc=t
Request Chain 141
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=372da745-c861-4be4-a663-bb7abb9adcef
Request Chain 142
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3496627267034062000V10
Request Chain 143
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 144
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6363052396704366778&gdpr=0&gdpr_consent=
Request Chain 145
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=600da78820971061&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAG3Hzt1bougAMgDVAgAAAAAAA&expiration=1706747526&is_secure=true
Request Chain 148
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1778145512646273912&ex=appnexus.com
Request Chain 149
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=528b34b247
Request Chain 150
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=4808BD40DFB24AD6A1A70718FDAC250C&ex=simpli.fi&status=ok
Request Chain 151
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7ef59a80bf2i3d5l00ls11yx42
Request Chain 152
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Request Chain 153
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=maSNT5jO_wbnahJibKqO
Request Chain 206
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=a61c90ad-cbd5-4bfa-9795-b880d4064069
Request Chain 207
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LS11YW6R-I-KBWL&gdpr=0
Request Chain 208
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Da01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Da01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Da01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Da01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=a01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341&gdpr=0&gdpr_consent=
Request Chain 209
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=eWKhpx5YUWtHALyFbQLb_aYAzQQ&user_group=1&ssp=fmx&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=372da745-c861-4be4-a663-bb7abb9adcef&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 210
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPU12bebc23088841f6b269540b34cd8891&gdpr=0&gdpr_consent=&pid=103
Request Chain 211
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZbmVBm36UL0X6IZT6stR7gAA%26128&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZbmVBm36UL0X6IZT6stR7gAA%26128&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=22ba3029c32640e2a3d0e3f8bfddeda8 HTTP 303
  • https://he.lijit.com/merge?pid=8105&event_type=email&lc_md5=d97bfa67f3afde5715a99eb68199bd38&lc_sha1=&lc_sha256=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&gpdr= HTTP 302
  • https://p.alcmpn.com/em/173/110/2360.gif?gid=d97bfa67f3afde5715a99eb68199bd38 HTTP 302
  • https://e.dlx.addthis.com/e/a-1564/s-5719?ret=img&na_em=d97bfa67f3afde5715a99eb68199bd38 HTTP 302
  • https://e.dlx.addthis.com/e/a-1564/s-5719?ret=img&na_em=d97bfa67f3afde5715a99eb68199bd38&rd=Y HTTP 302
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2024013100321800022974049544&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
Request Chain 213
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZbmVBm36UL0X6IZT6stR7gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELAQrJIUiEKjR27zkLETPZ4&google_cver=1
Request Chain 214
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5c046258-80c8-451b-abf9-ade2d747e398&expiration=1709253127&gdpr=0&gdpr_consent=
Request Chain 216
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1722385927&external_user_id=e8017cc8-2d37-4afb-b2ec-519c52c95035
Request Chain 217
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZbmVBwABTShj4gA9 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbmVBwABTShj4gA9&_test=ZbmVBwABTShj4gA9
Request Chain 223
  • https://um4.eqads.com/um/cs HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=71a9e0d7-1e15-4c6e-a41c-87a88265702b&expiration=1714523527
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ld3Li1t7Ri-fb2I4MP-3uw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 229
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5c046258-80c8-451b-abf9-ade2d747e398&ttd_puid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c%2C%2C
Request Chain 231
  • https://eb2.3lift.com/xuid?mid=7976&xuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTVERENCOEItNUI3Qi00NjJGLTlGNkYtNjIzODMwRkZCN0JC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENkrwyxkzCPE2WtR5DUsJ_A&google_cver=1
Request Chain 234
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4808BD40DFB24AD6A1A70718FDAC250C
Request Chain 235
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5c046258-80c8-451b-abf9-ade2d747e398&gdpr=0&gdpr_consent=
Request Chain 290
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LS11YW6R-I-KBWL HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LS11YW6R-I-KBWL&ex=d-rubiconproject.com&status=ok
Request Chain 296
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0&b=1&g=oxfV3EvO8zIZ85Ww5JlbjgF250zhSWAy%2FX4yEH5epbs%3D
Request Chain 297
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1&pbt=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=_xuLP3xqZUZEa0F1UTJQUEp3SnNPUkZ0SXAycjFnV0FPdUFIellzQlJGN2lzNFZkL0czUUI1aFpkQzVqTll2V2Y3YzlzU0RDTTRhWEZXUUxMRHZQZHBkdkluZHZzV3BSK2ZXblB1MVpMSmxSNGFYbDJVaWhYZlJHTDVaTy80RFhwQ3pWYXNrZys4S2hiaklMUVYraDExZzBJS2ZvLzJnMkRINkdWeDE2djhHeUlad1lkUEJKT3hsZ3RxYVAza1VQYm9JMVovbnFqdmN2STZ0T09LWSsrcFpoTVZ4bmw1VURJa2lpUGc3UCszb2VvazNJPXw&cppv=2
Request Chain 308
  • https://pm.w55c.net/ping_match.gif?st=ShareThrough&rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DYnUBs5Yz9Zqjy9VCcoCxquFP%26source_user_id%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=ShareThrough&rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DYnUBs5Yz9Zqjy9VCcoCxquFP%26source_user_id%3D_wfivefivec_ HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=YnUBs5Yz9Zqjy9VCcoCxquFP&source_user_id=VX5hLpFy1RuYwz5
Request Chain 310
  • https://pr-bh.ybp.yahoo.com/sync/sharethrough/67da6740-6fc0-4f1f-83ef-744aa7382da1?gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-BvJWzJ5E2oPEs77gZ7myT_IcfJz4VEGEGaCek_DT0NnL~A
Request Chain 311
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5c046258-80c8-451b-abf9-ade2d747e398&gdpr=0&gdpr_consent=
Request Chain 315
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0&b=1&g=tur0ldvlKNQe8AmghpEmJYj5BFyQLtcFRJG00%2FsMXQg%3D
Request Chain 316
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=3r77S3xnVjM1VUd6Zk1QekxUL3VUVXJSZkRTelRqSTVmbWtBSEVxMW4vR2JFSDdTUXoweWlBVXczUXd2SUlTL3JQczFiSnFaQitXV3llS1g1S3VrNE04VXZpYlRNblV0R0F3MlBOUWV5WUVXYU41Q3p2d05JeE9iaklnbUNBc2NSV3EwTi8rYThxdzZ0UUM1M3RRR2NBZGRHZHVvSUxhemtCMjcySFRCbmd0dXNOQVA1N1hFU2VvOTgwcXNqM3NJdW1xSEdhUjlzNW1lcUFmczBUQlR4Q01CVVB6NklMdjlaZjJoMCtPdlF0SGJmVlo4PXw&cppv=2
Request Chain 321
  • https://sb.scorecardresearch.com/b?c1=2&c2=27875916&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706661138128&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c9=https%3A%2F%2Fnordot.app%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=27875916&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706661138128&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c9=https%3A%2F%2Fnordot.app%2F
Request Chain 322
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LS11YW6R-I-KBWL&ex=d-rubiconproject.com&status=ok
Request Chain 323
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/BM5wPvGIu_n-cNhFcLJ-fg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-andANupE2oKFvrMcltndPbXtcfK6dST9ye7Kgw--~A
Request Chain 324
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFMxMVlXNlItSS1LQldM HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAgfo2s17ohbeZdnMAM8qe0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxMVlXNlItSS1LQldM&google_push=
Request Chain 325
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjIxZGI1NzgzZGUwYTUwZDdkYTA1NzM5YTljYTgzMDlhMjFjZmEzOA
Request Chain 326
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aUcDUudUQEi7_LtMkTrSZA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aUcDUudUQEi7_LtMkTrSZA
Request Chain 327
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5c046258-80c8-451b-abf9-ade2d747e398&gdpr=0&gdpr_consent=&expires=30
Request Chain 328
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS11YW6R-I-KBWL
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKwqvdQjDKgFZZDMjipwCvM&google_cver=1
Request Chain 331
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAkHU7LcyoAABNITdS3Zw&expires=30
Request Chain 332
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS11YW6R-I-KBWL
Request Chain 333
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LS11YW6R-I-KBWL
Request Chain 334
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LS11YW6R-I-KBWL HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS11YW6R-I-KBWL
Request Chain 335
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LS11YW6R-I-KBWL
Request Chain 336
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LS11YW6R-I-KBWL
Request Chain 337
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1dcade3b-5e1b-4c73-813a-05195c5ced9b&expires=30
Request Chain 351
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=b70e2ece-5ded-4ab3-8f5c-b1ec87759b2d&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=a61c90ad-cbd5-4bfa-9795-b880d4064069&callback=dspCMCallback
Request Chain 352
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=b70e2ece-5ded-4ab3-8f5c-b1ec87759b2d&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=a61c90ad-cbd5-4bfa-9795-b880d4064069
Request Chain 353
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=b2658cbe-8130-40af-adec-9f7bb2ff9eb2&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=a61c90ad-cbd5-4bfa-9795-b880d4064069&callback=dspCMCallback
Request Chain 354
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=b2658cbe-8130-40af-adec-9f7bb2ff9eb2&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=a61c90ad-cbd5-4bfa-9795-b880d4064069
Request Chain 356
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=0c44d82f-de6e-40fe-b0f8-e27a20ac0064&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=a61c90ad-cbd5-4bfa-9795-b880d4064069&callback=dspCMCallback
Request Chain 357
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=0c44d82f-de6e-40fe-b0f8-e27a20ac0064&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=a61c90ad-cbd5-4bfa-9795-b880d4064069
Request Chain 374
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1778145512646273912&gdpr=0&gdpr_consent=
Request Chain 375
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=30f64be4-bfd0-11ee-9a1b-b4c1927a841e
Request Chain 376
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDRmlrN0xjeW9BQUJLQndDZ0RiZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAAkHU7LcyoAABNITdS3Zw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Request Chain 378
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&vxii_pid=12&vxii_pid1=10067&vxii_rcid=e9364df6-8eeb-408d-828c-b607c27db957
Request Chain 379
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent=
Request Chain 382
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-T_.zeBFE2uUzEvOx8JDI2gCIzGqGwa4-~A&gdpr=0
Request Chain 383
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=08cc50de-5e36-41d4-b8f5-0613a9ff2437&gdpr=0&gdpr_consent=
Request Chain 384
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7b429ce38f1010f1&is_secure=true&networkId=17100&version=1&nuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHE44YzzYAWgMoFvd1AAAAAAA&expiration=1706747538&nuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 385
  • https://x.bidswitch.net/sync?ssp=huddledmss HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=huddledmss&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969188724782861526&expires=30&ssp=huddledmss HTTP 302
  • https://sync.colossusssp.com/bidswitch.gif?puid=372da745-c861-4be4-a663-bb7abb9adcef HTTP 302
  • https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=ded2b91a-6c74-45aa-88ce-42124394b735
Request Chain 386
  • https://ib.adnxs.com/getuid?https://sync.colossusssp.com/ap.gif?puid=$UID HTTP 302
  • https://sync.colossusssp.com/ap.gif?puid=1778145512646273912 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Request Chain 387
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=9um7azn&ttd_tpi=1 HTTP 302
  • https://sync.colossusssp.com/td.gif?puid=5c046258-80c8-451b-abf9-ade2d747e398&ttl=1709253138 HTTP 302
  • https://x.bidswitch.net/sync?ssp=huddledmss HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=huddledmss&ssp_user_id=372da745-c861-4be4-a663-bb7abb9adcef&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-kGZ1i39E2pkmEL0lL1OCWlsuuyKdUcNWXsVpFA--~A&expires=5&ssp=huddledmss HTTP 302
  • https://sync.colossusssp.com/bidswitch.gif?puid=372da745-c861-4be4-a663-bb7abb9adcef HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3427&partner_device_id=ded2b91a-6c74-45aa-88ce-42124394b735 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D45d5601e-104d-4fb7-8e4a-33e12fcbe49c%252C%252C HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D45d5601e-104d-4fb7-8e4a-33e12fcbe49c%252C%252C
Request Chain 389
  • https://id.rlcdn.com/712075.gif?ct=2&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CIu7KxoNCJOq5q0GEgUI6AcQAEIASgA HTTP 307
  • https://sync.colossusssp.com/4560195433dd0d468e9a635d097ffb01.gif?puid= HTTP 302
  • https://t.adx.opera.com/pub/sync?pubid=pub9891457922432 HTTP 302
  • https://sync.colossusssp.com/7fe59af1e9f84455a7de453521d1626d.gif?puid=OPU12bebc23088841f6b269540b34cd8891 HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=ded2b91a-6c74-45aa-88ce-42124394b735
Request Chain 390
  • https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]&us_privacy=[CCPA]&redirectUri=https%3A%2F%2Fsync.colossusssp.com%2F021909c6bcf2644c2583393eed86ca15.gif%3Fpuid%3D%24UID%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D HTTP 302
  • https://sync.colossusssp.com/021909c6bcf2644c2583393eed86ca15.gif?puid=VEDQE33vvQ3Tzz_sAU31&gdpr_consent=&gdpr=[GDPR]&us_privacy=[CCPA] HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Request Chain 393
  • https://match.prod.bidr.io/cookie-sync/col HTTP 303
  • https://match.prod.bidr.io/cookie-sync/col?_bee_ppp=1 HTTP 303
  • https://sync.colossusssp.com/500e7b56c46df78315584d09f505b8d4.gif?puid=AAAkHU7LcyoAABNITdS3Zw HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Request Chain 394
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3427&partner_device_id=ded2b91a-6c74-45aa-88ce-42124394b735 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D45d5601e-104d-4fb7-8e4a-33e12fcbe49c%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1778145512646273912&pt=45d5601e-104d-4fb7-8e4a-33e12fcbe49c%2C%2C
Request Chain 395
  • https://t.adx.opera.com/pub/sync?pubid=pub9891457922432 HTTP 302
  • https://sync.colossusssp.com/7fe59af1e9f84455a7de453521d1626d.gif?puid=OPU12bebc23088841f6b269540b34cd8891 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3427&partner_device_id=ded2b91a-6c74-45aa-88ce-42124394b735 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D45d5601e-104d-4fb7-8e4a-33e12fcbe49c%252C%252C HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D45d5601e-104d-4fb7-8e4a-33e12fcbe49c%252C%252C
Request Chain 399
  • https://match.sharethrough.com/universal/v1?supply_id=SzhEXqCN&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sharthrough&userId=5a4f23de-92f6-4fda-ae85-449f6b6d3e0f&gdpr=0
Request Chain 404
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Request Chain 406
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=1778145512646273912 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=1778145512646273912
Request Chain 407
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=372da745-c861-4be4-a663-bb7abb9adcef HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=372da745-c861-4be4-a663-bb7abb9adcef
Request Chain 408
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D HTTP 302
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ZbmVBm36UL0X6IZT6stR7gAA%26128 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZbmVBm36UL0X6IZT6stR7gAA&128
Request Chain 409
  • https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D HTTP 307
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=f7c22092-3c9d-49d6-ba8f-84519bc86b4e&gdpr_consent=null&gdpr=null HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=f7c22092-3c9d-49d6-ba8f-84519bc86b4e
Request Chain 410
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=51675f62-2557-4c27-b981-00abd48e6778 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=51675f62-2557-4c27-b981-00abd48e6778
Request Chain 411
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent=
Request Chain 412
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Request Chain 415
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=yieldmo&nmuid=&uid=VEDQE33vvQ33WAhuquvk&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEDQE33vvQ33WAhuquvk
Request Chain 424
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-grid1%26userId%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D?gdpr=0&gdpr_consent=&us_privacy=&uid=${BSW_UUID}&cookie_age=${COOKIE_AGE} HTTP 302
  • https://sync.kueezrtb.com/api/cookie?partnerId=kueez-grid1&userId=372da745-c861-4be4-a663-bb7abb9adcef&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 432
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-sovrn%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26userId%3D%24UID HTTP 307
  • https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sovrn&gdpr=0&gdpr_consent=&us_privacy=&userId=IFKAABZHuM1z_0ZqTyi3aUH_

437 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 1103463313237606400
nordot.app/
36 KB
11 KB
Document
General
Full URL
https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
84825ad2be9c8f4b0988504b86e19c48206bc14fb9319a5a652b4b843bbf6507

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
11380
content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 00:32:02 GMT
server
Google Frontend
vary
Accept-Encoding User-Agent
x-cloud-trace-context
30351f4cc451fe1ed97924996b3d5ece
didna_config.js
storage.googleapis.com/didna_hb/nordot/nordot/
27 KB
28 KB
Script
General
Full URL
https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::cf Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
13e921baff7dcf1c6112841437b95602bf4f445bf38054129a407003818a111d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:02 GMT
x-guploader-uploadid
ABPtcPoWmB-voQ8e8FNuAo_a4ECutQFosiEg4Cvo78H0Hs6EW8mf8Umexfhw9-tn-9JCQkT1ffM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27948
last-modified
Tue, 16 Jan 2024 18:09:30 GMT
server
UploadServer
etag
"485b1e468e15188b9c6288ff602a9880"
x-goog-generation
1705428570008936
content-type
text/javascript
x-goog-hash
crc32c=cdHyrw==, md5=SFseRo4VGIucYoj/YCqYgA==
cache-control
no-store
x-goog-stored-content-length
27948
accept-ranges
bytes
expires
Thu, 30 Jan 2025 00:32:02 GMT
posts_detail.css
nordot.app/images/newsnor/kiji/css/pc/
32 KB
8 KB
Stylesheet
General
Full URL
https://nordot.app/images/newsnor/kiji/css/pc/posts_detail.css?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
98590349443ab5e895ccb7518448a454c451174f94670dcbaeb780ee88a24af0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:03:00 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
age
127742
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-cloud-trace-context
252dd8399ff652eb7ee64a9649e56cbb
cache-control
public, max-age=31536000
content-length
8457
delivery.js
assets.revcontent.com/master/
157 KB
46 KB
Script
General
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-44.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d50e7cf0a20f44a45242aee3a67629cfc278e0575fcd2edf1fca03a686433f6f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 11:12:49 GMT
content-encoding
br
via
1.1 96bbdd3a7f25156daf49a9ffc457edcc.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jan 2024 20:18:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
age
47954
x-amz-server-side-encryption
AES256
etag
W/"b664356b632a881610b1fe6815fcdf14"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
x72QaxisczbicvlNm2K282EUED84qYYtWd-g7ZqD_yJMTC8j4VpH-Q==
yads-async.js
yads.c.yimg.jp/js/
134 KB
40 KB
Script
General
Full URL
https://yads.c.yimg.jp/js/yads-async.js
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.249.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash
1fed7da86f9d9735ea1018a3ac1be1e3e6fc105b7c7dc2c809626d34b4ee85c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:31:43 GMT
content-encoding
gzip
last-modified
Tue, 30 Jan 2024 06:06:35 GMT
server
DragonStorage
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
106823fe-94e0-4e29-bcd3-540887ef2243
age
21
etag
"1f2eaa48b9ed0349c6569c054d9e518a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600, stale-while-revalidate=1200
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
40463
header_1.png
nordot-res.cloudinary.com/f_auto,q_auto:eco/ch/units/641577452118279265/
4 KB
4 KB
Image
General
Full URL
https://nordot-res.cloudinary.com/f_auto,q_auto:eco/ch/units/641577452118279265/header_1.png
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
4761af700d2a30254d4709b617ba843907373af7d0fdcd7dc9069d067d4d87c8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:02 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="header_1.webp"
server-timing
cld-fastly;dur=4;cpu=2;start=2024-01-31T00:32:02.712Z;desc=hit,rtt;dur=36
content-length
3880
last-modified
Mon, 06 Jul 2020 20:18:50 GMT
server
Cloudinary
etag
"4f510c48beb9df51dcfff8e4f6b21dcf"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
origin_1.jpg
nordot-res.cloudinary.com/c_limit,w_800,f_auto,q_auto:eco/ch/images/1103463292326642033/
13 KB
13 KB
Image
General
Full URL
https://nordot-res.cloudinary.com/c_limit,w_800,f_auto,q_auto:eco/ch/images/1103463292326642033/origin_1.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
5f6bb5d053b27ed6289fc56a621ab7879e1a0f30805246532a5dee5f1d859903
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:02 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="origin_1.webp"
server-timing
cld-fastly;dur=132;cpu=2;start=2024-01-31T00:32:02.712Z;desc=miss,rtt;dur=36,content-info;desc="width=650,height=650,bytes=12962,owidth=650,oheight=650,obytes=28072",cloudinary;dur=66;start=2024-01-31T00:32:02.748Z
content-length
12962
last-modified
Sat, 02 Dec 2023 02:13:14 GMT
server
Cloudinary
etag
"248fd21b4e2b9a735cc44984f040a926"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
profile_3.png
nordot-res.cloudinary.com/c_limit,w_300,h_300,f_auto,q_auto:eco/ch/units/641577452118279265/
5 KB
5 KB
Image
General
Full URL
https://nordot-res.cloudinary.com/c_limit,w_300,h_300,f_auto,q_auto:eco/ch/units/641577452118279265/profile_3.png
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
1781b696d0260b6fbaa8cee4557699ee6c23b51718c099b9949e36734ef98a1d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:02 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="profile_3.webp"
server-timing
cld-fastly;dur=3;cpu=2;start=2024-01-31T00:32:02.712Z;desc=hit,rtt;dur=36,content-info;desc="width=300,height=300"
content-length
5182
last-modified
Tue, 08 Jun 2021 01:37:01 GMT
server
Cloudinary
etag
"56e77024b3439077a23b10f27faf0131"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
widget_v3.js
cdn.whizzco.com/scripts/widget/
7 KB
3 KB
Script
General
Full URL
https://cdn.whizzco.com/scripts/widget/widget_v3.js
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d8562efd8364015edd8080e72d8bd98f0a92019058f15df14e03f9951e01876

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:02 GMT
via
1.1 70fd8dd903406754b301439f9111e256.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
YTO50-P2
age
3651
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 05 Mar 2023 13:26:38 GMT
server
cloudflare
etag
W/"af75195749ffac29c536aae88fdbda39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVbgRvRpSmkPIOQVE1%2Fb8NBwWx5E4JvNxQee9V4kl0h6tygD0wqpisJWSH545f2%2FCSpuS%2B0OQYIOjqL6kcqULk8LhtDfxLxOKvCO69Kp5%2BFXfjkOHfVP3EooTt6wCpKd%2FZXOf%2FJu%2FjnKLcOZ2ok%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84dddaf1196fa24d-YYZ
x-amz-cf-id
sJx-AqECvYCi1US7Luq9lzqbccDQmQuC_PQe3t2WTANJMswsCruRLQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 11:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Jan 2025 11:15:27 GMT
common.js
nordot.app/images/newsnor/kiji/js/pc/
2 KB
879 B
Script
General
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/common.js?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ceb5f5e6bcb91fcc4c03c82b96002bea3a2627413e785c6de5db6e2b78a4a124

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:12:46 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
age
1156
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
da2495d0213d19d31082644f1a94d045
cache-control
public, max-age=31536000
content-length
761
js
www.googletagmanager.com/gtag/
281 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BZMFTYNFDJ
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
105259ff2025b1c9da4a0dcc63b0dfa87aab72cc030d1437d3eba86fcad0712f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94793
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jan 2024 00:32:02 GMT
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/
16 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5486319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5303
last-modified
Mon, 04 May 2020 16:17:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04015-4041"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geGH%2FTgGC6UFjvs5en9d8DxlXn6zbAVMM2ugvgyXmS2WhOjdX7Flb7PAfPx%2BnZewJoW%2Fbeaxj3dsE10AIwwBJJNtpvAEXoDDPwPo3QVDe0A37YEloT0EGaEHG3UqaQz%2BTrYmKgdPX62HYNtpIoHHolzp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84dddaf1081d3972-YYZ
expires
Mon, 20 Jan 2025 00:32:02 GMT
curatedBy.js
nordot.app/images/newsnor/kiji/js/pc/
6 KB
2 KB
Script
General
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/curatedBy.js?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8f06440dab8c5d5eb0c68fe3d53655ac8c99a1803009faa70ff02c29b1ced7c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:20:51 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
age
15071
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
38c302b0b2d29d290391c8c106255dc1
cache-control
public, max-age=31536000
content-length
1775
ready.js
nordot.app/images/newsnor/kiji/js/pc/
2 KB
726 B
Script
General
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/ready.js?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4edab288d02a2436bd81bec6eb85bcf2bb52db55521173e01c28d334f4eabeac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 09:07:16 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
age
55486
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
8ef5dcface78b975e9f4bb14eb31be65
cache-control
public, max-age=31536000
content-length
630
plugin.js
nordot.app/images/newsnor/kiji/js/pc/
11 KB
4 KB
Script
General
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/plugin.js?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e7f8eed8f325395fb25c9643d823541a817d69d6238a51d88e3a3306d6ce333e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 22:01:56 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
age
9006
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
37ce15a94ed7221eb6e11d80c1707b42
cache-control
public, max-age=31536000
content-length
3565
beacon-1.1.0.js
log.nordot.jp/js/
25 KB
11 KB
Script
General
Full URL
https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
dcc45c991696d726863fbd33b7c423cb24056d250b818b2fa735dc193718dbb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:02 GMT
content-encoding
gzip
server
Google Frontend
etag
"FceFEQ"
content-type
application/javascript
x-cloud-trace-context
c7b22b938563ab0b7a1b24332ce7a9f4
cache-control
public, max-age=1
expires
Wed, 31 Jan 2024 00:32:03 GMT
ads.js
nordot.app/images/newsnor/kiji/js/pc/
65 B
183 B
Script
General
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/ads.js?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4c9afca1f1a89595b15d84e7b3eb6e249494d42a57532950e2c89318a04d2fc5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 22:37:35 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
age
6867
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
907d3167900e1cebb72e981d1f884c16
cache-control
public, max-age=31536000
content-length
89
adSticky.js
nordot.app/images/newsnor/kiji/js/pc/
741 B
490 B
Script
General
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/adSticky.js?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
1f9e494521255366cfcbbddbc0c58d2d692616f197754a799bf4c9d84fa997dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:15:25 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
age
997
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
14928e5b6a374016ebe2bdc17d051494
cache-control
public, max-age=31536000
content-length
395
rtads
api.whizzco.com/demand/v1/ Frame
0
0
Preflight
General
Full URL
https://api.whizzco.com/demand/v1/rtads
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84dddaf50fe554c1-YYZ
content-length
0
date
Wed, 31 Jan 2024 00:32:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky9uOGB4ULFl6SRkSOh8yRRXFaQ%2BD70vGC%2ByR5RV3P7a8M46WiglKTycuHwL%2FMIwjL%2BGBPh6U1ZM%2FoFtcZqzjYBLrLtU06ggvN4vUdI9qORV%2BZDSWcKVsy%2FNV6bNV%2F82uMWK4X6daSOBjWdGCFA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
rtads
api.whizzco.com/demand/v1/
384 B
616 B
XHR
General
Full URL
https://api.whizzco.com/demand/v1/rtads
Requested by
Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76af30d47c586aeb92671ba9754181815bd0a090665ed2592e07e1e3454b1bd2

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Wed, 31 Jan 2024 00:32:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWI4fn30Sv1%2B857zGfQXbizZeKpRsIaFlKTO1I11igFdS35q%2FnMLnafXN5uO6RRctFQmDa1KnPIfR%2BwT4aBq5eKXy7zUPp2CdesLmvTMKKw5vIwmsvYhBkV3wASpdzddOFDjISNe3dKFxBrMjBA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
cf-ray
84dddaf8cde9a24d-YYZ
alt-svc
h3=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/
99 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3d0a880333239e0e6ab17ec1f7822223994e6be3bf307087315513821ed4e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29999
x-xss-protection
0
server
cafe
etag
674 / 19753 / m202401250101 / config-hash: 8161858144323825894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:32:03 GMT
apstag.js
c.amazon-adsystem.com/aax2/
283 KB
70 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.163.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-163-100.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:30:04 GMT
content-encoding
gzip
via
1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront), 1.1 65742b7123c3e2092c47edac9577810a.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 20:58:08 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, BOS50-P3
age
120
x-amz-server-side-encryption
AES256
etag
W/"40d0d68b26a97aab8ab324d2c4d4ad42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
0fqbW0WCr05DyNJjEBwwHnZ2aUGQA1xT8ICVgL-tI7CULO6RNW3i8Q==
hindsight-webclient.min.js
static.solutionshindsight.net/teju-webclient/
100 KB
30 KB
Script
General
Full URL
https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-66.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8011f8702c24591e152399f1ab4ad3b11bb4f080dbd09c252caa565468065e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:04 GMT
content-encoding
gzip
via
1.1 5632fe5930775cf7bdf993a5c3c6fa2e.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 21:23:58 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
etag
"e948714383ee3a6ce71fba0a9cce1448"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
30732
x-amz-cf-id
aAmvkWvSxegw9gCXXLq_4xRxB62mBlVQLwq7JvwGLSKqDzdzHI0jyw==
b52bc26d-ef28-4d5c-aa2b-8922c19ed635
https://nordot.app/
594 B
0
Other
General
Full URL
blob:https://nordot.app/b52bc26d-ef28-4d5c-aa2b-8922c19ed635
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
594
Content-Type
text/javascript
pageview
log.nordot.jp/
0
313 B
Ping
General
Full URL
https://log.nordot.jp/pageview
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
239078a0658e909d09111e337ff3af81
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:32:03 GMT
event
log.nordot.jp/
0
364 B
Ping
General
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
a42c890dd621e2c5accc014bd8a81508
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:32:03 GMT
event
log.nordot.jp/
0
315 B
Ping
General
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
875875fb18620141eb63bb8dc25b4e5a
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:32:03 GMT
event
log.nordot.jp/
0
313 B
Ping
General
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
87d1e2f8bc02d53e20507ee4a3c8f227
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:32:03 GMT
event
log.nordot.jp/
0
314 B
Ping
General
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
85eaf891d25f78923f6c9f5977f5bfb7
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:32:03 GMT
event
log.nordot.jp/
0
313 B
Ping
General
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
2354c1feaf5cc528f8615028e77d2ede
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:32:03 GMT
event
log.nordot.jp/
0
311 B
Ping
General
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
66c2b562011c3419c37c8b388090bae0
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:32:03 GMT
event
log.nordot.jp/
0
314 B
Ping
General
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
5c8e466cfddf40b83344bb2ac3713c9d
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:32:03 GMT
event
log.nordot.jp/
0
313 B
Ping
General
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
61a3b34a36dc4ca5b6815c5121b75603
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:32:03 GMT
event
log.nordot.jp/
0
312 B
Ping
General
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
0dbaad7b024d20f16b48b5a215e848ab
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:32:03 GMT
event
log.nordot.jp/
0
313 B
Ping
General
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
53c9eb31f7fd13972a54651378422afe
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:32:03 GMT
event
log.nordot.jp/
0
313 B
Ping
General
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
30de34192b7b26ce3713979f9ec94be0
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:32:03 GMT
event
log.nordot.jp/
0
311 B
Ping
General
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
ab2472cfe92675bb44c113fa47d94167
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:32:03 GMT
bm9yZG90LmFwcA==
static.solutionshindsight.net/assets/
9 KB
2 KB
Fetch
General
Full URL
https://static.solutionshindsight.net/assets/bm9yZG90LmFwcA==
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-66.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8065b40879ee291260084a91bef981607f9e66952a6cc4b1eb8828256e5e00c2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 9a6f07a84b60a85466bb31603767843c.cloudfront.net (CloudFront)
date
Wed, 31 Jan 2024 00:32:05 GMT
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Tue, 26 Sep 2023 19:23:32 GMT
server
AmazonS3
etag
W/"88b0d3b3160ce31b7e0fe95a588e6a29"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
KbUfvfnPTL7qQeqZQPhWbXSsdMxbEQPFp_kuidm9yX6DWSYpN18TPw==
064ec1b7-1a66-4612-9d6d-24aff6801950
config.aps.amazon-adsystem.com/configs/
564 B
833 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/064ec1b7-1a66-4612-9d6d-24aff6801950
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-46.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
405e43cd3a1d6144f42375bbf65312766341fae117f8809b9faa4d023a279068

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:04 GMT
via
1.1 22068bada9db7a55ac57b9824fe6f9b4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
YHGeA-iKH24OpSuVxPxAl8WIkvhXrTZdMtsG5tkgJO8pMa2vWl6luA==
config
c.amazon-adsystem.com/cdn/prod/
0
305 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnordot.app&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.163.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-163-100.bos50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 23:24:47 GMT
via
1.1 65742b7123c3e2092c47edac9577810a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BOS50-P3
age
4036
x-cache
Hit from cloudfront
access-control-allow-origin
https://nordot.app
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
PoaUIIsr9DpGS4SQgkMMO3pQix87Ae_a7NA0_zvYGdKcrNyxfGWY6w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.163.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-163-100.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:10:02 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 65742b7123c3e2092c47edac9577810a.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-P3
age
62522
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
NoNxt5TBPgD8ZAEy0qVxeb_mBUokMuNvQ1OY4abK1cPDTVC60B4bkw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/
436 KB
136 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:14:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
1071
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139565
x-xss-protection
0
server
cafe
etag
12534472742743793976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 30 Jan 2025 00:14:12 GMT
ba712c33-44a7-43f7-b7aa-c956d83eb96f
https://nordot.app/
154 KB
0
Script
General
Full URL
blob:https://nordot.app/ba712c33-44a7-43f7-b7aa-c956d83eb96f
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d2f0d368bf03561099df3cb58b8116ba09abd5695497a5b986e8e959d39d443

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
157528
Content-Type
text/javascript
didna-pix.gif
didna.b-cdn.net/
807 B
1 KB
Image
General
Full URL
https://didna.b-cdn.net/didna-pix.gif?ref_id=150
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-845 /
Resource Hash
48c0c0652213b10729997c6c43dcbce4f18f36d011c0ed2dbfd4006808e80569

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:04 GMT
cdn-edgestorageid
718
cdn-storageserver
NY-267
cdn-cachedat
01/31/2024 00:32:04
cdn-pullzone
1025274
content-length
807
last-modified
Fri, 06 Jan 2023 17:03:05 GMT
server
BunnyCDN-IL1-845
cdn-fileserver
427
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
image/gif
cdn-cache
BYPASS
cdn-uid
296f49c8-4088-4b56-b4a4-a6b6d3fc5d40
cache-control
public, max-age=0
cdn-requestid
1d654c8a7650661892447d70c72c8835
accept-ranges
bytes
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
bid
aax.amazon-adsystem.com/e/dtb/
198 B
527 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&pid=iO58rMxwEvCdQ&cb=0&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22ad_billboard_1%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F126379976%2Fdesktop%2Fad_billboard_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.242.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-242-155.mia3.r.cloudfront.net
Software
Server /
Resource Hash
1ebcd54ed4e7b68282a0cb6fdcbe40783b2e3f257396919056f7c02384b4cbdc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:04 GMT
via
1.1 4a633917bdd8ac848c975bb079965dbc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MIA3-P6
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
198
x-amz-cf-id
goNA668JlxfUdsZSoOmjaO34A6vxBNoz8NiHLkYdA-rCpU-UGntDVg==
bid
aax.amazon-adsystem.com/e/dtb/
198 B
528 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&pid=iO58rMxwEvCdQ&cb=1&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22ad_halfpage_1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F126379976%2Fdesktop%2Fad_halfpage_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.242.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-242-155.mia3.r.cloudfront.net
Software
Server /
Resource Hash
251ecb46af95fc8be3eca898642647fc77d7ad6f6b2d4161a016c72a438739e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
via
1.1 4a633917bdd8ac848c975bb079965dbc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MIA3-P6
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
198
x-amz-cf-id
mwEMnBhRJyN1YIBfCfB9QGZvPo7YXGIo7dsLs27TpZaVxWTd9PRQJA==
bid
aax.amazon-adsystem.com/e/dtb/
198 B
527 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&pid=iO58rMxwEvCdQ&cb=2&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22ad_rectangle_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F126379976%2Fdesktop%2Fad_rectangle_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.242.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-242-155.mia3.r.cloudfront.net
Software
Server /
Resource Hash
ac5f84953b819acd13bb03618f955fd214f3cd62492acb291e4819ede07f9708

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
via
1.1 4a633917bdd8ac848c975bb079965dbc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MIA3-P6
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
198
x-amz-cf-id
cJ1Kb-gL-Hlg1944f7K0gVlGyCaQ0k-SCyf_fsXK3ORL4GzHY2Bceg==
bid
aax.amazon-adsystem.com/e/dtb/
198 B
527 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&pid=iO58rMxwEvCdQ&cb=3&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22ad_in_paragraph_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F126379976%2Fdesktop%2Fad_in_paragraph_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.242.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-242-155.mia3.r.cloudfront.net
Software
Server /
Resource Hash
2cab86bc3a7e228393bfd67700af7d3507bbbacb6107d09311407f1c2df8d9a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:04 GMT
via
1.1 4a633917bdd8ac848c975bb079965dbc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MIA3-P6
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
198
x-amz-cf-id
TpW2Thw62WfNqx2R4tR4Zq-cdC0wFtTdbyev2UpZ5Pu6wqvMzozc2Q==
bid
aax.amazon-adsystem.com/e/dtb/
198 B
526 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&pid=iO58rMxwEvCdQ&cb=4&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22ad_in_paragraph_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F126379976%2Fdesktop%2Fad_in_paragraph_2%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.242.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-242-155.mia3.r.cloudfront.net
Software
Server /
Resource Hash
9ebe74980c0ed21e28fab6d9984687ba0075f6cd666c9f56a8a8e2fe7cdc5c72

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:03 GMT
via
1.1 4a633917bdd8ac848c975bb079965dbc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MIA3-P6
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
198
x-amz-cf-id
xjszfig6rILcEiHsCrU1iicbCJuGwPPRP1-dFlHzXAHi6-QDBgcIYg==
126379976
fundingchoicesmessages.google.com/i/
183 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/126379976?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b5643d68d1a2b193f231d52b6874db57455a0217b55fdf8bebcec60d3288e39
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NhEbfN4iRmR58KoBnAECPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-NhEbfN4iRmR58KoBnAECPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJwNxysMQWEYBuDjm89cNjMJWTiTaLIkKDYbG5NsZoSTTCHRBfP_G01jKIIgaoyZYEZQnIOZ4lII3vCExz43Bew-Ja76lHXkSDvY-M-0h6qiUwNOSZ0uEFQNCoNWNKgCpt-FbPB4Xcn1vpIHAvDw3ugD01jUfE8KdqYELzTBW7BUcMjWBGvgHAkOjQVPloJnkDEE56DHkgfQikvuQj0tuQ2RvOQEPAuSv1A-rLgGboe10deHFlezMy_9AR10V_M"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
f3eb7804-5174-4276-b3e9-712dfd130fb6
https://nordot.app/
699 KB
0
Script
General
Full URL
blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0f614339a69161df13a533add75a74dd1e349df73359e1f33f2a017009f5477

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
715340
Content-Type
text/javascript
tshow
api.whizzco.com/dtracking/v1/
15 B
311 B
XHR
General
Full URL
https://api.whizzco.com/dtracking/v1/tshow
Requested by
Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Wed, 31 Jan 2024 00:32:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7fMwZmyNyvhHgzK1I7HDahITHu7KTbO6gYIK4nWD1Iy2ICONFxTN3pPz5bl3%2FwIlJXIAG571I52pPeIZiMhZLYIibsRJPE%2FADQ4JdTSqnT7b4j7nA5WR9SH9Q4T%2FJL1LxEw6SBiqWhhUnnfCN4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
cf-ray
84dddafc497e54c1-YYZ
alt-svc
h3=":443"; ma=86400
content-length
15
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/
222 KB
67 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.209.57.14 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-57-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=105362
accept-ranges
bytes
content-length
68444
expires
Thu, 01 Feb 2024 05:48:07 GMT
tshow
api.whizzco.com/dtracking/v1/ Frame
0
0
Preflight
General
Full URL
https://api.whizzco.com/dtracking/v1/tshow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:faa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84dddafaefa454c1-YYZ
content-length
0
date
Wed, 31 Jan 2024 00:32:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSWwSvaw%2FAjEs8lQ5Di0bbIATrXA%2FDfCCnKVkSFkZUwB3AEo7wQ42D8BHyAqcuMEvuv1urIIuhMt7VSUPXmoUZJH9ndgtp2UvUs1Ds3pQmPOk6jZjlsIu8mWVdHZNPg2IgKts9KEGpsFTYco2mc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
wp-banners.js
static.solutionshindsight.net/teju-webclient/
264 B
601 B
Script
General
Full URL
https://static.solutionshindsight.net/teju-webclient/wp-banners.js
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-66.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
content-encoding
gzip
via
1.1 5632fe5930775cf7bdf993a5c3c6fa2e.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 21:23:58 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
etag
"bfd90e72f071d7e0a81d7e0bac6ce9a0"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
190
x-amz-cf-id
IC5QJ2F5NsVf2zJ6-0cwMLHrcMW7HfIAYt2BbTJ0DbMrrXO2VGWtmg==
_bulk
funes.solutionshindsight.net/events/
496 B
634 B
Fetch
General
Full URL
https://funes.solutionshindsight.net/events/_bulk
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.119.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-119-229.compute-1.amazonaws.com
Software
uvicorn /
Resource Hash
386de69ed69f6b04ae237717fa5a622b93809db65ec7c2d65d349e21f2add2e4

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 00:32:05 GMT
access-control-allow-credentials
true
server
uvicorn
content-length
496
content-type
application/json
_bulk
funes.solutionshindsight.net/events/ Frame
0
0
Preflight
General
Full URL
https://funes.solutionshindsight.net/events/_bulk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.119.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-119-229.compute-1.amazonaws.com
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://nordot.app
access-control-max-age
600
content-length
2
content-type
text/plain; charset=utf-8
date
Wed, 31 Jan 2024 00:32:05 GMT
server
uvicorn
vary
Origin
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
Fetch
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240130
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49b0decbc87abc0c5fe97f8928eeff5f7bf1735e612edd1fbdfcff12839e5d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 Jan 2024 00:32:05 GMT
x-content-type-options
nosniff
content-encoding
br
age
30677
x-jsd-version
1.0.1951
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
836
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4529-YYZ
x-jsd-version-type
version
etag
W/"637-/AnL0uW+hrzqMl9FIchA6lB7jS4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/
483 B
1018 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:32:05 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
235035
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqzYfTSskOqQliVyUw5D49iTbgU6kTygNz6tGCC6OEbFcvM0D7BxOoiGQ1foidGv554wLosAYCZ%2BWOsB%2B6ziMx1QTTU2wvrbLxL2GFMGoplwKY0fgm9DgR3wqb9TUlzthaTcOh9a2Ds%2BV0s1"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
84dddb00a8c75497-YYZ
fastlane.json
fastlane.rubiconproject.com/a/api/
403 B
916 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=445630&zone_id=2572862&size_id=57&rp_schain=1.0,1!didna.io,494n1p165,1,,,&eid_pubcid.org=2d0c2fcd-d25f-432d-8549-760d34d1c317%5E1&rf=https%3A%2F%2Fnordot.app%2F1103463313237606400&kw=BANGShowbizEnglish%2Ckatemiddleton%2Ccatherineprincessofwales%2Cprincewilliam%2Cmegbellamy%2Cen&tg_i.domain=nordot.app&tg_i.page=https%3A%2F%2Fnordot.app%2F1103463313237606400&tg_i.name=nordot-app&tg_i.pbadslot=%2F126379976%2Fdesktop%2Fad_billboard_1%23ad_billboard_1&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=2f12ed76be097b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F126379976%2Fdesktop%2Fad_billboard_1%23ad_billboard_1&slots=1&rand=0.5429349605269103
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4d90a541ee636d1c866bb0c0ed6fa32d55c4ae6a2aa7566a2cca5d91a40d9789

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
403
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/
568 B
521 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
e33fd1af9c91ed609edd954c9341444a1fd3db38d480d91cbe1aff618b5545cf

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
368
65686dbe623fb8a7bb1324d7
exchange.kueezrtb.com/prebid/multi/
0
1 KB
Fetch
General
Full URL
https://exchange.kueezrtb.com/prebid/multi/65686dbe623fb8a7bb1324d7
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.1.97 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:05 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
ib.adnxs.com/ut/v3/
138 B
820 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
2690c635c1a9ec667f2be63c36a9b7079526fd8fa733da1235a0dbf893b95f5b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
an-x-request-uuid
5488d87a-07b1-4fd3-b17e-de6692ba3b39
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/
24 B
365 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.238.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-238-183.compute-1.amazonaws.com
Software
/
Resource Hash
83ddc2be181965ab02ca3976baf3a5bc8bf3d9cc15cf636336e0bcc037a9106b

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
prebid-request
onetag-sys.com/
15 B
406 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://nordot.app
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
s-rtb-pb.send.microad.jp/
47 B
509 B
Fetch
General
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=62adce24723708f043e68c9a1f99ef56&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=14326435bb6e7bc&transaction_id=undefined&media_types=3&cbt=1bc23a91e45f63018d5cee19fd&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%222d0c2fcd-d25f-432d-8549-760d34d1c317%22%7D%5D
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
prebid
mp.4dex.io/
0
281 B
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84dddb00aa99711c-YYZ
expires
0
unruly_prebid
targeting.unrulymedia.com/
11 B
199 B
Fetch
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nordot.app
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
cdb
bidder.criteo.com/
0
189 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=93720771377&lsavail=1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:05 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid-request
onetag-sys.com/
15 B
407 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://nordot.app
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
auction
pbs.nextmillmedia.com/openrtb2/
0
459 B
Fetch
General
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.126.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-126-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
x-prebid
pbs-go/42.17.0
vary
Origin
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
pbs.nextmillmedia.com/openrtb2/
0
459 B
Fetch
General
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.126.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-126-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
x-prebid
pbs-go/42.17.0
vary
Origin
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
prebid
mp.4dex.io/
0
40 B
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84dddb00aa9c711c-YYZ
expires
0
translator
hbopenbid.pubmatic.com/
0
112 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
139 B
823 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b8d38e626f853c59575c97422eb0d04da71d29f2f7a71d68452e6644a09d20ad
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
an-x-request-uuid
fa645f8c-b54a-43b3-9334-8bdbad09f213
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/
11 B
200 B
Fetch
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nordot.app
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/
421 B
763 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=445630&zone_id=2572862&size_id=15&alt_size_ids=10&rp_schain=1.0,1!didna.io,494n1p165,1,,,&eid_pubcid.org=2d0c2fcd-d25f-432d-8549-760d34d1c317%5E1&rf=https%3A%2F%2Fnordot.app%2F1103463313237606400&kw=BANGShowbizEnglish%2Ckatemiddleton%2Ccatherineprincessofwales%2Cprincewilliam%2Cmegbellamy%2Cen&tg_i.domain=nordot.app&tg_i.page=https%3A%2F%2Fnordot.app%2F1103463313237606400&tg_i.name=nordot-app&tg_i.pbadslot=%2F126379976%2Fdesktop%2Fad_halfpage_1%23ad_halfpage_1&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=375a9cb23f5881c&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F126379976%2Fdesktop%2Fad_halfpage_1%23ad_halfpage_1&slots=1&rand=0.49537862430995716
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c2dc30dc0532d720976148b4a10b87c9d2bf73271c82a3b92491feabf571b22e

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
421
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
colossusssp.com/
2 B
133 B
Fetch
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.69.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:05 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
prebid
s-rtb-pb.send.microad.jp/
47 B
510 B
Fetch
General
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=bdab9c43160ecd0c3a19cf1006af2f91&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=417e66df218fcdc&transaction_id=undefined&media_types=3&cbt=d9c3a3d0299108018d5cee1aa0&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%222d0c2fcd-d25f-432d-8549-760d34d1c317%22%7D%5D
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
prebid
s-rtb-pb.send.microad.jp/
47 B
509 B
Fetch
General
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=42b78d67b472cb&transaction_id=undefined&media_types=3&cbt=9d7e962c0c5750018d5cee1aa0&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%222d0c2fcd-d25f-432d-8549-760d34d1c317%22%7D%5D
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
cdb
bidder.criteo.com/
0
188 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=91804845886&lsavail=1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:05 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
btlr.sharethrough.com/universal/
561 B
512 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
7a722ec818027f13158fcc6d656fbb0bcb77709f22a7e1229a462fbb7f472392

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
359
v1
btlr.sharethrough.com/universal/
674 B
718 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
778dd0c4a8d4ae17e8528e1f39edbe879523fe0e73095e4bf545c448ccacd72d

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
421
bidRequest
c2shb.pubgw.yahoo.com/
66 B
507 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
f133a51ef7c7dc05d05949e3c372d552e0e58c07f29eb221878304a5498dd3dd

Request headers

Referer
https://nordot.app/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
285 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
26fe1f65e356dffb8f60a7608bd70dbaca44a61b79f7501db7e74af746b876bc

Request headers

Referer
https://nordot.app/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
84
65686dbe623fb8a7bb1324d7
exchange.kueezrtb.com/prebid/multi/
46 KB
19 KB
Fetch
General
Full URL
https://exchange.kueezrtb.com/prebid/multi/65686dbe623fb8a7bb1324d7
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.1.97 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
adb583162413fa54fa2c364e258d84445b1445ea638ab40e04ba607c60ff9c04

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
18698
bid
ap.lijit.com/rtb/
23 B
366 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.238.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-238-183.compute-1.amazonaws.com
Software
/
Resource Hash
c983c511d21b05249b766eeba349279938546d4e1779cf332e7681abcb24f964

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
23
auction
pbs.nextmillmedia.com/openrtb2/
0
460 B
Fetch
General
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.126.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-126-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
x-prebid
pbs-go/42.17.0
vary
Origin
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
unruly_prebid
targeting.unrulymedia.com/
11 B
199 B
Fetch
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nordot.app
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
cdb
bidder.criteo.com/
0
188 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=93106046182&lsavail=1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:04 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/
24 B
365 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.238.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-238-183.compute-1.amazonaws.com
Software
/
Resource Hash
9ecb1bae5ca2179d8e182b5be11a8ceba1a3ecac58829cd18532ece95c4c5a64

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
fastlane.json
fastlane.rubiconproject.com/a/api/
403 B
746 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=445630&zone_id=2572862&size_id=15&rp_schain=1.0,1!didna.io,494n1p165,1,,,&eid_pubcid.org=2d0c2fcd-d25f-432d-8549-760d34d1c317%5E1&rf=https%3A%2F%2Fnordot.app%2F1103463313237606400&kw=BANGShowbizEnglish%2Ckatemiddleton%2Ccatherineprincessofwales%2Cprincewilliam%2Cmegbellamy%2Cen&tg_i.domain=nordot.app&tg_i.page=https%3A%2F%2Fnordot.app%2F1103463313237606400&tg_i.name=nordot-app&tg_i.pbadslot=%2F126379976%2Fdesktop%2Fad_rectangle_1%23ad_rectangle_1&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=66e2af033ba7c1c&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F126379976%2Fdesktop%2Fad_rectangle_1%23ad_rectangle_1&slots=1&rand=0.5230571241646016
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
88479f9ff0e6e37d18132ea3d3652f14cd0325d4a455d014821bc3e7c61413d3

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
403
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/
679 B
566 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
dc969b8279fd7072f856e0ac11a5ffe9673dc9b0b190cb2d7e27c06c443e0005

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
413
prebid
s-rtb-pb.send.microad.jp/
47 B
509 B
Fetch
General
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=700e42dc62fa7f7&transaction_id=undefined&media_types=3&cbt=684a0946218364018d5cee1ae8&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%222d0c2fcd-d25f-432d-8549-760d34d1c317%22%7D%5D
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
prebid
ib.adnxs.com/ut/v3/
139 B
821 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
05b979970c578d7fb7fbf47c95953bf0102ca33d0f88eb005361bcd4421a7fd5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
an-x-request-uuid
84730f11-c1e4-4960-985a-6268e8466334
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
286 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
4bba6a1902101c3049586c697060efcb276dad4042bd0286dfab6ad83319af79

Request headers

Referer
https://nordot.app/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
84
/
colossusssp.com/
2 B
134 B
Fetch
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.69.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:05 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
prebid-request
onetag-sys.com/
15 B
406 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://nordot.app
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
translator
hbopenbid.pubmatic.com/
0
56 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
65686dbe623fb8a7bb1324d7
exchange.kueezrtb.com/prebid/multi/
0
1 KB
Fetch
General
Full URL
https://exchange.kueezrtb.com/prebid/multi/65686dbe623fb8a7bb1324d7
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.1.97 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:05 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
mp.4dex.io/
0
41 B
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:05 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84dddb00aa9e711c-YYZ
expires
0
metric
report2.hb.brainlyads.com/statistics/
463 B
751 B
Image
General
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&placements=29917;29915
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:32:06 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
metric
report2.hb.brainlyads.com/statistics/
463 B
751 B
Image
General
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&placements=29915
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:32:06 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
/
trends.revcontent.com/api/demand/
0
0

sync
trends.revcontent.com/
0
0

iu3
s.amazon-adsystem.com/ Frame 9ACF
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&dcc=t
368 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f75df56e5bcdfa2a12d4b82c3d048f07228341f1e0262e7d030cdb4a63d7b934
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
368
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 31 Jan 2024 00:32:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
V12SG08YGNMYHMNBA25R

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 31 Jan 2024 00:32:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TYN3C0J53TJDA877H77E
yads_vimps3.js
yads.c.yimg.jp/uadf/
85 KB
26 KB
Script
General
Full URL
https://yads.c.yimg.jp/uadf/yads_vimps3.js
Requested by
Host: yads.c.yimg.jp
URL: https://yads.c.yimg.jp/js/yads-async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.249.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash
26b74084193a7882fc9988b59107a58c455555d4fdea0b79f3360b7e97b178df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 31 Jan 2024 00:31:01 GMT
content-encoding
gzip
last-modified
Tue, 30 Jan 2024 02:25:25 GMT
server
DragonStorage
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
047b5e26-2e00-4580-9af2-b099f4d9ad49
age
65
etag
"085f21ff5cf665b29da1fa99997c9f52"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600, stale-while-revalidate=1200
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
26920
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6B68
99 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
326290efc9cd104798f5664e57ca82a2f7e9bc3c9d67d3eeeeb7e20e8bc4a687
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29998
x-xss-protection
0
server
cafe
etag
737 / 19753 / m202401250101 / config-hash: 8161858144323825894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:32:06 GMT
didna_config.js
storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/ Frame 6B68
10 KB
10 KB
Script
General
Full URL
https://storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/didna_config.js
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::cf Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
00d38aba554491252d57c462a721f53b97c9dbc9286600e7d8fce2d334e8dc21

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
x-guploader-uploadid
ABPtcPrnLoQEb3GOmD7j4lS0eDiFezd6z_dwsC_vLZ-HbRQ7X-YMfbCFDHkrK8dbg4zyf5iU4C0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10240
last-modified
Wed, 14 Jun 2023 14:54:52 GMT
server
UploadServer
etag
"ee19695c2173bc358d9f4cda83c944ef"
x-goog-generation
1686754492310461
content-type
text/javascript
x-goog-hash
crc32c=HjWiuQ==, md5=7hlpXCFzvDWNn0zag8lE7w==
cache-control
no-store
x-goog-stored-content-length
10240
accept-ranges
bytes
expires
Thu, 30 Jan 2025 00:32:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BE12
99 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6962f2c8d8abd7ab178a0d61f33ebd427711fb64604c71b060766af51d504922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29998
x-xss-protection
0
server
cafe
etag
725 / 19753 / m202401250101 / config-hash: 8161858144323825894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:32:06 GMT
didna_config.js
storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/ Frame BE12
10 KB
10 KB
Script
General
Full URL
https://storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/didna_config.js
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::cf Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
00d38aba554491252d57c462a721f53b97c9dbc9286600e7d8fce2d334e8dc21

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
x-guploader-uploadid
ABPtcPp3D2uCSP89OAuLnbI4ITnptMe8z2gJg7J__Hyjs2LUohREf4roVS51J9Xxnrwhwhp-c50
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10240
last-modified
Wed, 14 Jun 2023 14:54:52 GMT
server
UploadServer
etag
"ee19695c2173bc358d9f4cda83c944ef"
x-goog-generation
1686754492310461
content-type
text/javascript
x-goog-hash
crc32c=HjWiuQ==, md5=7hlpXCFzvDWNn0zag8lE7w==
cache-control
no-store
x-goog-stored-content-length
10240
accept-ranges
bytes
expires
Thu, 30 Jan 2025 00:32:06 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 31 Jan 2024 00:32:05 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 31 Jan 2024 00:32:05 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
600
age
0
content-length
0
date
Wed, 31 Jan 2024 00:32:05 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
600
age
0
content-length
0
date
Wed, 31 Jan 2024 00:32:05 GMT
server
ATS/9.1.10.94
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 31 Jan 2024 00:32:05 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
600
age
0
content-length
0
date
Wed, 31 Jan 2024 00:32:05 GMT
server
ATS/9.1.10.94
api-errors
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:05 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
server
envoy
vary
Origin
api-errors
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nordot.app
content-length
0
date
Wed, 31 Jan 2024 00:32:05 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
3
x-rc-region
us-east-1a
adagio.js
script.4dex.io/
75 KB
24 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:32:05 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
138833
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGE53ozVJx6DKFHL%2FQbil%2BrUmxw2sBes2y167gRs4vEvDRnQXB5o%2BY5LYMho8fDUQkaPYixb6XSTHv58wJEbcvHmOiaFZXAA%2BZFKJJEdCSkrX2qAyOs9iLhEpebn9ru7P8gM1dJNKARdQVsP"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
84dddb042865711a-YYZ
metric
report2.hb.brainlyads.com/statistics/
463 B
751 B
Image
General
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&placements=29915
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:32:06 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
metric
report2.hb.brainlyads.com/statistics/
463 B
751 B
Image
General
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&placements=29917
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:32:06 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
api-errors
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nordot.app
content-length
0
date
Wed, 31 Jan 2024 00:32:05 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
api-errors
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:05 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
Origin
/
trends.revcontent.com/api/delivery/
31 KB
17 KB
Fetch
General
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=169267&width=1600&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fnordot.app%2F1103463313237606400&icr_url=&va=0&user_uuid=undefined&time=1706661125386&up=pc&bn=chrome&bv=120&widget_width=640&style_id=0&an=false&mr=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.225.168.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-168-29.compute-1.amazonaws.com
Software
envoy /
Resource Hash
f64be3ba2acc6081147b4ffc417b0c6290369db5fd8ea86dabd424f3aee8dd50
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:32:05 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
x-envoy-upstream-service-time
89
AGSKWxXJERSHeQtUDC-rkuNlfD268D83GIAz0S9XIsrlr5WuhEUCI_ZXE0vYd8DEE0cFtw6e0ouIxaKW7LQVevho0OXxP-FzBiFZiScXtNj0xsQnfnankwHFo1XQmdmR30RuOGKBR3Eveg==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXJERSHeQtUDC-rkuNlfD268D83GIAz0S9XIsrlr5WuhEUCI_ZXE0vYd8DEE0cFtw6e0ouIxaKW7LQVevho0OXxP-FzBiFZiScXtNj0xsQnfnankwHFo1XQmdmR30RuOGKBR3Eveg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NjYxMTI1LDQ1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ub3Jkb3QuYXBwLzExMDM0NjMzMTMyMzc2MDY0MDAiLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1eff17bfd64e6cabc3e250aec00bbf6201c90c1963441f89cc2495a954a40204
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yL4zM1QVpF5CG_OA3CoHyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-yL4zM1QVpF5CG_OA3CoHyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4K4hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEw9G26tlaNoETW1ceZQIAb1ZYfQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:28:31 GMT
content-encoding
gzip
age
1645416
x-guploader-uploadid
ABPtcPql9Y44WRrtRoL8agzBjx-j0hj4kkGX3gdpO8wWqtRdRebObNDqoRQh-ZCrgGaitbC7qNbenccfnteW75w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 10 Jan 2025 23:28:31 GMT
publishertag.ids.js
static.criteo.net/js/ld/
41 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 Jan 2024 07:12:05 GMT
server
nginx
etag
W/"65a8cf45-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 01 Feb 2024 00:32:07 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
815 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 Jan 2024 00:32:07 GMT
x-content-type-options
nosniff
content-encoding
br
age
17439
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4522-YYZ
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/
87 KB
26 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f71c68db8f50cecab42686d45c685b9fa2710dac74bd8eb50df4689575fc204
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 30 Jan 2024 10:08:32 GMT
server
cloudflare
x-amz-request-id
BNS3KM694BHVK491
age
665
etag
W/"b03d5064c95ecd01501cdae49ca9228b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
84dddb0ccab85431-YYZ
x-amz-id-2
Gq9Bs6pZ66nu1ge1z6qxknTMtepSkFAPhSrsy9OkJwxk6H7U3VLxxdRnJCOgEIW9+Zx/2PprZ5gtXxpo3RY9eA==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
6430d934316317a393448b5bd10cfe67
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-33.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:09:02 GMT
content-encoding
gzip
via
1.1 b9608c5d714fa42feebf61497cac7bd4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
age
62586
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
C4cAC8cKhwXTijrRCh-88Diddum_TDJvI7HAEYaj6tES8WXUBleWlg==
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
3 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:b400:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Tue, 30 Jan 2024 10:04:26 GMT
Via
1.1 c208eb85ab071bce3678151b6fd6ca36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD79-C1
Age
52062
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
QAZrNMudUD5pD8JtLVOxpZHUlwzxUVbU1RA2Fc7AuaeRCtTPBTXEtQ==
connectId-gpt.js
connectid.analytics.yahoo.com/
9 KB
9 KB
Script
General
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:d600:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 23:49:50 GMT
via
1.1 0173aeb09060ae0dd8c77e399d9e5634.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
IAD79-C1
age
2538
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
5iLzmCcbIgKch5D1OOu2I_teQSP9abatFkQ6KMFFynLvRwJMGUhLNg==
ob.js
cdn-ima.33across.com/
17 KB
6 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 Jan 2024 20:10:49 GMT
server
cloudflare
age
539882
etag
W/"65b01d49-42c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84dddb12a81136fa-YYZ
expires
Sat, 03 Feb 2024 00:32:08 GMT
impression
trends.revcontent.com/event/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:32:05 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
brandWidget~feedWidget.delivery.js
assets.revcontent.com/master/
65 KB
17 KB
Script
General
Full URL
https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-44.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 11:10:34 GMT
content-encoding
gzip
via
1.1 96bbdd3a7f25156daf49a9ffc457edcc.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jan 2024 20:18:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
age
48093
x-amz-server-side-encryption
AES256
etag
W/"6de9bc862bc6fdfaa31c9df1fd186fcf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
bMkLchvONyuJzbLzV_fnTuXuV5jrGvx0_K0PtC-mubnH9KEWiQiKpQ==
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/
30 KB
9 KB
Script
General
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-44.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:51:33 GMT
content-encoding
gzip
via
1.1 96bbdd3a7f25156daf49a9ffc457edcc.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jan 2024 20:18:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
age
49235
etag
W/"dbdc08ee919b827209b33927a9118952"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0rbviJUqn0NyHw54c1qtNVMtarENf6BDmzP0TC1gDwRUIfs9l59uKQ==
feedWidget.delivery.js
assets.revcontent.com/master/
34 KB
10 KB
Script
General
Full URL
https://assets.revcontent.com/master/feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.208.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-208-44.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 12:41:21 GMT
content-encoding
gzip
via
1.1 96bbdd3a7f25156daf49a9ffc457edcc.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jan 2024 20:18:25 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C1
age
42647
x-amz-server-side-encryption
AES256
etag
W/"1dade641a3b866e499b19367c52daaf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
w-z6DsMpzclc67F5XIKpqi6RzokC5udUdyAiVAETQbV7r1V32Ji5eA==
/
img.revcontent.com/
1 KB
2 KB
Image
General
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-49.yul62.r.cloudfront.net
Software
envoy /
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 20 Dec 2023 03:51:26 GMT
via
1.1 7b1e72110677f4b48715a174a0db9206.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 15:43:57 GMT
server
envoy
x-amz-cf-pop
YUL62-C2
age
3616842
etag
"a798d6ed9b193888fbc8a4a5bd7b51c236f8aa33"
x-cache
Hit from cloudfront
content-type
image/png
x-envoy-upstream-service-time
23
alt-svc
h3=":443"; ma=86400
content-length
1351
x-amz-cf-id
rPQtsC4fcvYYOOZVypJGhyefQrtHHlB3LEMUxHu2vEtbGKoqaC1n1Q==
pr
s.amazon-adsystem.com/v3/ Frame E1DF
3 KB
3 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a2b76daf36d25928914a6c6fa838ea4797d8f61ef8ff7f294d9ec6bec5db89d0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2814
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 31 Jan 2024 00:32:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5BAKR5EZXAE968QJ31DG
ecm3
s.amazon-adsystem.com/ Frame E1DF
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=372da745-c861-4be4-a663-bb7abb9adcef
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=372da745-c861-4be4-a663-bb7abb9adcef
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2NAE6N9ZS9RQHPTNTZ1T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=372da745-c861-4be4-a663-bb7abb9adcef
Date
Wed, 31 Jan 2024 00:32:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame E1DF
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3496627267034062000V10
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3496627267034062000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7QNGNES3GX25NNFXGSZB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:06 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3496627267034062000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 31 Jan 2024 00:32:06 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E1D3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
922 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5248878bb919ddfe078c3d0e00860cd107c95a24a4636d820953900ef5ad0c27

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84dddb08be7a38e2-YYZ
content-encoding
br
content-type
text/html
date
Wed, 31 Jan 2024 00:32:06 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQ2B5kRO930vHMQDQAXoySHTobPJbuFZEBr0AU3%2FAvnzGgU1Enuk3j9zkrxhDsFDnDs9S%2BLftw1V31G64bL%2BS01uSi74uPFujAlvphkadOi1zL9u4XanzEgmRBwXwHYzX0SVHhlYlWzHRg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84dddb080d1938e2-YYZ
content-length
0
date
Wed, 31 Jan 2024 00:32:06 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLKLqRmQ1epuuipxqlpivIZH3HQC2p09520g69nZAZP0hH%2BwAM8NJaB53UsCs5y9%2Fza9g5g4xHpK8sN4B%2BKj4l5wmz9Qhi68Vl9gbYqYdxSU6SzKMq%2BbableoOKcwLOPcfp%2ByQ1FpWk06g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame F598
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6363052396704366778&gdpr=0&gdpr_consent=
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6363052396704366778&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 00:32:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
F7AM7E5BWB5Y3FH0JCXJ

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:32:06 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6363052396704366778&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame B5B0
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=600da78820971061&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAG3Hzt1bougAMgDVAgAAAAAAA&expiration=1706747526&is_secure=true
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAG3Hzt1bougAMgDVAgAAAAAAA&expiration=1706747526&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 00:32:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YK47YJPJCGS8W89KSR3J

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Wed, 31 Jan 2024 00:32:06 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAG3Hzt1bougAMgDVAgAAAAAAA&expiration=1706747526&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5ECA
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.209.57.14 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-57-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32588
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 31 Jan 2024 00:32:05 GMT
expires
Wed, 31 Jan 2024 09:35:13 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B353
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jan 2024 00:32:06 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 04C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=1778145512646273912&ex=appnexus.com
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=1778145512646273912&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 00:32:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
W1YF5ZD0F552MT9YR5BW

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
a1a10e51-e73e-421b-8efe-43eee0908c48
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 00:32:06 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=1778145512646273912&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame E1DF
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=528b34b247
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=528b34b247
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GYZ7XRB74WTH68R780D8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 31 Jan 2024 00:31:57 GMT
via
1.1 4b0dd366e44414a4e7e6ed6970080d58.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
age
9
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=528b34b247
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
EXjzekWCpMhWBdwSGdNHbkdx8rRQjAAh8iyAnzJmOPbK42fR6HkXrQ==
ecm3
s.amazon-adsystem.com/ Frame E1DF
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=4808BD40DFB24AD6A1A70718FDAC250C&ex=simpli.fi&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=4808BD40DFB24AD6A1A70718FDAC250C&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y269184CNMZ3N9RZP4SW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 31 Jan 2024 00:32:06 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=4808BD40DFB24AD6A1A70718FDAC250C&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 30 Jan 2024 00:32:06 GMT
ecm3
s.amazon-adsystem.com/ Frame E1DF
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7ef59a80bf2i3d5l00ls11yx42
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7ef59a80bf2i3d5l00ls11yx42
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D1EG3YGV91B86582PXCB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 31 Jan 2024 00:32:06 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7ef59a80bf2i3d5l00ls11yx42
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
amazon
ce.lijit.com/beacon/ Frame 8817
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
1 KB
976 B
Document
General
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.238.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-238-88.compute-1.amazonaws.com
Software
/
Resource Hash
5dfac05c613d09c5b09acd45e8d85b792f1849ae022f4dcf5c5e0a17acfa957a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-encoding
gzip
content-length
448
content-type
text/html
date
Wed, 31 Jan 2024 00:32:06 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept-Encoding, User-Agent

Redirect headers

content-length
110
content-type
text/html
date
Wed, 31 Jan 2024 00:32:05 GMT
location
https://ce.lijit.com:443/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
server
awselb/2.0
ecm3
s.amazon-adsystem.com/ Frame E1DF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=maSNT5jO_wbnahJibKqO
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=maSNT5jO_wbnahJibKqO
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MP8WVGH9Z5PVNKCQPDY4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=maSNT5jO_wbnahJibKqO
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 31 Jan 2024 00:32:06 GMT
v1
btlr.sharethrough.com/universal/
784 B
624 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
d375cdf0e7d805b12c609ace7196b04dbd9f27372ec234720be3e09a476ba76a

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:05 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
471
bid
ap.lijit.com/rtb/
25 B
366 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.238.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-238-183.compute-1.amazonaws.com
Software
/
Resource Hash
2645d122be74564e70144e3c7d5063a319af72963f6b06d7d9b00027c9a74705

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
unruly_prebid
targeting.unrulymedia.com/
11 B
199 B
Fetch
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nordot.app
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:06 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/
405 B
462 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=445630&zone_id=2572862&size_id=15&rp_schain=1.0,1!didna.io,494n1p165,1,,,&eid_pubcid.org=2d0c2fcd-d25f-432d-8549-760d34d1c317%5E1&rf=https%3A%2F%2Fnordot.app%2F1103463313237606400&kw=BANGShowbizEnglish%2Ckatemiddleton%2Ccatherineprincessofwales%2Cprincewilliam%2Cmegbellamy%2Cen&tg_i.domain=nordot.app&tg_i.page=https%3A%2F%2Fnordot.app%2F1103463313237606400&tg_i.name=nordot-app&tg_i.pbadslot=%2F126379976%2Fdesktop%2Fad_in_paragraph_1%23ad_in_paragraph_1&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=9321dc246e1d592&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F126379976%2Fdesktop%2Fad_in_paragraph_1%23ad_in_paragraph_1&slots=1&rand=0.8477547127751961
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c902954ed2287c3048b40d687bc6152b0fc195fd4cb1b89ec4bf0b99f3805491

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:06 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
405
expires
Wed, 17 Sep 1975 21:32:10 GMT
65686dbe623fb8a7bb1324d7
exchange.kueezrtb.com/prebid/multi/
0
978 B
Fetch
General
Full URL
https://exchange.kueezrtb.com/prebid/multi/65686dbe623fb8a7bb1324d7
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.1.97 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:06 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
cdb
bidder.criteo.com/
0
188 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=30156499340&lsavail=1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:06 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
pbs.nextmillmedia.com/openrtb2/
0
373 B
Fetch
General
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.126.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-126-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:06 GMT
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
x-prebid
pbs-go/42.17.0
vary
Origin
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
prebid
mp.4dex.io/
0
41 B
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:06 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84dddb05cc67711c-YYZ
expires
0
prebid
ib.adnxs.com/ut/v3/
139 B
821 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
dafcc42b19f044200f9bbcbab3455df70330e2012713c04909b2736566a6c997
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:06 GMT
an-x-request-uuid
d39fac7d-71ec-4b51-abe9-b825a8fa6dd8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
56 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
colossusssp.com/
2 B
133 B
Fetch
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.69.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:06 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
prebid-request
onetag-sys.com/
15 B
406 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://nordot.app
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
s-rtb-pb.send.microad.jp/
47 B
509 B
Fetch
General
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=11142183999b4cfb&transaction_id=undefined&media_types=3&cbt=a35f23f9e01b40018d5cee1f77&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%222d0c2fcd-d25f-432d-8549-760d34d1c317%22%7D%5D
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
bidRequest
c2shb.pubgw.yahoo.com/
66 B
308 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
9ff0e4473261366bc6fa654df2b3cf1adeb436e85bbbe08e324ede2f013a81e6

Request headers

Referer
https://nordot.app/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
600
age
0
content-length
0
date
Wed, 31 Jan 2024 00:32:06 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
600
age
0
content-length
0
date
Wed, 31 Jan 2024 00:32:06 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/
66 B
117 B
Fetch
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
d31ff0a68a7e63a905a5bdd0e13cf1fae3a4f36cbac4de56a9cdd1e5557bfa82

Request headers

Referer
https://nordot.app/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
84
/
colossusssp.com/
2 B
133 B
Fetch
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.69.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:06 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
65686dbe623fb8a7bb1324d7
exchange.kueezrtb.com/prebid/multi/
0
1 KB
Fetch
General
Full URL
https://exchange.kueezrtb.com/prebid/multi/65686dbe623fb8a7bb1324d7
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.1.97 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:06 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
bid
ap.lijit.com/rtb/
25 B
366 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.238.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-238-183.compute-1.amazonaws.com
Software
/
Resource Hash
7812e9bd05e684e703cdf66dc02bbd17f4ec50af9faa93910e73eb06f384c492

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
prebid-request
onetag-sys.com/
15 B
406 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://nordot.app
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
unruly_prebid
targeting.unrulymedia.com/
11 B
199 B
Fetch
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nordot.app
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:06 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
prebid
mp.4dex.io/
0
64 B
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:06 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84dddb060d2b711c-YYZ
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
409 B
443 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=445630&zone_id=2572862&size_id=15&rp_schain=1.0,1!didna.io,494n1p165,1,,,&eid_pubcid.org=2d0c2fcd-d25f-432d-8549-760d34d1c317%5E1&rf=https%3A%2F%2Fnordot.app%2F1103463313237606400&kw=BANGShowbizEnglish%2Ckatemiddleton%2Ccatherineprincessofwales%2Cprincewilliam%2Cmegbellamy%2Cen&tg_i.domain=nordot.app&tg_i.page=https%3A%2F%2Fnordot.app%2F1103463313237606400&tg_i.name=nordot-app&tg_i.pbadslot=%2F126379976%2Fdesktop%2Fad_in_paragraph_2%23ad_in_paragraph_2&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=12983eb5666a2a96&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F126379976%2Fdesktop%2Fad_in_paragraph_2%23ad_in_paragraph_2&slots=1&rand=0.09558665428025614
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2c96dfdde76872e6894ea5ca3202e6894e221f26be7b7243e39943c1d329ff5b

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:06 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
409
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/
616 B
571 B
Fetch
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
47b7e1d25467ab837fa60c147545f23be4c2b10e33c6e433b4a7460b82e267f9

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
395
auction
pbs.nextmillmedia.com/openrtb2/
0
373 B
Fetch
General
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.126.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-126-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:06 GMT
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
x-prebid
pbs-go/42.17.0
vary
Origin
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
translator
hbopenbid.pubmatic.com/
0
56 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
19 B
1013 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:06 GMT
an-x-request-uuid
b7501996-a23a-4bb0-abe8-5087f1374dee
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
s-rtb-pb.send.microad.jp/
47 B
509 B
Fetch
General
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=139910d88f01d302&transaction_id=undefined&media_types=3&cbt=4389804fff2cf8018d5cee1f83&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%222d0c2fcd-d25f-432d-8549-760d34d1c317%22%7D%5D
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
cdb
bidder.criteo.com/
0
188 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=72779940810&lsavail=1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:05 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/
854 B
453 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=765322154229499&correlator=2842522816808017&eid=31080255%2C31080778%2C31079233%2C31080117&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=126379976%2Cdesktop%2Cad_rectangle_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=1&didk=1024703862&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706661126041&lmt=1706661126&adxs=986&adys=894&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&ga_vid=1670129572.1706661126&ga_sid=1706661126&ga_hid=1387773490&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY3bq459UxSABSAghkEhkKCnB1YmNpZC5vcmcY3Lq459UxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGNy6uOfVMUgAUgIIZBIXCghydGJob3VzZRjcurjn1TFIAFICCGQSFAoFb3BlbngY3Lq459UxSABSAghkEhkKCnVpZGFwaS5jb20Y3bq459UxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjcurjn1TFIAFICCGQ.&dlt=1706661122192&idt=1783&prev_scp=auid%3Dad_rectangle_1%26adLocation%3Datf%26amznbid%3D2%26amznp%3D2%26didna_vis%3Dtrue%26didna_refr%3Dfalse%26refresh-iteration%3D0&cust_params=iab%3Diab17%26pub%3Dglobal%26path%3D%252F%26chunitid%3D641577452118279265%26cuunitid%3D0&adks=4065996199&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c00f5ecd583759a15fd2f14cf2b9578f8a6331195f21e9910811fe1f36ea2f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
422
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EFE9
6 KB
3 KB
Document
General
Full URL
https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:32:06 GMT
expires
Thu, 30 Jan 2025 00:32:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
37 KB
15 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=765322154229499&correlator=166226192908730&eid=31080255%2C31080778%2C31079233%2C31080117&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=126379976%2Cdesktop%2Cad_billboard_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&ifi=2&didk=3921174633&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706661126110&lmt=1706661126&adxs=316&adys=115&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&vis=1&psz=972x314&msz=970x250&fws=512&ohw=0&ga_vid=1670129572.1706661126&ga_sid=1706661126&ga_hid=1387773490&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY3bq459UxSABSAghkEhkKCnB1YmNpZC5vcmcY3Lq459UxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGNy6uOfVMUgAUgIIZBIXCghydGJob3VzZRjcurjn1TFIAFICCGQSFAoFb3BlbngY3Lq459UxSABSAghkEhkKCnVpZGFwaS5jb20Y3bq459UxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjcurjn1TFIAFICCGQ.&dlt=1706661122192&idt=1783&prev_scp=auid%3Dad_billboard_1%26adLocation%3Datf%26amznbid%3D2%26amznp%3D2%26didna_vis%3Dtrue%26didna_refr%3Dfalse%26refresh-iteration%3D0&cust_params=iab%3Diab17%26pub%3Dglobal%26path%3D%252F%26chunitid%3D641577452118279265%26cuunitid%3D0&adks=2439979591&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fd3c0dd4672a50ca923d692f42a0d8d9f741543aa5ad697491450f514c911ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14954
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5ECA
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73899315&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
472e3aaa91feaa4bd79e8e8ab7e67c4c5cc1c695ab7c8a2a9e910735f2602b4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 31 Jan 2024 00:32:06 GMT
content-length
1736
content-type
text/html; charset=UTF-8
page-view
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:06 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:06 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
server
envoy
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=765322154229499&correlator=3540079174283656&eid=31080255%2C31080778%2C31079233%2C31080117&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=126379976%2Cdesktop%2Cad_halfpage_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=3&didk=3864841234&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706661126211&lmt=1706661126&adxs=986&adys=894&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&ga_vid=1670129572.1706661126&ga_sid=1706661126&ga_hid=1387773490&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY3bq459UxSABSAghkEhkKCnB1YmNpZC5vcmcY3Lq459UxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGNy6uOfVMUgAUgIIZBIXCghydGJob3VzZRjcurjn1TFIAFICCGQSFAoFb3BlbngY3Lq459UxSABSAghkEhkKCnVpZGFwaS5jb20Y3bq459UxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjcurjn1TFIAFICCGQ.&dlt=1706661122192&idt=1783&prev_scp=auid%3Dad_halfpage_1%26adLocation%3Datf%26amznbid%3D2%26amznp%3D2%26didna_vis%3Dtrue%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D20%26hb_adid%3D1423e26d641343b6%26hb_bidder%3Dkueezrtb%26didna_refr%3Dfalse%26refresh-iteration%3D0&cust_params=iab%3Diab17%26pub%3Dglobal%26path%3D%252F%26chunitid%3D641577452118279265%26cuunitid%3D0&adks=3196454924&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0e7134732accadd8fdd0901abfa44cd7e05605d08f6229e7708f77517dc8b9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13016
x-xss-protection
0
google-lineitem-id
5332972956
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138307000335
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 31 Jan 2024 00:32:06 GMT
page-view
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nordot.app
content-length
0
date
Wed, 31 Jan 2024 00:32:06 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
widget-loaded
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.87.69.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-69-37.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nordot.app
content-length
0
date
Wed, 31 Jan 2024 00:32:06 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
13
x-rc-region
us-east-1a
7345d036-e27a-4677-bdf0-55356c34b8dc
https://nordot.app/ Frame 6B68
154 KB
0
Script
General
Full URL
blob:https://nordot.app/7345d036-e27a-4677-bdf0-55356c34b8dc
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d2f0d368bf03561099df3cb58b8116ba09abd5695497a5b986e8e959d39d443

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
157528
Content-Type
text/javascript
3a949536-d1db-4bef-a9e1-8a81fb28d4ef
https://nordot.app/ Frame 6B68
699 KB
0
Script
General
Full URL
blob:https://nordot.app/3a949536-d1db-4bef-a9e1-8a81fb28d4ef
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0f614339a69161df13a533add75a74dd1e349df73359e1f33f2a017009f5477

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
715340
Content-Type
text/javascript
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ Frame 6B68
436 KB
136 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:14:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
1075
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139565
x-xss-protection
0
server
cafe
etag
12534472742743793976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 30 Jan 2025 00:14:12 GMT
e28cac58-93aa-4c94-9b50-2fcba9184ee0
https://nordot.app/ Frame 6B68
594 B
0
Other
General
Full URL
blob:https://nordot.app/e28cac58-93aa-4c94-9b50-2fcba9184ee0
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
594
Content-Type
text/javascript
didna-pix.gif
didna.b-cdn.net/ Frame 6B68
807 B
1 KB
Image
General
Full URL
https://didna.b-cdn.net/didna-pix.gif?ref_id=2054
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-845 /
Resource Hash
48c0c0652213b10729997c6c43dcbce4f18f36d011c0ed2dbfd4006808e80569

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:08 GMT
cdn-edgestorageid
718
cdn-storageserver
NY-427
cdn-cachedat
01/31/2024 00:32:08
cdn-pullzone
1025274
content-length
807
last-modified
Fri, 06 Jan 2023 17:03:05 GMT
server
BunnyCDN-IL1-845
cdn-fileserver
427
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
image/gif
cdn-cache
BYPASS
cdn-uid
296f49c8-4088-4b56-b4a4-a6b6d3fc5d40
cache-control
public, max-age=0
cdn-requestid
e64ea4cb3a10012236e72e7eeac2d77b
accept-ranges
bytes
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 6B68
2 KB
908 B
Fetch
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240130
Requested by
Host: nordot.app
URL: blob:https://nordot.app/3a949536-d1db-4bef-a9e1-8a81fb28d4ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49b0decbc87abc0c5fe97f8928eeff5f7bf1735e612edd1fbdfcff12839e5d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 Jan 2024 00:32:06 GMT
x-content-type-options
nosniff
content-encoding
br
age
30678
x-jsd-version
1.0.1951
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
836
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4529-YYZ
x-jsd-version-type
version
etag
W/"637-/AnL0uW+hrzqMl9FIchA6lB7jS4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
yads_vimps.js
yads.c.yimg.jp/uadf/
85 KB
26 KB
Script
General
Full URL
https://yads.c.yimg.jp/uadf/yads_vimps.js
Requested by
Host: yads.c.yimg.jp
URL: https://yads.c.yimg.jp/js/yads-async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.249.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 31 Jan 2024 00:23:42 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 05:36:23 GMT
server
DragonStorage
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
09481c2f-5ba6-4a3a-967a-fac4ba68ea0c
age
506
etag
"a1d09f7f9077f212fb451c1223c8ebc1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600, stale-while-revalidate=1200
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
26915
usync.js
eus.rubiconproject.com/ Frame B353
39 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
508ec1418d9498ff28d313b9972402037e837ceca5c372c672099a23dbdb764d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:32:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 17:22:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60602
Connection
keep-alive
Content-Length
10919
Expires
Wed, 31 Jan 2024 17:22:08 GMT
localstore.js
script.4dex.io/ Frame 6B68
483 B
1020 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: nordot.app
URL: blob:https://nordot.app/3a949536-d1db-4bef-a9e1-8a81fb28d4ef
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:32:08 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
235038
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SODW1m%2FZGLSCW99Kc%2B%2F1IAcB9wEKMpgrKeI28Wuk0ehgdeT6YIcXseHJGdSZvsgfw2czy96fM6RRVvBIGBJMF6rb%2BrkQyrs150PSObKYBn6mTybFlQSM5s01PU0RjzL7JdBQqXgwPcefA6gk"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
84dddb12ff625497-YYZ
prebid
ib.adnxs.com/ut/v3/ Frame 6B68
137 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/3a949536-d1db-4bef-a9e1-8a81fb28d4ef
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
caef97921f1d7c67cb47c57110d97077facd5189bb9995cc644940b3dd88ce9c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:06 GMT
an-x-request-uuid
f773a62c-833d-4969-b659-f72629f3f161
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
137
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 8817
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=IFKAABZHuM1z_0ZqTyi3aUH_&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0A03RN2H1ZZ4B43J80QF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 8817
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=a61c90ad-cbd5-4bfa-9795-b880d4064069
43 B
647 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=87&3pid=a61c90ad-cbd5-4bfa-9795-b880d4064069
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
23.20.238.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-238-88.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=a61c90ad-cbd5-4bfa-9795-b880d4064069
date
Wed, 31 Jan 2024 00:32:07 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 8817
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LS11YW6R-I-KBWL&gdpr=0
43 B
882 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LS11YW6R-I-KBWL&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
23.20.238.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-238-88.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LS11YW6R-I-KBWL&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffb5a99038d6839895ccd1c10040baaa
Expires
0
merge
ce.lijit.com/ Frame 8817
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=a01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=a01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Da01e25...
  • https://ce.lijit.com/merge?pid=16&3pid=a01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341&gdpr=0&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=16&3pid=a01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
23.20.238.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-238-88.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:18 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

date
Wed, 31 Jan 2024 00:32:17 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=a01e257e-0630-40fe-abf3-ec4c520f337a-65b99507-4341&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 8817
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=fmx
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=eWKhpx5YUWtHALyFbQLb_aYAzQQ&user_group=1&ssp=fmx&gdpr=0
  • https://ce.lijit.com/merge?pid=26&3pid=372da745-c861-4be4-a663-bb7abb9adcef&gdpr=0&gdpr_consent=&us_privacy=
43 B
895 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=26&3pid=372da745-c861-4be4-a663-bb7abb9adcef&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
23.20.238.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-238-88.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=372da745-c861-4be4-a663-bb7abb9adcef&gdpr=0&gdpr_consent=&us_privacy=
Date
Wed, 31 Jan 2024 00:32:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 8817
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPU12bebc23088841f6b269540b34cd8891&gdpr=0&gdpr_consent=&pid=103
43 B
895 B
Image
General
Full URL
https://ce.lijit.com/merge?3pid=OPU12bebc23088841f6b269540b34cd8891&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
23.20.238.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-238-88.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPU12bebc23088841f6b269540b34cd8891&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
bk_sync.xgi
x.dlx.addthis.com/e/ Frame E1D3
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZbmVBm36UL0X6IZT6stR7gAA%26128&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZbmVBm36UL0X6IZT6stR7gAA%26128&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=22ba3029c32640e2a3d0e3f8bfddeda8
  • https://he.lijit.com/merge?pid=8105&event_type=email&lc_md5=d97bfa67f3afde5715a99eb68199bd38&lc_sha1=&lc_sha256=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&gpdr=
  • https://p.alcmpn.com/em/173/110/2360.gif?gid=d97bfa67f3afde5715a99eb68199bd38
  • https://e.dlx.addthis.com/e/a-1564/s-5719?ret=img&na_em=d97bfa67f3afde5715a99eb68199bd38
  • https://e.dlx.addthis.com/e/a-1564/s-5719?ret=img&na_em=d97bfa67f3afde5715a99eb68199bd38&rd=Y
  • https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2024013100321800022974049544&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
  • https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
43 B
594 B
Image
General
Full URL
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
23.197.109.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 00:32:19 GMT
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=$_BK_UUID
date
Wed, 31 Jan 2024 00:32:19 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
dcm
s.amazon-adsystem.com/ Frame E1D3
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZbmVBm36UL0X6IZT6stR7gAAAIAAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:07 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0MBYAGPFA9K1Y416WWK2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E1D3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZbmVBm36UL0X6IZT6stR7gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELAQrJIUiEKjR27zkLETPZ4&google_cver=1
43 B
729 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELAQrJIUiEKjR27zkLETPZ4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47bxsUF71emossJT5WUli%2F4KxplJjFTshSd9XyezPVajiAr92J0B6g0eUFHMGcXD1NAd2lgbEvwbd4IprBe4D5kFPwi7jqLTqmkAr6jB1tDUV5iWq16BwQNKDKqR4oIg%2FhpR14KfDgh%2F3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84dddb0e0bd17118-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELAQrJIUiEKjR27zkLETPZ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E1D3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5c046258-80c8-451b-abf9-ade2d747e398&expiration=1709253127&gdpr=0&gdpr_consent=
43 B
731 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5c046258-80c8-451b-abf9-ade2d747e398&expiration=1709253127&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfAYnAo52l9pAZ4Dd4tzDQdxpXqY1Ze4y9w6GjMu53wh3wXB49%2BIFIv8reiVtpnNw5t6JOkW9uh1aKTq267IGvHrPEPkc%2FZx%2Bz1BERU0leMpADqqzvQO0RZeij15RJ893nhcDV8bn7tz%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84dddb0e1c137118-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5c046258-80c8-451b-abf9-ade2d747e398&expiration=1709253127&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 00:32:07 GMT
server
Kestrel
content-length
323
tp_out
d.adroll.com/cm/index/ Frame E1D3
42 B
181 B
Image
General
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:7843:899a:d4d0:979d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame E1D3
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1722385927&external_user_id=e8017cc8-2d37-4afb-b2ec-519c52c95035
43 B
768 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1722385927&external_user_id=e8017cc8-2d37-4afb-b2ec-519c52c95035
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTmZCd3aAjOpwhB6an2fqPkMHH9SWFCUzTGEBLcGTSFpN819sIjU6Poki8fJJLx%2Fa6wqmhawBEgRxwzSpFM3z5tdVY0vcx9atJ8%2FCnhiQzAyzln%2FCX9kIs7aE8yjsagFSZPNNFLyVd5EVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84dddb0d3a357118-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 31 Jan 2024 00:32:07 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1722385927&external_user_id=e8017cc8-2d37-4afb-b2ec-519c52c95035
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame E1D3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZbmVBwABTShj4gA9
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbmVBwABTShj4gA9&_test=ZbmVBwABTShj4gA9
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbmVBwABTShj4gA9&_test=ZbmVBwABTShj4gA9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpTaHuUs1JmtQ%2B87Wmo9uQTIQq1s3Ju7Yd0Sl9mGvdsLwtkOsBnZB4IEj9nn%2FFdmfoXNhXQSFmdUsHtr%2BCh7omyqh4%2BTGtLFKxfEmmDVDZpPTA36H8GaNk%2FF5uOJYOrtaJPdT99Ugr%2F%2BGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84dddb0ddb527118-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-yyz4544-YYZ
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
via
1.1 varnish
server
Varnish
x-timer
S1706661127.253996,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbmVBwABTShj4gA9&_test=ZbmVBwABTShj4gA9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame E1D3
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZbmVBm36UL0X6IZT6stR7gAAAIAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:07 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
STTG1HTKCXNRQ4CMB1ZT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A8DA
6 KB
3 KB
Document
General
Full URL
https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:32:06 GMT
expires
Thu, 30 Jan 2025 00:32:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A6A4
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi2Fya75tcs6T9U3zAJvdzpSl187HI786_9lQjh47-TSzBaSrPWosKYIBcQAMUL-UsZCXsl4VhJ6boaq6ZCD-DvWL5KWR9wyevEBzQPjV2mFc4ga57w0tuNg5_JBmVMwgBt0_wt8k2DWWhYyDdQmMDj7459I2mYDmaX_CeTOVUxCm1-Cq8K-Pe-ZNLF-fxmocL_47v_KhpFwrgFqJm_MIfFWXNLgm4LRDY52fDH2caDp7LLI8AfZ0xR3F4oojp7OYzzMjf-XLWqbbE0LTGvfIiiwHS7LRoayJPI9JbY6Dzez1QPzRf3rl4cIGsPByGtp-L-XwZn9XTbBkalnsvxK-gxbBSJu1wCdpYGa0VwMHcyGSroHz6njeYzzOVeqsl&sai=AMfl-YRUBp2Q5BJRFyq_vnOm7cG2818c-GvlvLlwbfwOw7iZb6SEKHkqbpLZtW8GE9_UdiYBW74x2-HDtV5VpQQ2ze-80EAgsg4VmmsBFAVyWiLE4tmxq1-8SufpICWnySYDFI0ERFyOF_xRqQx5MaF6CXLY&sig=Cg0ArKJSzJc1wLnFzQtvEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 31 Jan 2024 00:32:06 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame A6A4
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 Jan 2024 00:32:07 GMT
x-content-type-options
nosniff
content-encoding
br
age
6515
x-jsd-version
1.16.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9365
x-served-by
cache-fra-etou8220028-FRA, cache-yyz4522-YYZ
x-jsd-version-type
version
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A6A4
205 KB
62 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 23:35:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
3415
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63000
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:35:12 GMT
crum
dsum-sec.casalemedia.com/ Frame 446F
Redirect Chain
  • https://um4.eqads.com/um/cs
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=71a9e0d7-1e15-4c6e-a41c-87a88265702b&expiration=1714523527
43 B
733 B
Document
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=71a9e0d7-1e15-4c6e-a41c-87a88265702b&expiration=1714523527
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84dddb0d29f17118-YYZ
content-length
43
content-type
image/gif
date
Wed, 31 Jan 2024 00:32:07 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXtAwQkhqW28boWFtxtmynNwwL7sagcX8qIuum4yr6xyywwDjPZ6lcWHSNEnjITkBDRQ2pmpgRMm04zmSuoK%2FDdUz%2B%2FwMMa%2B5D0b%2BsFOpR8va7fKCW9eGAaZqjlovMvk4x2ulDgUrodk6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-length
0
date
Wed, 31 Jan 2024 00:32:07 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=71a9e0d7-1e15-4c6e-a41c-87a88265702b&expiration=1714523527
publishertag.prebid.139.js
static.criteo.net/js/ld/
95 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 01 Feb 2024 00:32:08 GMT
didna_trackers.html
storage.didna.io/ Frame 072A
3 KB
3 KB
Document
General
Full URL
https://storage.didna.io/didna_trackers.html
Requested by
Host: nordot.app
URL: blob:https://nordot.app/ba712c33-44a7-43f7-b7aa-c956d83eb96f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.239.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.239.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1033
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
2867
content-type
text/html
date
Wed, 31 Jan 2024 00:14:54 GMT
etag
"13d9c4d6c276bc3cb0b5afd7ff642b8d"
expires
Wed, 31 Jan 2024 01:14:54 GMT
last-modified
Sun, 14 Jun 2020 19:10:59 GMT
server
UploadServer
x-goog-generation
1592161859249348
x-goog-hash
crc32c=+vRTlQ== md5=E9nE1sJ2vDywta/X/2QrjQ==
x-goog-metageneration
2
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2867
x-guploader-uploadid
ABPtcPrEOeYBGBSZ3kTqenYxCqfzq3ZXCS0l-bEV9CnYgsPFKC9LdsCMt7waBHtU5UZBMGrMBZharGmc
dcm
s.amazon-adsystem.com/ Frame 9799
43 B
855 B
Document
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 00:32:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
D3NPX5YKF62J3B5C512R
ecm3
s.amazon-adsystem.com/ Frame 8C55
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID95DDCB8B-5B7B-462F-9F6F-623830FFB7BB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 00:32:07 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
F6K9DE525CQ5WE304M9E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5ECA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ld3Li1t7Ri-fb2I4MP-3uw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.209.57.14 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-57-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=32586
accept-ranges
bytes
content-length
5622
expires
Wed, 31 Jan 2024 09:35:13 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 5ECA
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5c046258-80c8-451b-abf9-ade2d747e398&ttd_puid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5c046258-80c8-451b-abf9-ade2d747e398&ttd_puid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5c046258-80c8-451b-abf9-ade2d747e398&ttd_puid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c%2C%2C
date
Wed, 31 Jan 2024 00:32:07 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 5ECA
0
0
Image
General
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2095DDCB8B-5B7B-462F-9F6F-623830FFB7BB&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

xuid
eb2.3lift.com/ Frame 5ECA
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 31 Jan 2024 00:32:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Wed, 31 Jan 2024 00:32:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 5ECA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTVERENCOEItNUI3Qi00NjJGLTlGNkYtNjIzODMwRkZCN0JC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 12:49:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5ECA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENkrwyxkzCPE2WtR5DUsJ_A&google_cver=1
42 B
347 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENkrwyxkzCPE2WtR5DUsJ_A&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 12:46:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENkrwyxkzCPE2WtR5DUsJ_A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5ECA
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4808BD40DFB24AD6A1A70718FDAC250C
42 B
400 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4808BD40DFB24AD6A1A70718FDAC250C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 00:32:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 31 Jan 2024 00:32:06 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4808BD40DFB24AD6A1A70718FDAC250C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 30 Jan 2024 00:32:06 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5ECA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5c046258-80c8-451b-abf9-ade2d747e398&gdpr=0&gdpr_consent=
42 B
542 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5c046258-80c8-451b-abf9-ade2d747e398&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 00:32:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5c046258-80c8-451b-abf9-ade2d747e398&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 00:32:07 GMT
server
Kestrel
content-length
355
95DDCB8B-5B7B-462F-9F6F-623830FFB7BB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5ECA
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/95DDCB8B-5B7B-462F-9F6F-623830FFB7BB?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:c5b1:19c6:6405:5eda Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
9f9d97de-5a05-4668-9dbf-560c206590d1
https://nordot.app/ Frame BE12
154 KB
0
Script
General
Full URL
blob:https://nordot.app/9f9d97de-5a05-4668-9dbf-560c206590d1
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d2f0d368bf03561099df3cb58b8116ba09abd5695497a5b986e8e959d39d443

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
157528
Content-Type
text/javascript
5c00a389-6bdb-48f5-8636-d21f483eee53
https://nordot.app/ Frame BE12
699 KB
0
Script
General
Full URL
blob:https://nordot.app/5c00a389-6bdb-48f5-8636-d21f483eee53
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0f614339a69161df13a533add75a74dd1e349df73359e1f33f2a017009f5477

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
715340
Content-Type
text/javascript
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ Frame BE12
436 KB
136 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:14:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
1076
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139565
x-xss-protection
0
server
cafe
etag
12534472742743793976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 30 Jan 2025 00:14:12 GMT
3cb4cf1b-5c80-4c1b-9852-41d7766bb99c
https://nordot.app/ Frame BE12
594 B
0
Other
General
Full URL
blob:https://nordot.app/3cb4cf1b-5c80-4c1b-9852-41d7766bb99c
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
594
Content-Type
text/javascript
AGSKWxX3I_8XFOzvw28fcz7B4B-BezM2mQnlni3hIR-B74ApjfnLSHz0d4BlEEGu1fAPIbpovWyaGFv_z_i3FHygLw6nuBytyPppUDo2A1GpqZ39sCRfvee9gr6gcOyLeUrkETV2_B4SNw==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX3I_8XFOzvw28fcz7B4B-BezM2mQnlni3hIR-B74ApjfnLSHz0d4BlEEGu1fAPIbpovWyaGFv_z_i3FHygLw6nuBytyPppUDo2A1GpqZ39sCRfvee9gr6gcOyLeUrkETV2_B4SNw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NjYxMTI2LDk1MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbm9yZG90LmFwcC8xMTAzNDYzMzEzMjM3NjA2NDAwIixudWxsLFtbOCwibE1JemRBS0tERVkiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lcErd9jI5nNw0jTKpRp1ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-lcErd9jI5nNw0jTKpRp1ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KkhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEzdGx6tlaNoEFvedSARdNV_M"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame 954C
139 KB
47 KB
Document
General
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Requested by
Host: d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
URL: https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b89c568781c6e259990a7e563451439705ef527e6223de06e44597a328fb0475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:32:07 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=dD8GzIdZE_Ax8bGCuF4fp7tP5__6O-JedpqIHW6176QSC4BVyaOhxZ55tMYxElBL8bzJzbWecyvaP72haFuulhvpTVWLPpz3XVwGHH5CuPtBFrTC6NUA7Y4MW2g5XV2SqP5RIRdbFfNKEEW9m26pZGhx_oX0oa53a-m70beormMYJdQIrWvJUSHpganZwY_nKFj_dhMNz8X1EGuxzTgBDAZh-tXP9ZNkQSD4_DOfAjYB19aQ4EqoFhL5DU7AUnrewoUcrA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
72214329
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame A8DA
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
URL: https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 11:15:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
47793
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 11:15:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame A8DA
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
URL: https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 11:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
47966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 11:12:41 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A8DA
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
URL: https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:42:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
20990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Jan 2025 18:42:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A8DA
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
URL: https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:32:07 GMT
didna-pix.gif
didna.b-cdn.net/ Frame BE12
807 B
1 KB
Image
General
Full URL
https://didna.b-cdn.net/didna-pix.gif?ref_id=2054
Requested by
Host: nordot.app
URL: blob:https://nordot.app/9f9d97de-5a05-4668-9dbf-560c206590d1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-845 /
Resource Hash
48c0c0652213b10729997c6c43dcbce4f18f36d011c0ed2dbfd4006808e80569

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:08 GMT
cdn-edgestorageid
718
cdn-storageserver
NY-346
cdn-cachedat
01/31/2024 00:32:08
cdn-pullzone
1025274
content-length
807
last-modified
Fri, 06 Jan 2023 17:03:05 GMT
server
BunnyCDN-IL1-845
cdn-fileserver
427
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
image/gif
cdn-cache
BYPASS
cdn-uid
296f49c8-4088-4b56-b4a4-a6b6d3fc5d40
cache-control
public, max-age=0
cdn-requestid
ef41f6dd39fc30109f8e4b5237758608
accept-ranges
bytes
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame BE12
2 KB
1 KB
Fetch
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240130
Requested by
Host: nordot.app
URL: blob:https://nordot.app/5c00a389-6bdb-48f5-8636-d21f483eee53
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49b0decbc87abc0c5fe97f8928eeff5f7bf1735e612edd1fbdfcff12839e5d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 Jan 2024 00:32:07 GMT
x-content-type-options
nosniff
content-encoding
br
age
30679
x-jsd-version
1.0.1951
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
836
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4553-YYZ
x-jsd-version-type
version
etag
W/"637-/AnL0uW+hrzqMl9FIchA6lB7jS4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
adchoices.css
content.quantcount.com/adchoices/ Frame A6A4
4 KB
1 KB
Stylesheet
General
Full URL
https://content.quantcount.com/adchoices/adchoices.css
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-78.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a2982d1f827e63af430413250f64336eb291d3c88c91533ea3c4a556e3107b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 12:36:28 GMT
content-encoding
gzip
via
1.1 8422f3871db2552d4ad0cc9f31e22c2e.cloudfront.net (CloudFront)
last-modified
Thu, 09 Feb 2023 15:59:30 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
42940
etag
W/"e9cda1f80f07c09ccf744883048aefa7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cross-origin-resource-policy
cross-origin
x-amz-cf-id
JiM48ZGBjOZq-wPJPq9htfw_ZuNoNvdJ-kg62cgx5XPhgmB5xaOl8w==
p-9fYuixa7g_Hm2.gif
pixel.quantcount.com/pixel/ Frame A6A4
35 B
210 B
Image
General
Full URL
https://pixel.quantcount.com/pixel/p-9fYuixa7g_Hm2.gif?labels=_qc.spend,_qc.image.imp&rtbdata2=EAM6Emh0dHBzOi8vbm9yZG90LmFwcFokRk5JYktoM1dHVllfcGdCWElNUWJDeEwySXdNMDN3bjVsVms9gAHFsLqCAboBAMAB2I8NyAGjubjn1THaASVCNDgzRUI3MC04Q0ZBLTQyN0MtOEU3Ni00RkVBNDkxRERGNkJCsAIOyAIA0ALO4Yb7-J_3zKkB6AIX8gIOCMPJLhDUv73nr-mZ0HTyAgwIFxDYpoWk75vO0yj4AgCKAwYxNjIxMTCYAwCoAwCyAwSmAM0EugMSCZtHJVv-nMEpEemxMZBUDRutwgMSCTdGrFx8JEdIEYLICLy4xYmUyAPAgMAT2APHnQPiAw9wLTFSWXhlUFhUOWJDUzLqAwYIrAIQ2ATyAwloM2glMjAwYTH4AwCABLACigQCNzeaBBIJgk_186Hbn6YRTgLU6Qp__riiBBIJm0clW_6cwSkR6bExkFQNG62qBBIJm0clW_6cwSkR6bExkFQNG624BNAF0AQT8gQCQ0GABQGKBSoyMGRlYmU3NGU4ZmJhOTFlOWIzOWRmNjliMjM3NjcxNmFhMjAyY2JkMGKQBQGaBRUg3r506PupHps532myN2cWqiAsvQuiBSRGTkliS2gzV0dWWV9wZ0JYSU1RYkN4TDJJd00wM3duNWxWaz24BQDABajHqM8EyAWpmagE0gUGCAIQBBgD6AUFmgYUChIJgk_186Hbn6YRTgLU6Qp__rigBgCoBv3omL0DtQZyQMg3ugY-CgJDQRICUUMYrswHIghtb250cmVhbCoJaDNoJTIwMGExOhthY2UlMjBkYXRhJTIwY2VudGVycyUyMGluYy7JBuUQNqO0CI0B
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:08 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
adc.png
content.quantcount.com/adchoices/img/ Frame A6A4
2 KB
2 KB
Image
General
Full URL
https://content.quantcount.com/adchoices/img/adc.png
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-78.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b80e0a9102663e7bdec1f8dc01741171d9e8b40603550b6adbdef141e65fc811

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 11:12:52 GMT
via
1.1 8422f3871db2552d4ad0cc9f31e22c2e.cloudfront.net (CloudFront)
last-modified
Thu, 09 Feb 2023 15:59:27 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
47956
etag
"be8b83ebe85cdd616b60a6877191ce5a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
1828
x-amz-cf-id
mEQ2jWxyhWlfU8Glnm-WcuqtW0oBAyzSgLQ6Pk8HCgyG5abAT6Geqg==
moatad.js
z.moatads.com/quantcastv2691176990399/ Frame A6A4
330 KB
112 KB
Script
General
Full URL
https://z.moatads.com/quantcastv2691176990399/moatad.js
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.58.25 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-58-25.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e057d4a0ee850afecffa3ffc2eb8fa7cd9bf772bab8a0444ac2cb36ef11a5d61

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 09:38:41 GMT
server
AmazonS3
x-amz-request-id
D63AZHXQTFRCZRQX
etag
"b150dda96421432b2f4387aa47b7e0e8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=24663
accept-ranges
bytes
content-length
114455
x-amz-id-2
ShkahHBgU/jSXUya+McAk3gemMWlG0eWae6kRjKLl7iHYK/bqCVAW4WDnQ+quCitdc+CB57HnQ4=
widget.serverless.js
static.vidazoo.com/basev/wgt/odin/1.0.10/ Frame A6A4
262 KB
70 KB
Script
General
Full URL
https://static.vidazoo.com/basev/wgt/odin/1.0.10/widget.serverless.js
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:08 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
9E7FZ1ET338E0J5R
age
39132
x-amz-server-side-encryption
AES256
content-length
70852
x-amz-id-2
LZeVsQHMAuPCSN7YeMBgyiNxIN7OeN24qaj5NBkBiR6IgKXRt4Rg85j8lJQHGCD5D2d/T/G034o=
last-modified
Mon, 11 Dec 2023 13:38:32 GMT
server
cloudflare
etag
"27538843fc57404597664b8d102647cd"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84dddb165bc139f3-YYZ
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Thu, 01 Feb 2024 00:32:08 GMT
p-1RYxePXT9bCS2.gif
exch.quantserve.com/pixel/ Frame A6A4
35 B
352 B
Image
General
Full URL
https://exch.quantserve.com/pixel/p-1RYxePXT9bCS2.gif?&media=ad&p=0.215000&r=147401&rand=52935&labels=_qc.imp,_imp.adserver.rtb,_imp.qccampaign.0,_imp.flight.0,_imp.lineitem.0&rtbip=192.184.73.57&rtbdata2=EAM6Emh0dHBzOi8vbm9yZG90LmFwcFokRk5JYktoM1dHVllfcGdCWElNUWJDeEwySXdNMDN3bjVsVms9gAHFsLqCAboBAMAB2I8NyAGjubjn1THaASVCNDgzRUI3MC04Q0ZBLTQyN0MtOEU3Ni00RkVBNDkxRERGNkJCsAIOyAIA0ALO4Yb7-J_3zKkB6AIX8gIOCMPJLhDUv73nr-mZ0HTyAgwIFxDYpoWk75vO0yj4AgCKAwYxNjIxMTCYAwCoAwCyAwSmAM0EugMSCZtHJVv-nMEpEemxMZBUDRutwgMSCTdGrFx8JEdIEYLICLy4xYmUyAPAgMAT2APHnQPiAw9wLTFSWXhlUFhUOWJDUzLqAwYIrAIQ2ATyAwloM2glMjAwYTH4AwCABLACigQCNzeaBBIJgk_186Hbn6YRTgLU6Qp__riiBBIJm0clW_6cwSkR6bExkFQNG62qBBIJm0clW_6cwSkR6bExkFQNG624BNAF0AQT8gQCQ0GABQGKBSoyMGRlYmU3NGU4ZmJhOTFlOWIzOWRmNjliMjM3NjcxNmFhMjAyY2JkMGKQBQGaBRUg3r506PupHps532myN2cWqiAsvQuiBSRGTkliS2gzV0dWWV9wZ0JYSU1RYkN4TDJJd00wM3duNWxWaz24BQDABajHqM8EyAWpmagE0gUGCAIQBBgD6AUFmgYUChIJgk_186Hbn6YRTgLU6Qp__rigBgCoBv3omL0DtQZyQMg3ugY-CgJDQRICUUMYrswHIghtb250cmVhbCoJaDNoJTIwMGExOhthY2UlMjBkYXRhJTIwY2VudGVycyUyMGluYy7JBuUQNqO0CI0B&fpan=0&fpa=I0-81268602-1706661127175&d=nordot.app&et=1706661127175&sr=1600x1200x24&tzo=480
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date
Wed, 31 Jan 2024 00:32:08 GMT
cache-control
private, no-transform, max-age=604800
strict-transport-security
max-age=86400
content-type
image/gif
content-length
35
expires
Wed, 07 Feb 2024 00:32:08 GMT
map
bcp.crwdcntrl.net/6/
156 B
609 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.216.238.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-238-183.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1049c5e95e167b0736954f907484f59f0c328eebcccebdeb14ba8ed90be33698

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nordot.app
cache-control
no-cache
x-server
10.40.49.16
access-control-allow-credentials
true
content-length
156
expires
0
quant.js
secure.quantserve.com/ Frame 072A
23 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:08 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 07 Feb 2024 00:32:08 GMT
beacon.js
sb.scorecardresearch.com/ Frame 072A
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-76.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:29:57 GMT
content-encoding
gzip
via
1.1 40e88829293f7e9afcbac975ca8a2f7a.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
age
61571
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
43tQc3dS4R1UhZP2FOvjIodSEQLUPZC2ka9LFipviW9WfsXxXk6cWg==
encrypt
esp.rtbhouse.com/
221 B
494 B
Fetch
General
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
1b3bae37878a9bc1eb731a1e0301a86788e62b15217c2d055a0748a4a1498f58

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
24f0f34edabdf6bf1e34cb861718ad29
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/
0
226 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
khaos.json
token.rubiconproject.com/ Frame B353
7 B
777 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
truncated
/ Frame A8DA
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b92c5ad2e393a354c1779d0aecf19deb5dc6608444d3b68c00b1d2d4971283fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 954C
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:32:07 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 954C
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:32:07 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 954C
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 25 Jan 2025 00:32:07 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 954C
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 25 Jan 2025 00:32:07 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 954C
43 B
348 B
Image
General
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=b4EsCpfWwOSKLP3wUx8L0aTo9tdWOKtizDvQnmpYsMFVoiEDtJBvKb1G4vd_QtFAXRMqMo_3zZCiGd5oJp5jOk-UB6qijxmI256xjfQfjPf_OqZ1vLdPbtIJ7pcfyXWB0Lu_s9ZucPcr_L2cS9iPByPM7Pg_461xgRrbn0GXRD4pJlUp7Ld88lCt6TF0FIHGAmS6VOsliVA-n7FC1PPezoPNw_vMmUlNGxNf6-07HHwhsAX8luv4Ivp5iZcPwW6O9noRxS8MwCuVKv9s1j_jFykoNSIficJ15P56pE2AQfbWZkuU9miabVU9uvz2V87mxD62sAsCVI7umfrWeCtDAdeU7nB5CM1m0uIhMLz89DxEvMFRzP2rKy6j3ofewT7xEbTRRBCJD7aM4RXKozHs76vhCwpVx71ZM6d78AYCNPLD8Fwhff96wuVFpw8AzX8BmA2SAQ
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1799935
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 954C
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5243317
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgPXIbvfx%2BSbFDHF2C3tufVdQUPI2ViAlUtHOIJzvrtEOd5wOluuoevczQkxgBodHWri47%2FJ7UBrNXn5tigxxT8aV9XkOMLfDnCJjgtgaZuhjBmDzA2NiwO87zfoFTNiaOIueWrpk1%2BvapkdvlVnCM6c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84dddb1109633972-YYZ
expires
Mon, 20 Jan 2025 00:32:07 GMT
animejs.js
static.criteo.net/animejs/ Frame 954C
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:32:07 GMT
/
servedby.flashtalking.com/imp/8/225291;7892527;201;jsappend;QuantcastAdobeDyn;QuantcastFY24AcrobatPSPDirectPaidDynamicCookielessCADSKBAN300x600/ Frame A6A4
3 KB
2 KB
Script
General
Full URL
https://servedby.flashtalking.com/imp/8/225291;7892527;201;jsappend;QuantcastAdobeDyn;QuantcastFY24AcrobatPSPDirectPaidDynamicCookielessCADSKBAN300x600/?ft_custom=sr_ZgLXJ1oPds6L1sabVgcfIzIu1vNeexM2k8sSy0Pe0zdfxsrVbld8=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fnordot.app%2F1103463313237606400&gdpr=0&ftClick=https://exch.quantserve.com/r?&a=p-1RYxePXT9bCS2&labels=_qc.clk,_click.adserver.rtb,_click.rand.52935&rtbip=192.184.73.57&rtbdata2=EAM6Emh0dHBzOi8vbm9yZG90LmFwcFokRk5JYktoM1dHVllfcGdCWElNUWJDeEwySXdNMDN3bjVsVms9gAHFsLqCAboBAMAB2I8NyAGjubjn1THaASVCNDgzRUI3MC04Q0ZBLTQyN0MtOEU3Ni00RkVBNDkxRERGNkJCsAIOyAIA0ALO4Yb7-J_3zKkB6AIX8gIOCMPJLhDUv73nr-mZ0HTyAgwIFxDYpoWk75vO0yj4AgCKAwYxNjIxMTCYAwCoAwCyAwSmAM0EugMSCZtHJVv-nMEpEemxMZBUDRutwgMSCTdGrFx8JEdIEYLICLy4xYmUyAPAgMAT2APHnQPiAw9wLTFSWXhlUFhUOWJDUzLqAwYIrAIQ2ATyAwloM2glMjAwYTH4AwCABLACigQCNzeaBBIJgk_186Hbn6YRTgLU6Qp__riiBBIJm0clW_6cwSkR6bExkFQNG62qBBIJm0clW_6cwSkR6bExkFQNG624BNAF0AQT8gQCQ0GABQGKBSoyMGRlYmU3NGU4ZmJhOTFlOWIzOWRmNjliMjM3NjcxNmFhMjAyY2JkMGKQBQGaBRUg3r506PupHps532myN2cWqiAsvQuiBSRGTkliS2gzV0dWWV9wZ0JYSU1RYkN4TDJJd00wM3duNWxWaz24BQDABajHqM8EyAWpmagE0gUGCAIQBBgD6AUFmgYUChIJgk_186Hbn6YRTgLU6Qp__rigBgCoBv3omL0DtQZyQMg3ugY-CgJDQRICUUMYrswHIghtb250cmVhbCoJaDNoJTIwMGExOhthY2UlMjBkYXRhJTIwY2VudGVycyUyMGluYy7JBuUQNqO0CI0B&redirecturl3=&site_url=nordot.app&cachebuster=218943.04148926726
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.41.210 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-41-210.deploy.static.akamaitechnologies.com
Software
prod-xre-app10.ash11 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:08 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app10.ash11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1729
Expires
Wed, 31 Jan 2024 00:32:08 GMT
1ccdc96a10814ce19f0b5b19ef8cc44b_ProximaNovaSoft-Semibold.woff
static.criteo.net/design/dt/ Frame 954C
0
0

n.js
mb.moatads.com/
111 B
187 B
Script
General
Full URL
https://mb.moatads.com/n.js?e=35&ol=529631258&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wD7qAnPFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-u3LFnnduOmx%2BSA%3D%3D&sc=1&os=1-oQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=QUANTCAST3&hp=1&wf=1&ra=1&pxm=1&sgs=3&vb=5&cm=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1706661127814&de=894758821354&m=0&ar=0c7a73c5c3d-clean&iw=ac07d2e&q=2&cb=0&ym=0&cu=1706661127814&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=p-1RYxePXT9bCS2%3Aqfm%3A29c19cfe-5b25-479b-ad1b-0d549031b1e9%3A4847247c-5cac-4637-9489-c5b8bc08c882&cadf=-&zGSRC=1&gu=https%3A%2F%2Fnordot.app%2F1103463313237606400&id=1&ii=4&bo=nordot.app&bd=-&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=quantcastv2691176990399&fd=1&it=500&ti=0&ih=2&pe=1%3A937%3A937%3A0%3A1631&jk=-1&jm=-1&fs=205668&na=784883257&cs=0&ord=1706661127814&jv=826506007&callback=DOMlessLLDcallback_97759789
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/quantcastv2691176990399/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.143.41 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:17 GMT
server
istio-envoy
etag
"802807753952f2568253912e83614a303d12d004"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
19
timing-allow-origin
*
content-length
111
v2
mb.moatads.com/s/
141 B
319 B
Script
General
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fnordot.app%2F1103463313237606400&pcode=quantcastv2691176990399&ord=1706661127814&jv=1361248618&callback=BrandSafetyNadoscallback_97759789
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/quantcastv2691176990399/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.143.41 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:17 GMT
server
istio-envoy
etag
"627f99cc5a20bcb84466d9e59bd02f07a006326b"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
12
timing-allow-origin
*
content-length
141
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
210 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&ctr=0&campaign=qfm&lineitem=29c19cfe-5b25-479b-ad1b-0d549031b1e9&creative=4847247c-5cac-4637-9489-c5b8bc08c882&uid=sr_ZgLXJ1oPds6L1sabVgcfIzIu1vNeexM2k8sSy0Pe0zdfxsrVbld8&url=nordot.app&gdpr=&gdpr_consent=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:17 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
210 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&ctr=1&campaign=qfm&lineitem=29c19cfe-5b25-479b-ad1b-0d549031b1e9&creative=4847247c-5cac-4637-9489-c5b8bc08c882&uid=sr_ZgLXJ1oPds6L1sabVgcfIzIu1vNeexM2k8sSy0Pe0zdfxsrVbld8&url=nordot.app&gdpr=&gdpr_consent=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:17 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame F44C
39 KB
15 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.209.57.14 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-57-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32608
content-encoding
gzip
content-length
14529
content-type
text/html
date
Wed, 31 Jan 2024 00:32:17 GMT
expires
Wed, 31 Jan 2024 09:35:45 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame 8A0A
0
91 B
Document
General
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=162110&siteId=973260&adId=4557769&imprId=98F88AD0-CC0E-4420-87CB-230219B79AFB&cksum=1838345C6AC02D96&adType=10&adServerId=243&kefact=0.215000&kaxefact=0.215000&kadNetFrequecy=0&kadwidth=300&kadheight=600&kadsizeid=26&kltstamp=1706661125&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.215000&dcId=2&tldId=0&passback=0&svr=BIDNYC30560&adsver=_1010669755&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=BZW5ZTqTBACkkp2u6PBwGe5RQUyY4cQ4AjEI-DrSRUG15IDq&ekaxefact=BZW5ZUyTBABo5hm6nNwlPV_4a6Ep_C4IV0kWeaiDDheflvjs&ekpbmtpfact=BZW5ZVuTBACq-Kli6fvMyH47SkXgf2O90X30YXQ5EjScfa5Q&enpp=BZW5ZWaTBAD0mxJz7Gx1wX1OXZJfZktF_P7xV85a-Gjq9p5D&pfi=1&domId=6233279978275228202&dc=NYC3&pubBuyId=48503&crID=4847247c-5cac-4637-9489-c5b8bc08c882&lpu=adobe.com&ucrid=3375697961946929607&wAdType=10&campaignId=19420&creativeId=0&pctr=0.000000&wDSPByrId=77&wDspId=153&wbId=0&wrId=0&wAdvID=1823&wDspCampId=29c19cfe-5b25-479b-ad1b-0d549031b1e9&isRTB=1&rtbId=B483EB70-8CFA-427C-8E76-4FEA491DDF6BB&burl=https%3A%2F%2Fus-east-pubmatic-rtb.quantserve.com%3A8443%2Fpubmatic_openrtb_notify%3FauctionId%3DB483EB70-8CFA-427C-8E76-4FEA491DDF6BB%26winPrice%3D0.215000%26rtbdata2%3DEAM6Emh0dHBzOi8vbm9yZG90LmFwcFokRk5JYktoM1dHVllfcGdCWElNUWJDeEwySXdNMDN3bjVsVms9gAHFsLqCAboBAMAB2I8NyAGjubjn1THaASVCNDgzRUI3MC04Q0ZBLTQyN0MtOEU3Ni00RkVBNDkxRERGNkJCsAIOyAIA0ALO4Yb7-J_3zKkB6AIX8gIOCMPJLhDUv73nr-mZ0HTyAgwIFxDYpoWk75vO0yj4AgCKAwYxNjIxMTCYAwCoAwCyAwSmAM0EugMSCZtHJVv-nMEpEemxMZBUDRutwgMSCTdGrFx8JEdIEYLICLy4xYmUyAPAgMAT2APHnQPiAw9wLTFSWXhlUFhUOWJDUzLqAwYIrAIQ2ATyAwloM2glMjAwYTH4AwCABLACigQCNzeaBBIJgk_186Hbn6YRTgLU6Qp__riiBBIJm0clW_6cwSkR6bExkFQNG62qBBIJm0clW_6cwSkR6bExkFQNG624BNAF0AQT8gQCQ0GABQGKBSoyMGRlYmU3NGU4ZmJhOTFlOWIzOWRmNjliMjM3NjcxNmFhMjAyY2JkMGKQBQGaBRUg3r506PupHps532myN2cWqiAsvQuiBSRGTkliS2gzV0dWWV9wZ0JYSU1RYkN4TDJJd00wM3duNWxWaz24BQDABajHqM8EyAWpmagE0gUGCAIQBBgD6AUFmgYUChIJgk_186Hbn6YRTgLU6Qp__rigBgCoBv3omL0DtQZyQMg3ugY-CgJDQRICUUMYrswHIghtb250cmVhbCoJaDNoJTIwMGExOhthY2UlMjBkYXRhJTIwY2VudGVycyUyMGluYy7JBuUQNqO0CI0B%26notificationType%3Dbilling%26labels%3D_qc.notification&pmr_m=BZW5ZXuTBAA_maoMI66d68e6Vb84Dr_y_uw9bXmE4WO2PvPZ&mdsp=BZW5ZY-TBAB8-tyjBRsvhIvmqKJHCho8bQyTaZmj-79ruiXY&ver=18&dateHr=2024013100&usrgen=0&usryob=0&layeringebl=1&oid=98F88AD0-CC0E-4420-87CB-230219B79AFB&country=CA&cntryId=232&sec=1&pAuSt=2&wops=0&sURL=nordot.app&BrID=5&oiabdvt=2
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.36 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 31 Jan 2024 00:32:17 GMT
expires
0
pragma
no-cache
dyex
track.kueezssp.com/ Frame A6A4
0
433 B
Ping
General
Full URL
https://track.kueezssp.com/dyex?x=1&prx=0&beacon=1&_=1706661125356
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pH1LvEd%2FN17QtxuOPmfFKNuUgNCRr0QCsMHlwKTphv5eCAXIu6BVSMWWYBr%2FbOuM%2BQ7rw%2B0RGz84as7U2FxF1g9dXdZS7S4uQEdFz3e%2BB%2FZO55Q2W%2Be%2F6%2B6ULEYImdPQ1KvvLBpdUSZDFgc4P0Q5UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
cf-ray
84dddb506ae436b3-YYZ
dyex
gtrack.kueezssp.com/ Frame A6A4
0
426 B
Ping
General
Full URL
https://gtrack.kueezssp.com/dyex?x=1&prx=0&beacon=1&_=1706661125356
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQXmMZ5YoY4H%2F0YcbHKUaCTyZ%2F3QgS3oD9T%2BoBOpgTsxboEcgcVPGDsn3AZ%2FB%2FzP2JMJ0XUy%2FpjBrGFrkujrBPry6ZF21sjgL5ebhgyNp5CFkiEfj5C5NE934q3qg18V13j8ip5Vy4qVNV0IQQfSzxA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
cf-ray
84dddb50783236a7-YYZ
aggregate_beacon
bisrtb.cootlogix.com/ Frame A6A4
0
183 B
Ping
General
Full URL
https://bisrtb.cootlogix.com/aggregate_beacon
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:19f0:5:56cf:5400:4ff:fea4:3dcd Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 00:32:18 GMT
content-type
text/plain
access-control-allow-headers
*
content-length
0
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
truncated
/ Frame A6A4
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30c705961d9ad2a8cd4baf66c9256f75cdc7c37f8751044cf0ade69b266142f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
img
imageproxy.us.criteo.net/img/ Frame 954C
29 KB
30 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=496&m=0&partner=67694&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F64519%2F220707%2F0f1baf9583584f76909a9285b2e62735_new_800_x_800_logo-transparentbckgrnd.png&v=3&w=356&rid=4&s=JcjEoKrl16Whco_t_fdcv1q1
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
30021
expires
Tue, 31 Dec 2024 00:38:58 GMT
img
imageproxy.us.criteo.net/img/ Frame 954C
13 KB
14 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F4723%2Ftn-4723-m.png&v=3&w=400&rid=4&s=VPM0tcIHlfB8EuejP6k1fhqZ&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13724
expires
Fri, 03 Jan 2025 20:09:01 GMT
img
imageproxy.us.criteo.net/img/ Frame 954C
19 KB
20 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F9363%2Ftn-9363-m.png&v=3&w=400&rid=4&s=f6Wt74BGHRlZYJLbiFfcqxcA&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
19750
expires
Wed, 11 Dec 2024 19:29:49 GMT
img
imageproxy.us.criteo.net/img/ Frame 954C
23 KB
23 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F9554%2Ftn-9554-m.png&v=3&w=400&rid=4&s=GmXYNWa3Q4dQhv-L7uPwvpoG&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
23688
expires
Mon, 23 Dec 2024 00:40:03 GMT
img
imageproxy.us.criteo.net/img/ Frame 954C
22 KB
22 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F4179%2Ftn-4179-m.png&v=3&w=400&rid=4&s=JsogxAZsXOI4aTP9JXK8kV0k&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
22611
expires
Sat, 21 Dec 2024 19:47:54 GMT
img
imageproxy.us.criteo.net/img/ Frame 954C
22 KB
22 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F8960%2Ftn-8960-m.png&v=3&w=400&rid=4&s=hZhqGl-4f0PqSbIPBO9Bb7ps&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
22714
expires
Wed, 15 Jan 2025 03:08:30 GMT
all
csm.us.criteo.net/ Frame 954C
0
128 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=dD8GzIdZE_Ax8bGCuF4fp7tP5__6O-JedpqIHW6176QSC4BVyaOhxZ55tMYxElBL8bzJzbWecyvaP72haFuulhvpTVWLPpz3XVwGHH5CuPtBFrTC6NUA7Y4MW2g5XV2SqP5RIRdbFfNKEEW9m26pZGhx_oX0oa53a-m70beormMYJdQIrWvJUSHpganZwY_nKFj_dhMNz8X1EGuxzTgBDAZh-tXP9ZNkQSD4_DOfAjYB19aQ4EqoFhL5DU7AUnrewoUcrA&sds=2&rev=90409&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 00:32:18 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 954C
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:32:17 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 954C
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:32:17 GMT
ecm3
s.amazon-adsystem.com/ Frame B353
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LS11YW6R-I-KBWL
  • https://s.amazon-adsystem.com/ecm3?id=LS11YW6R-I-KBWL&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LS11YW6R-I-KBWL&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CTDA7XZ9S1322G5GZH2N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LS11YW6R-I-KBWL&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
p-7JZADCG8mFkvS.gif
pixel.quantserve.com/pixel/
35 B
210 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-7JZADCG8mFkvS.gif?inventoryType=display&event=inview5orgreater&campaign=qfm&lineitem=29c19cfe-5b25-479b-ad1b-0d549031b1e9&creative=4847247c-5cac-4637-9489-c5b8bc08c882&uid=sr_ZgLXJ1oPds6L1sabVgcfIzIu1vNeexM2k8sSy0Pe0zdfxsrVbld8&url=nordot.app&gdpr=&gdpr_consent=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:18 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
event
log.nordot.jp/
0
72 B
Ping
General
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::79 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-cloud-trace-context
12f63723188c1eb730f8e82dfaf6acbb
date
Wed, 31 Jan 2024 00:32:18 GMT
server
Google Frontend
content-length
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame A8DA
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu71tzUWTEHM0q1JA4La4ppV8aouozpsffO8nRahqIc5H_yRyV2_d2kToP8deisFkCePwgcCJpdK5qXO0MyNOANY1k4efDaMPHTeQH-HL0WzhB1ZkYAOeo_RoBEszUjkCY&sig=Cg0ArKJSzNlWBRWJzHxmEAE&id=lidar2&mcvt=10199&p=114,315,364,1285&mtos=10199,10199,10199,10199,10199&tos=10199,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2439979591&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170666112700&rst=1706661126697&rpt=1058&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 5ECA
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1&pbt=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 31 Jan 2024 00:32:17 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
219372
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0&b=1&g=oxfV3EvO8zIZ85Ww5JlbjgF250zhSWAy%2FX4yEH5epbs%3D
42 B
94 B
Fetch
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0&b=1&g=oxfV3EvO8zIZ85Ww5JlbjgF250zhSWAy%2FX4yEH5epbs%3D
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 31 Jan 2024 00:32:17 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://nordot.app
location
https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0&b=1&g=oxfV3EvO8zIZ85Ww5JlbjgF250zhSWAy%2FX4yEH5epbs%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1&pbt=1
  • https://mug.criteo.com/sid?cpp=_xuLP3xqZUZEa0F1UTJQUEp3SnNPUkZ0SXAycjFnV0FPdUFIellzQlJGN2lzNFZkL0czUUI1aFpkQzVqTll2V2Y3YzlzU0RDTTRhWEZXUUxMRHZQZHBkdkluZHZzV3BSK2ZXblB1MVpMSmxSNGFYbDJVaWhYZlJHTDVaTy...
0
0

f
fid.agkn.com/
151 B
683 B
Fetch
General
Full URL
https://fid.agkn.com/f?apiKey=2086764725&r=https%3A%2F%2Fnordot.app%2F1103463313237606400
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.40.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-40-160.compute-1.amazonaws.com
Software
AAWebServer /
Resource Hash

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:18 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
prebid
id5-sync.com/api/config/
135 B
411 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/
0
0

sync
cookies.nextmillmedia.com/ Frame A619
3 KB
3 KB
Document
General
Full URL
https://cookies.nextmillmedia.com/sync?type=iframe
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.143.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-143-64.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
2981
content-type
text/html
date
Wed, 31 Jan 2024 00:32:18 GMT
server
fasthttp
/
sync.kueezrtb.com/api/sync/iframe/ Frame 422C
4 KB
5 KB
Document
General
Full URL
https://sync.kueezrtb.com/api/sync/iframe/?cid=65686dbe623fb8a7bb1324d7&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.230.101 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
3876
content-type
text/html
date
Wed, 31 Jan 2024 00:32:18 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
/
onetag-sys.com/usync/ Frame C509
2 KB
863 B
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1706661125298
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2493
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
68719
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 31 Jan 2024 00:32:18 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
471, 115436
X-Served-By
cache-lga13626-LGA, cache-yyz4555-YYZ
X-Timer
S1706661138.410190,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 3F2F
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jan 2024 00:32:18 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 53D2
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.209.57.14 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-57-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32575
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 31 Jan 2024 00:32:18 GMT
expires
Wed, 31 Jan 2024 09:35:13 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
iframe
sync.colossusssp.com/ Frame CDCB
2 KB
1 KB
Document
General
Full URL
https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.155.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 31 Jan 2024 00:32:18 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=ShareThrough&rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DYnUBs5Yz9Zqjy9VCcoCxquFP%26source_user_id%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=ShareThrough&rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DYnUBs5Yz9Zqjy9VCcoCxquFP%26source_user_id%3D_wfivefivec_
  • https://match.sharethrough.com/sync/v1?source_id=YnUBs5Yz9Zqjy9VCcoCxquFP&source_user_id=VX5hLpFy1RuYwz5
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=YnUBs5Yz9Zqjy9VCcoCxquFP&source_user_id=VX5hLpFy1RuYwz5
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
44.209.113.136 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:18 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-09cb1d367238a2607@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://match.sharethrough.com/sync/v1?source_id=YnUBs5Yz9Zqjy9VCcoCxquFP&source_user_id=VX5hLpFy1RuYwz5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiesyncredir
bttrack.com/pixel/
35 B
306 B
Image
General
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DFGhqNjC2WnFmmvNpTL32LMME%26source_user_id%3D%7Bglobalid%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.69 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-servername
Track002-iad
pragma
no-cache
date
Wed, 31 Jan 2024 00:31:33 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/sharethrough/67da6740-6fc0-4f1f-83ef-744aa7382da1?gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-BvJWzJ5E2oPEs77gZ7myT_IcfJz4VEGEGaCek_DT0NnL~A
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-BvJWzJ5E2oPEs77gZ7myT_IcfJz4VEGEGaCek_DT0NnL~A
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
44.209.113.136 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Wed, 31 Jan 2024 00:32:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://match.sharethrough.com/sync/v1?source_id=BVbSRuzbUWjBEF6bQrmLHKkX&source_user_id=y-BvJWzJ5E2oPEs77gZ7myT_IcfJz4VEGEGaCek_DT0NnL~A
content-length
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5c046258-80c8-451b-abf9-ade2d747e398&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5c046258-80c8-451b-abf9-ade2d747e398&gdpr=0&gdpr_consent=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
44.209.113.136 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5c046258-80c8-451b-abf9-ade2d747e398&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 00:32:19 GMT
server
Kestrel
content-length
323
sync
ssbsync.smartadserver.com/api/
0
0
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.94.212 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

PugMaster
image6.pubmatic.com/AdServer/ Frame 5ECA
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28014485&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 31 Jan 2024 00:32:16 GMT
content-length
1564
content-type
text/html; charset=UTF-8
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 31 Jan 2024 00:32:18 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
239489
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame 6B68
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0&b=1&g=tur0ldvlKNQe8AmghpEmJYj5BFyQLtcFRJG00%2FsMXQg%3D
42 B
94 B
Fetch
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0&b=1&g=tur0ldvlKNQe8AmghpEmJYj5BFyQLtcFRJG00%2FsMXQg%3D
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 31 Jan 2024 00:32:17 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://nordot.app
location
https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0&b=1&g=tur0ldvlKNQe8AmghpEmJYj5BFyQLtcFRJG00%2FsMXQg%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/ Frame 6B68
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1
  • https://mug.criteo.com/sid?cpp=3r77S3xnVjM1VUd6Zk1QekxUL3VUVXJSZkRTelRqSTVmbWtBSEVxMW4vR2JFSDdTUXoweWlBVXczUXd2SUlTL3JQczFiSnFaQitXV3llS1g1S3VrNE04VXZpYlRNblV0R0F3MlBOUWV5WUVXYU41Q3p2d05JeE9iaklnbU...
0
0

f
fid.agkn.com/ Frame 6B68
151 B
681 B
Fetch
General
Full URL
https://fid.agkn.com/f?apiKey=2086764725&r=https%3A%2F%2Fnordot.app%2F1103463313237606400
Requested by
Host: nordot.app
URL: blob:https://nordot.app/3a949536-d1db-4bef-a9e1-8a81fb28d4ef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.40.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-40-160.compute-1.amazonaws.com
Software
AAWebServer /
Resource Hash

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:18 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
prebid
id5-sync.com/api/config/ Frame 6B68
135 B
410 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/3a949536-d1db-4bef-a9e1-8a81fb28d4ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1E89
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: nordot.app
URL: blob:https://nordot.app/3a949536-d1db-4bef-a9e1-8a81fb28d4ef
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
68720
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 31 Jan 2024 00:32:18 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
471, 115084
X-Served-By
cache-lga13626-LGA, cache-yyz4557-YYZ
X-Timer
S1706661138.421910,VS0,VE0
view
securepubads.g.doubleclick.net/pcs/ Frame A6A4
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWs6hC-7qJjQSpv8iY5b8ZJIKvw2juuZafBuRB_dyFO0xqANQKb1rSBCTwTd3KIgPog5sCBKb2MERhWdhwHLogvZ-si4UYjv1pKqYCFmAEpLmVeOMMhP986QYzjOZ4Jb6bvV7Oj42GXyGiLsMGq2-Qw0WS4U_AHgwgfbUV7cQibbTsl-GNpdi-4H1OfG7YP4VQkR5tq4zKHWRLh9puwfFIGxIylIpjFbL8YYfuL0K0bPHKq06r9eMlN1SMMRiIvxITYCriusnwVelGMRXXb-1r0jekx-R_qHXsjYVTCUDJzx1y6utB0OxGEGvUxxfkb6kynSe1Pdo8ySexEcQd-1ma5Rkg1GV-xfTGMNoUpSXNaA6fc_AfpgFY3xSp6_VGeUw&sai=AMfl-YSAG1-RC9oY0s9YDS_GSuHjFiwCrY1wPms-3_r1_kSXugrdG7xIXV8dxrqN2PrlW5kfV3wjd4uH6mlw7-l2Pa6VI8MJgGAXu67v-G0W8nFRv52Q4PF05AzPMocsI_wAgAdvyXXg0aeaa5deM0vHVc8j&sig=Cg0ArKJSzKIgqHufW2SoEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 31 Jan 2024 00:32:18 GMT
b2
sb.scorecardresearch.com/ Frame 072A
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=27875916&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706661138128&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20Pu...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=27875916&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706661138128&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20P...
0
225 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=27875916&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706661138128&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c9=https%3A%2F%2Fnordot.app%2F
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Server
18.161.34.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-76.bos50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
via
1.1 40e88829293f7e9afcbac975ca8a2f7a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
BOS50-P2
x-amz-cf-id
wSKvdJwqkov0n86c86XC-t7Dw8xw3x-ofco4_08TMl-gxXkI4XxpMw==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 31 Jan 2024 00:32:18 GMT
via
1.1 40e88829293f7e9afcbac975ca8a2f7a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
BOS50-P2
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=27875916&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706661138128&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c9=https%3A%2F%2Fnordot.app%2F
content-length
0
x-amz-cf-id
gf5b9JXT15jEYi2IgCCwMKGS1A-UCWu7jfMnAzrfXoR-DfaKu-g9pA==
ecm3
s.amazon-adsystem.com/ Frame B353
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LS11YW6R-I-KBWL&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LS11YW6R-I-KBWL&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
78DTKHVVYRWFDSSZQ62E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LS11YW6R-I-KBWL&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e07703167439847c6c49a939083c0fd
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B353
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/BM5wPvGIu_n-cNhFcLJ-fg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-andANupE2oKFvrMcltndPbXtcfK6dST9ye7Kgw--~A
42 B
871 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-andANupE2oKFvrMcltndPbXtcfK6dST9ye7Kgw--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 31 Jan 2024 00:32:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-andANupE2oKFvrMcltndPbXtcfK6dST9ye7Kgw--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame B353
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFMxMVlXNlItSS1LQldM
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAgfo2s17ohbeZdnMAM8qe0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxMVlXNlItSS1LQldM&google_push=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxMVlXNlItSS1LQldM&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxMVlXNlItSS1LQldM&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
Expires
0
pixel
cm.g.doubleclick.net/ Frame B353
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjIxZGI1NzgzZGUwYTUwZDdkYTA1NzM5YTljYTgzMDlhMjFjZmEzOA
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjIxZGI1NzgzZGUwYTUwZDdkYTA1NzM5YTljYTgzMDlhMjFjZmEzOA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjIxZGI1NzgzZGUwYTUwZDdkYTA1NzM5YTljYTgzMDlhMjFjZmEzOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame B353
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aUcDUudUQEi7_LtMkTrSZA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aUcDUudUQEi7_LtMkTrSZA
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aUcDUudUQEi7_LtMkTrSZA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1CY8VMJF1TSDF4E2KT28
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aUcDUudUQEi7_LtMkTrSZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B353
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5c046258-80c8-451b-abf9-ade2d747e398&gdpr=0&gdpr_consent=&expires=30
42 B
871 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5c046258-80c8-451b-abf9-ade2d747e398&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5e07703167439847c6c49a939083c0fd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5c046258-80c8-451b-abf9-ade2d747e398&gdpr=0&gdpr_consent=&expires=30
date
Wed, 31 Jan 2024 00:32:18 GMT
server
Kestrel
content-length
289
setuid
px.ads.linkedin.com/ Frame B353
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS11YW6R-I-KBWL
0
515 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS11YW6R-I-KBWL
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: EF3656992B264D3EB74B39130FCA143A Ref B: YTO01EDGE0717 Ref C: 2024-01-31T00:32:19Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQMwLzmyZAkhdprnONaw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS11YW6R-I-KBWL
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame B353
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NVHRKXQ16R90JR5SGRZE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B353
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKwqvdQjDKgFZZDMjipwCvM&google_cver=1
42 B
871 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKwqvdQjDKgFZZDMjipwCvM&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKwqvdQjDKgFZZDMjipwCvM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B353
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAkHU7LcyoAABNITdS3Zw&expires=30
42 B
871 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAkHU7LcyoAABNITdS3Zw&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f69a50991384d09413b97a37bb74928b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAAkHU7LcyoAABNITdS3Zw&expires=30
Date
Wed, 31 Jan 2024 00:32:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame B353
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS11YW6R-I-KBWL
68 B
280 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS11YW6R-I-KBWL
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
44.209.113.136 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS11YW6R-I-KBWL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e07703167439847c6c49a939083c0fd
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame B353
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LS11YW6R-I-KBWL
0
395 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LS11YW6R-I-KBWL
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.75.198.144 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LS11YW6R-I-KBWL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
82a6cabd8b3f0d2d2ae6e86e2699f0ba
Expires
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame B353
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LS11YW6R-I-KBWL
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS11YW6R-I-KBWL
0
0

merge
ce.lijit.com/ Frame B353
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LS11YW6R-I-KBWL
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LS11YW6R-I-KBWL
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.20.238.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-238-88.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LS11YW6R-I-KBWL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame B353
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LS11YW6R-I-KBWL
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LS11YW6R-I-KBWL
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LS11YW6R-I-KBWL
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B353
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1dcade3b-5e1b-4c73-813a-05195c5ced9b&expires=30
42 B
871 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1dcade3b-5e1b-4c73-813a-05195c5ced9b&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=1dcade3b-5e1b-4c73-813a-05195c5ced9b&expires=30
Date
Wed, 31 Jan 2024 00:32:19 GMT
Connection
keep-alive
X-CI-RTID
899747c1-4278-4b5c-9d71-b2cdec2746bc
Content-Length
144
Content-Type
text/html; charset=utf-8
adagio.js
script.4dex.io/ Frame 6B68
75 KB
24 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:32:18 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
138846
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWOoVmij48ARKZEvpQ8inwVq9hbeyT0hBEYoczaem5dQH5l7EUP87GNhVoz6C%2BtwlGstRQjbfei78Qyw0Vwy5aBUHlvPyi%2BWYTW33uqwhYUe%2FRI8RzyP%2FuTMTfVBrkKBBaox%2BE7eNLtkS7Gv"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
84dddb52aa23711a-YYZ
rules-p-WnvyhEGJaE9Xh.js
rules.quantcount.com/ Frame 072A
160 B
643 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-WnvyhEGJaE9Xh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2105:b600:6:44e3:f8c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 23:33:48 GMT
via
1.1 7d7ca86035bc3bfd0afe842de972bb66.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C3
age
3521
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:48:13 GMT
server
AmazonS3
etag
"be75d26a2b1c32b2802b4df92f1949d9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
djyk9qN65W0Md0KqfiT_8Xwqv9N1x-pXCnMoXLnTVfigEbX3xiglYQ==
610228c027d2e5-17343517.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
12 KB
13 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/610228c027d2e5-17343517.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 30 Jan 2024 06:43:37 GMT
x-content-type-options
nosniff
via
1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
324876
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12768
last-modified
Thu, 08 Jun 2023 15:26:57 GMT
server
cloudflare
etag
"87caf51e62207748c1666859da2f785b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8464628eb9ad72e7-IAD
timing-allow-origin
*
x-amz-cf-id
g4zlO8YpjSG_aQV4XEN7250FYZMdYOeKd5KIr1fP0j2ljHHVqzcd8A==
6557520eb59cf8-34674160.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
21 KB
22 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6557520eb59cf8-34674160.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 -, , ASN (),
Reverse DNS
Software
Cloudinary /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Wed, 24 Jan 2024 09:44:51 GMT
x-content-type-options
nosniff
via
1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
571648
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
21594
last-modified
Mon, 20 Nov 2023 19:36:12 GMT
server
Cloudinary
etag
"01ed87f9627c68fa933dce7595602706"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
bxHjfuIj1bJZvyV2_N0bMvM9UiiDtXzE35mlUzsuei2nDpRj_POSXw==
8e0f4917ef4c3e98fce4b01f686d224e.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
22 KB
23 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/8e0f4917ef4c3e98fce4b01f686d224e.png
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 -, , ASN (),
Reverse DNS
Software
Cloudinary /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Mon, 29 Jan 2024 00:43:35 GMT
x-content-type-options
nosniff
via
1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
172124
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
22431
last-modified
Sat, 17 Jun 2023 12:10:43 GMT
server
Cloudinary
etag
"b8341962516ab40d516f31821c5eede4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
PjWqwfq5r6pBjdo3a73Nf8oUn-9L-T99I_rdrwC4sv-iyrcFDUJrbQ==
https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2Fdf5d40ced0ed9707b8e53902dce7a1fe.webp
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/
11 KB
11 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2Fdf5d40ced0ed9707b8e53902dce7a1fe.webp
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 -, , ASN (),
Reverse DNS
Software
Cloudinary /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Fri, 26 Jan 2024 12:37:25 GMT
x-content-type-options
nosniff
via
1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
395559
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11060
last-modified
Thu, 11 Jan 2024 00:06:18 GMT
server
Cloudinary
etag
"c0c85dc0a3e97e23f11f221d8e4397a1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
m_DfbVxIv2H9NPFoppb-LbgXP0kDUnUCdQrknQr5-l6AXdB7ysUeXQ==
https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2F77d114c6ba1da8d01913e8324ef6e585.webp
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/
8 KB
9 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2F77d114c6ba1da8d01913e8324ef6e585.webp
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 30 Jan 2024 16:27:20 GMT
x-content-type-options
nosniff
via
1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
317111
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
8561
last-modified
Mon, 01 Jan 2024 12:21:22 GMT
server
cloudflare
etag
"eb5905ce8402dd93f488c3427831df44"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8467b978bb70392e-IAD
timing-allow-origin
*
x-amz-cf-id
cctpdvbxge-kbw8yIBeueotfuJG5MgewCmCA6YWsgOSpiqjko9Y1QQ==
https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2Ff7377cb3fc37b35661da40bdad3fe09c.webp
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/
10 KB
11 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2Ff7377cb3fc37b35661da40bdad3fe09c.webp
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 -, , ASN (),
Reverse DNS
Software
Cloudinary /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Thu, 25 Jan 2024 13:49:24 GMT
x-content-type-options
nosniff
via
1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
470575
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
10487
last-modified
Tue, 26 Dec 2023 22:51:29 GMT
server
Cloudinary
etag
"c8007581fc202f2c888646d6ad0b3848"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
rO7R1dctBIxpL2x2Dqp2ijvbBAvGmLiaNcbW-dRqgSBbD6oLDzsFaA==
da216b8a67fda38dd85c6c6626508d81.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
12 KB
12 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/da216b8a67fda38dd85c6c6626508d81.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Fri, 26 Jan 2024 15:08:25 GMT
x-content-type-options
nosniff
via
1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
379434
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11981
last-modified
Fri, 19 Jan 2024 05:14:51 GMT
server
cloudflare
etag
"1c03c172189d671a47c7e3e74058bbe5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
847ffd3e0a563b89-IAD
timing-allow-origin
*
x-amz-cf-id
Oynm9E4qzwaKVaBgzVkGPbGtHWgahpOdt3mQ0WYwTECcZ_3bWUl5sA==
a19801abd26da69b0404a527a72ed30b.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
20 KB
20 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/a19801abd26da69b0404a527a72ed30b.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Fri, 26 Jan 2024 20:51:11 GMT
x-content-type-options
nosniff
via
1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
358868
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
20250
last-modified
Fri, 19 Jan 2024 05:23:03 GMT
server
cloudflare
etag
"751c4e9c6e6a47c5e2d3ac6dda17e1f9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8481f430f8393976-IAD
timing-allow-origin
*
x-amz-cf-id
498cwAHYzuFGbu0GgTWtiCIMVMkQBHEXXpkqKGFL2G1VP4B1CU6yJQ==
d359f98d1dadf882069c8b3972d6b922.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
25 KB
25 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/d359f98d1dadf882069c8b3972d6b922.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 -, , ASN (),
Reverse DNS
Software
Cloudinary /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sun, 28 Jan 2024 04:56:24 GMT
x-content-type-options
nosniff
via
1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
243355
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
25427
last-modified
Sat, 20 Jan 2024 05:59:08 GMT
server
Cloudinary
etag
"9dff5b8e96b4429c25d225c658a86678"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
hfrbH72XtD7B7RuctBphZdM1UQPcOXTL7S9YkFCqicNpvUmDhe7-3A==
7451075262713137e9ddf7d6399ae4e2.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/
12 KB
12 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/7451075262713137e9ddf7d6399ae4e2.jpeg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 -, , ASN (),
Reverse DNS
Software
Cloudinary /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sun, 28 Jan 2024 19:58:28 GMT
x-content-type-options
nosniff
via
1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
189231
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12035
last-modified
Sat, 20 Jan 2024 05:33:51 GMT
server
Cloudinary
etag
"a1247f0a11f7b131718415b870cf0b03"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
gws_zEUaT_Z_4U5Hhu8Vp96ntkDmC7-OIpRV5vRUV8sia3MvA6j43A==
11059515.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto:eco,h_112,w_225,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/cr_videos/169831/
2 KB
3 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto:eco,h_112,w_225,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/cr_videos/169831/11059515.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 -, , ASN (),
Reverse DNS
Software
Cloudinary /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 11:08:49 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
393810
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2206
last-modified
Sat, 11 Nov 2023 01:13:18 GMT
server
Cloudinary
etag
"6b1f635d0ad9a8a0a59c2ee20df36f2c"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
XYOi8iBYRoGSXHfIrfFAAWEJfRwejfbJbcvYUMsUjBOs4omQEGO2bw==
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=b70e2ece-5ded-4ab3-8f5c-b1ec87759b2d&initiator=me&us_privacy=1---&gdpr=0
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=a61c90ad-cbd5-4bfa-9795-b880d4064069&callback=dspCMCallback
90 B
90 B
Image
General
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=a61c90ad-cbd5-4bfa-9795-b880d4064069&callback=dspCMCallback
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
34.225.168.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-168-29.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:32:19 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=a61c90ad-cbd5-4bfa-9795-b880d4064069&callback=dspCMCallback
date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=b70e2ece-5ded-4ab3-8f5c-b1ec87759b2d&initiator=me&us_privacy=1---&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=a61c90ad-cbd5-4bfa-9795-b880d4064069
0
0

pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=b2658cbe-8130-40af-adec-9f7bb2ff9eb2&initiator=me&us_privacy=1---&gdpr=0
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=a61c90ad-cbd5-4bfa-9795-b880d4064069&callback=dspCMCallback
90 B
90 B
Image
General
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=a61c90ad-cbd5-4bfa-9795-b880d4064069&callback=dspCMCallback
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
34.225.168.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-168-29.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:32:19 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=a61c90ad-cbd5-4bfa-9795-b880d4064069&callback=dspCMCallback
date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=b2658cbe-8130-40af-adec-9f7bb2ff9eb2&initiator=me&us_privacy=1---&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=a61c90ad-cbd5-4bfa-9795-b880d4064069
0
0

10839789.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto:eco,h_112,w_225,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/cr_videos/94384/
3 KB
4 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto:eco,h_112,w_225,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/cr_videos/94384/10839789.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.13 -, , ASN (),
Reverse DNS
Software
Cloudinary /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Thu, 25 Jan 2024 12:14:23 GMT
x-content-type-options
nosniff
via
1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
476276
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3387
last-modified
Mon, 23 Oct 2023 11:14:23 GMT
server
Cloudinary
etag
"532aa4f0511de8e120ee0740f10b1e8e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
aY4H5PyVpbaXb-YANelQ1ItD4Ip_h-Lcmt_b9U439kUzrrD15VB3Hg==
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=0c44d82f-de6e-40fe-b0f8-e27a20ac0064&initiator=me&us_privacy=1---&gdpr=0
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=a61c90ad-cbd5-4bfa-9795-b880d4064069&callback=dspCMCallback
90 B
90 B
Image
General
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=a61c90ad-cbd5-4bfa-9795-b880d4064069&callback=dspCMCallback
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
34.225.168.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-168-29.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:32:19 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=a61c90ad-cbd5-4bfa-9795-b880d4064069&callback=dspCMCallback
date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=0c44d82f-de6e-40fe-b0f8-e27a20ac0064&initiator=me&us_privacy=1---&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=a61c90ad-cbd5-4bfa-9795-b880d4064069
0
0

ftUtils.js
ajs-assets.ftstatic.com/ Frame A6A4
86 KB
26 KB
Script
General
Full URL
https://ajs-assets.ftstatic.com/ftUtils.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/225291;7892527;201;jsappend;QuantcastAdobeDyn;QuantcastFY24AcrobatPSPDirectPaidDynamicCookielessCADSKBAN300x600/?ft_custom=sr_ZgLXJ1oPds6L1sabVgcfIzIu1vNeexM2k8sSy0Pe0zdfxsrVbld8=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fnordot.app%2F1103463313237606400&gdpr=0&ftClick=https://exch.quantserve.com/r?&a=p-1RYxePXT9bCS2&labels=_qc.clk,_click.adserver.rtb,_click.rand.52935&rtbip=192.184.73.57&rtbdata2=EAM6Emh0dHBzOi8vbm9yZG90LmFwcFokRk5JYktoM1dHVllfcGdCWElNUWJDeEwySXdNMDN3bjVsVms9gAHFsLqCAboBAMAB2I8NyAGjubjn1THaASVCNDgzRUI3MC04Q0ZBLTQyN0MtOEU3Ni00RkVBNDkxRERGNkJCsAIOyAIA0ALO4Yb7-J_3zKkB6AIX8gIOCMPJLhDUv73nr-mZ0HTyAgwIFxDYpoWk75vO0yj4AgCKAwYxNjIxMTCYAwCoAwCyAwSmAM0EugMSCZtHJVv-nMEpEemxMZBUDRutwgMSCTdGrFx8JEdIEYLICLy4xYmUyAPAgMAT2APHnQPiAw9wLTFSWXhlUFhUOWJDUzLqAwYIrAIQ2ATyAwloM2glMjAwYTH4AwCABLACigQCNzeaBBIJgk_186Hbn6YRTgLU6Qp__riiBBIJm0clW_6cwSkR6bExkFQNG62qBBIJm0clW_6cwSkR6bExkFQNG624BNAF0AQT8gQCQ0GABQGKBSoyMGRlYmU3NGU4ZmJhOTFlOWIzOWRmNjliMjM3NjcxNmFhMjAyY2JkMGKQBQGaBRUg3r506PupHps532myN2cWqiAsvQuiBSRGTkliS2gzV0dWWV9wZ0JYSU1RYkN4TDJJd00wM3duNWxWaz24BQDABajHqM8EyAWpmagE0gUGCAIQBBgD6AUFmgYUChIJgk_186Hbn6YRTgLU6Qp__rigBgCoBv3omL0DtQZyQMg3ugY-CgJDQRICUUMYrswHIghtb250cmVhbCoJaDNoJTIwMGExOhthY2UlMjBkYXRhJTIwY2VudGVycyUyMGluYy7JBuUQNqO0CI0B&redirecturl3=&site_url=nordot.app&cachebuster=218943.04148926726
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.99 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:34:18 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/5.1), 1.1 0df778cadb5eaa000de4f1d7838b16e0.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
35881
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26343
last-modified
Wed, 24 Jan 2024 14:32:35 GMT
server
AmazonS3
etag
W/"72851d1caa0fb39691fdc257bcee7227"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
max-age=86400
x-varnish
947204692 949552266
vary
Accept-Encoding,Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
qvNFsHL9OWABuTAOS0ZZICAJJOAzlUM1XRt4yjkY9pfW0tccRv-DUg==
iicon.min.js
s.yimg.jp/images/advertising/common/js/
0
0

usync.js
eus.rubiconproject.com/ Frame 3F2F
39 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:32:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 17:22:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60590
Connection
keep-alive
Content-Length
10919
Expires
Wed, 31 Jan 2024 17:22:08 GMT
img
imageproxy.us.criteo.net/img/ Frame 954C
13 KB
14 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F4723%2Ftn-4723-m.png&v=3&w=400&rid=4&s=VPM0tcIHlfB8EuejP6k1fhqZ&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13724
expires
Fri, 03 Jan 2025 20:09:01 GMT
11059515.mp4
media.revcontent.com/cr_videos/169831/
0
0

10839789.mp4
media.revcontent.com/cr_videos/94384/
216 KB
0
Media
General
Full URL
https://media.revcontent.com/cr_videos/94384/10839789.mp4
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.94 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://nordot.app/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 10 Jan 2024 02:28:37 GMT
x-amz-version-id
p4ICUpZYk6Iw56gM8m2wmUrHmNa1.zKT
via
1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
1807423
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-652684/652685
alt-svc
h3=":443"; ma=86400
Content-Length
652685
last-modified
Sat, 21 Oct 2023 12:01:03 GMT
server
AmazonS3
etag
"21dc59c66e5be9268be64b6a8b055c40"
content-type
video/mp4
accept-ranges
bytes
x-amz-cf-id
5wigdBXzfxG5vHvoVt2C8ibb7ipBcHoMss9yptiTBlJ9f8u4XUbQaA==
envelope
lexicon.33across.com/v1/
42 B
138 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&src=esp&ver=1.4.0
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
img
imageproxy.us.criteo.net/img/ Frame 954C
23 KB
23 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F9554%2Ftn-9554-m.png&v=3&w=400&rid=4&s=GmXYNWa3Q4dQhv-L7uPwvpoG&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
23688
expires
Mon, 23 Dec 2024 00:40:03 GMT
img
imageproxy.us.criteo.net/img/ Frame 954C
22 KB
22 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F4179%2Ftn-4179-m.png&v=3&w=400&rid=4&s=JsogxAZsXOI4aTP9JXK8kV0k&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
22611
expires
Sat, 21 Dec 2024 19:47:54 GMT
img
imageproxy.us.criteo.net/img/ Frame 954C
19 KB
20 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F9363%2Ftn-9363-m.png&v=3&w=400&rid=4&s=f6Wt74BGHRlZYJLbiFfcqxcA&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
19750
expires
Wed, 11 Dec 2024 19:29:49 GMT
img
imageproxy.us.criteo.net/img/ Frame 954C
29 KB
30 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?h=496&m=0&partner=67694&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F64519%2F220707%2F0f1baf9583584f76909a9285b2e62735_new_800_x_800_logo-transparentbckgrnd.png&v=3&w=356&rid=4&s=JcjEoKrl16Whco_t_fdcv1q1
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
30021
expires
Tue, 31 Dec 2024 00:38:58 GMT
img
imageproxy.us.criteo.net/img/ Frame 954C
22 KB
22 KB
Image
General
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F8960%2Ftn-8960-m.png&v=3&w=400&rid=4&s=hZhqGl-4f0PqSbIPBO9Bb7ps&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:17 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
22714
expires
Wed, 15 Jan 2025 03:08:30 GMT
pixel.gif
quantcast584928381.s.moatpixel.com/
43 B
251 B
Image
General
Full URL
https://quantcast584928381.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=0&tet=4807&fi=0&apd=9613&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=nordot.app&L1id=p-1RYxePXT9bCS2&L2id=qfm&L3id=29c19cfe-5b25-479b-ad1b-0d549031b1e9&L4id=4847247c-5cac-4637-9489-c5b8bc08c882&S1id=nordot.app&S2id=-&ord=1706661127814&r=894758821354&t=meas&os=1&fi2=0&div1=0&ait=0&uid=sr_ZgLXJ1oPds6L1sabVgcfIzIu1vNeexM2k8sSy0Pe0zdfxsrVbld8&bedc=1&q=1&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.242.17 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 31 Jan 2024 00:32:19 GMT
pixel.gif
quantcast584928381.s.moatpixel.com/
43 B
251 B
Image
General
Full URL
https://quantcast584928381.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=0&tet=4807&fi=0&apd=9613&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=nordot.app&L1id=p-1RYxePXT9bCS2&L2id=qfm&L3id=29c19cfe-5b25-479b-ad1b-0d549031b1e9&L4id=4847247c-5cac-4637-9489-c5b8bc08c882&S1id=nordot.app&S2id=-&ord=1706661127814&r=894758821354&t=iv&os=1&fi2=0&div1=0&ait=0&uid=sr_ZgLXJ1oPds6L1sabVgcfIzIu1vNeexM2k8sSy0Pe0zdfxsrVbld8&bedc=1&q=2&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.242.17 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 31 Jan 2024 00:32:19 GMT
pixel.gif
quantcast584928381.s.moatpixel.com/
43 B
251 B
Image
General
Full URL
https://quantcast584928381.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=0&tet=4807&fi=0&apd=9613&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=nordot.app&L1id=p-1RYxePXT9bCS2&L2id=qfm&L3id=29c19cfe-5b25-479b-ad1b-0d549031b1e9&L4id=4847247c-5cac-4637-9489-c5b8bc08c882&S1id=nordot.app&S2id=-&ord=1706661127814&r=894758821354&t=bs&os=1&fi2=0&div1=0&ait=0&uid=sr_ZgLXJ1oPds6L1sabVgcfIzIu1vNeexM2k8sSy0Pe0zdfxsrVbld8&bedc=1&q=3&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.242.17 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 31 Jan 2024 00:32:19 GMT
pixel.gif
quantcast584928381.s.moatpixel.com/
43 B
251 B
Image
General
Full URL
https://quantcast584928381.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=0&tet=5305&fi=0&apd=10111&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=nordot.app&L1id=p-1RYxePXT9bCS2&L2id=qfm&L3id=29c19cfe-5b25-479b-ad1b-0d549031b1e9&L4id=4847247c-5cac-4637-9489-c5b8bc08c882&S1id=nordot.app&S2id=-&ord=1706661127814&r=894758821354&t=hdn&os=1&fi2=0&div1=0&ait=0&uid=sr_ZgLXJ1oPds6L1sabVgcfIzIu1vNeexM2k8sSy0Pe0zdfxsrVbld8&bedc=1&q=4&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.242.17 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 31 Jan 2024 00:32:19 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7E55
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1778145512646273912&gdpr=0&gdpr_consent=
42 B
297 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1778145512646273912&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 12:48:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
945d8d7e-5cbc-4b76-9a0c-ee14451e9cea
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 00:32:19 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1778145512646273912&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 321B
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=30f64be4-bfd0-11ee-9a1b-b4c1927a841e
42 B
322 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=30f64be4-bfd0-11ee-9a1b-b4c1927a841e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 00:32:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Wed, 31 Jan 2024 00:32:19 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=30f64be4-bfd0-11ee-9a1b-b4c1927a841e
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
rtset
bh.contextweb.com/bh/ Frame B794
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDRmlrN0xjeW9BQUJLQndDZ0RiZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAAkHU7LcyoAABNITdS3Zw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
0
0

ecm3
s.amazon-adsystem.com/ Frame 9C5E
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID95DDCB8B-5B7B-462F-9F6F-623830FFB7BB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 00:32:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9R9NMYQD9A9AB2BTJV09
insync
thrtle.com/ Frame 5ECA
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&vxii_pid=12&vxii_pid1=10067&vxii_rcid=e9364df6-8eeb-408d-828c-b607c27db957
43 B
295 B
Image
General
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&vxii_pid=12&vxii_pid1=10067&vxii_rcid=e9364df6-8eeb-408d-828c-b607c27db957
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.235.77.155 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Wed, 31 Jan 2024 00:32:19 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&vxii_pid=12&vxii_pid1=10067&vxii_rcid=e9364df6-8eeb-408d-828c-b607c27db957
date
Wed, 31 Jan 2024 00:32:19 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 5ECA
Redirect Chain
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent=
43 B
171 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 00:32:19 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Martin
crb.kargo.com/api/v1/dsync/ Frame 5ECA
43 B
358 B
Image
General
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.20.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 5ECA
0
425 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=187&uid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.97.47 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 31 Jan 2024 00:32:18 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 5ECA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-T_.zeBFE2uUzEvOx8JDI2gCIzGqGwa4-~A&gdpr=0
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-T_.zeBFE2uUzEvOx8JDI2gCIzGqGwa4-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-T_.zeBFE2uUzEvOx8JDI2gCIzGqGwa4-~A&gdpr=0
date
Wed, 31 Jan 2024 00:32:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 5ECA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=08cc50de-5e36-41d4-b8f5-0613a9ff2437&gdpr=0&gdpr_consent=
1 B
336 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=08cc50de-5e36-41d4-b8f5-0613a9ff2437&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 30 Jan 2024 12:45:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=08cc50de-5e36-41d4-b8f5-0613a9ff2437&gdpr=0&gdpr_consent=
Date
Wed, 31 Jan 2024 00:32:19 GMT
Connection
keep-alive
X-CI-RTID
61c1cbc1-4cfd-44e5-8915-5f1ba1b1238a
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 5ECA
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7b429ce38f1010f1&is_secure=true&networkId=17100&version=1&nuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHE44YzzYAWgMoFvd1AAAAAAA&expiration=1706747538&nuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&...
42 B
376 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHE44YzzYAWgMoFvd1AAAAAAA&expiration=1706747538&nuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-mediagrid_n-index_n-MediaNet_smrt_cnv_n-smaato_pm-db5_n-simpli.fi_rbd_n-baidu_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 23:58:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:18 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHE44YzzYAWgMoFvd1AAAAAAA&expiration=1706747538&nuid=95DDCB8B-5B7B-462F-9F6F-623830FFB7BB&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
colossus
ids.ad.gt/api/v1/ Frame CDCB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=huddledmss
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=huddledmss&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969188724782861526&expires=30&ssp=huddledmss
  • https://sync.colossusssp.com/bidswitch.gif?puid=372da745-c861-4be4-a663-bb7abb9adcef
  • https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=ded2b91a-6c74-45aa-88ce-42124394b735
43 B
95 B
Image
General
Full URL
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=ded2b91a-6c74-45aa-88ce-42124394b735
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
2606:4700:10::ac43:17ea -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84dddb5c3fcb39cb-YYZ
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:19 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=ded2b91a-6c74-45aa-88ce-42124394b735
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
rmpssp
sync.1rx.io/usersync2/ Frame CDCB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.colossusssp.com/ap.gif?puid=$UID
  • https://sync.colossusssp.com/ap.gif?puid=1778145512646273912
  • https://sync.1rx.io/usersync2/rmpssp?sub=colossus
0
99 B
Image
General
Full URL
https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
69.194.240.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:19 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
demconf.jpg
dpm.demdex.net/ Frame CDCB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=9um7azn&ttd_tpi=1
  • https://sync.colossusssp.com/td.gif?puid=5c046258-80c8-451b-abf9-ade2d747e398&ttl=1709253138
  • https://x.bidswitch.net/sync?ssp=huddledmss
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=huddledmss&ssp_user_id=372da745-c861-4be4-a663-bb7abb9adcef&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-kGZ1i39E2pkmEL0lL1OCWlsuuyKdUcNWXsVpFA--~A&expires=5&ssp=huddledmss
  • https://sync.colossusssp.com/bidswitch.gif?puid=372da745-c861-4be4-a663-bb7abb9adcef
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3427&partner_device_id=ded2b91a-6c74-45aa-88ce-42124394b735
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
0
0

cookie
openrtb.cootlogix.com/api/ Frame CDCB
43 B
617 B
Image
General
Full URL
https://openrtb.cootlogix.com/api/cookie?userId=ded2b91a-6c74-45aa-88ce-42124394b735&partnerId=colossus
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.227.26.10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
cookie
sync.cootlogix.com/api/ Frame CDCB
Redirect Chain
  • https://id.rlcdn.com/712075.gif?ct=2&cv=
  • https://id.rlcdn.com/1000.gif?memo=CIu7KxoNCJOq5q0GEgUI6AcQAEIASgA
  • https://sync.colossusssp.com/4560195433dd0d468e9a635d097ffb01.gif?puid=
  • https://t.adx.opera.com/pub/sync?pubid=pub9891457922432
  • https://sync.colossusssp.com/7fe59af1e9f84455a7de453521d1626d.gif?puid=OPU12bebc23088841f6b269540b34cd8891
  • https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=ded2b91a-6c74-45aa-88ce-42124394b735
0
0

rmpssp
sync.1rx.io/usersync2/ Frame CDCB
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]&us_privacy=[CCPA]&redirectUri=https%3A%2F%2Fsync.colossusssp.com%2F021909c6bcf2644c2583393eed86ca15.gif%3Fpuid%3D%24UID%26gdpr%3D%26gdpr_conse...
  • https://sync.colossusssp.com/021909c6bcf2644c2583393eed86ca15.gif?puid=VEDQE33vvQ3Tzz_sAU31&gdpr_consent=&gdpr=[GDPR]&us_privacy=[CCPA]
  • https://sync.1rx.io/usersync2/rmpssp?sub=colossus
0
98 B
Image
General
Full URL
https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
69.194.240.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:19 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cookie
sync.cootlogix.com/api/ Frame CDCB
43 B
497 B
Image
General
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=ded2b91a-6c74-45aa-88ce-42124394b735
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.241.159.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
colossus
ids.ad.gt/api/v1/ Frame CDCB
43 B
173 B
Image
General
Full URL
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=ded2b91a-6c74-45aa-88ce-42124394b735
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84dddb5818ae39cb-YYZ
content-length
43
content-type
image/gif
rmpssp
sync.1rx.io/usersync2/ Frame CDCB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/col
  • https://match.prod.bidr.io/cookie-sync/col?_bee_ppp=1
  • https://sync.colossusssp.com/500e7b56c46df78315584d09f505b8d4.gif?puid=AAAkHU7LcyoAABNITdS3Zw
  • https://sync.1rx.io/usersync2/rmpssp?sub=colossus
0
98 B
Image
General
Full URL
https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
69.194.240.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:32:19 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame CDCB
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3427&partner_device_id=ded2b91a-6c74-45aa-88ce-42124394b735
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D45d5601e-104d-4fb7-8e4a-33e12fcbe49c%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1778145512646273912&pt=45d5601e-104d-4fb7-8e4a-33e12fcbe49c%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1778145512646273912&pt=45d5601e-104d-4fb7-8e4a-33e12fcbe49c%2C%2C
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
an-x-request-uuid
7ef5acd5-0ff1-4e55-84fc-1929cb616d4a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1778145512646273912&pt=45d5601e-104d-4fb7-8e4a-33e12fcbe49c%2C%2C
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame CDCB
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9891457922432
  • https://sync.colossusssp.com/7fe59af1e9f84455a7de453521d1626d.gif?puid=OPU12bebc23088841f6b269540b34cd8891
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3427&partner_device_id=ded2b91a-6c74-45aa-88ce-42124394b735
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
0
0

363546c6-f8af-4f33-8c94-663c5bd45eaa
ex.ingage.tech/v1/sync/colossus/ Frame CDCB
0
0
Image
General
Full URL
https://ex.ingage.tech/v1/sync/colossus/363546c6-f8af-4f33-8c94-663c5bd45eaa?uid=ded2b91a-6c74-45aa-88ce-42124394b735
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:43d -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

rmpssp
sync.1rx.io/usersync2/ Frame CDCB
0
98 B
Image
General
Full URL
https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
async_usersync
ib.adnxs.com/ Frame 2493
0
917 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
an-x-request-uuid
7779d11a-40de-44a1-8ae5-0591e6c7c9d2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie
sync.kueezrtb.com/api/ Frame 422C
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=SzhEXqCN&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sharthrough&userId=5a4f23de-92f6-4fda-ae85-449f6b6d3e0f&gdpr=0
43 B
495 B
Image
General
Full URL
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sharthrough&userId=5a4f23de-92f6-4fda-ae85-449f6b6d3e0f&gdpr=0
Requested by
Host: sync.kueezrtb.com
URL: https://sync.kueezrtb.com/api/sync/iframe/?cid=65686dbe623fb8a7bb1324d7&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
159.89.230.101 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.kueezrtb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

location
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sharthrough&userId=5a4f23de-92f6-4fda-ae85-449f6b6d3e0f&gdpr=0
date
Wed, 31 Jan 2024 00:32:19 GMT
content-length
0
async_usersync
ib.adnxs.com/ Frame 1E89
0
917 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
an-x-request-uuid
9688dd75-c0c0-4d09-b315-d05e63052d23
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
166.0.205.4; 166.0.205.4; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
quantcast584928381.s.moatpixel.com/
0
0

adview
securepubads.g.doubleclick.net/pagead/ Frame A8DA
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8syXBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSmAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7d516SKSeUO8t0JrbnAX2eMihKBVXfFnPTgF6SoWZz-SPikjuYReAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQDgAoB-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcBshccChoSFHB1Yi00MzA3NTM1ODU4MTEwMjgyGOCaIQ&sigh=5W3zk7SQn9A&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_IfvCZNz_5p_cr8We_HM9v0iTaJGopvYHWZlrh3EMH_V25gepgeU9lYKf73mwluIGX-DXcTtg5jbLtwQ3wZKMcpLeL8gZgzEPrWsYAQ&cbvp=2&vis=1
Requested by
Host: d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
URL: https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

notify
rtb.va.us.criteo.com/google/auction/ Frame A8DA
0
126 B
Image
General
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k5yrE-DBMMoH-gHiIp0XAgAAAPj-eYbRqGcNR4zBxQk5jtsQBpW5ZR3wQwyYL85n4l8AABIAAAoKQVFVRENnRUJDZw&wp=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&cbvp=2
Requested by
Host: d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
URL: https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:18 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
117730
server
Kestrel
content-length
0
/
hde.tynt.com/deb/ Frame 1D36
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_pr...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
2 KB
0
Document
General
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1656
content-type
text/html
date
Wed, 31 Jan 2024 00:32:19 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 31 Jan 2024 00:32:19 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
0
prebid.a-mo.net/cchain/ Frame 19A3
2 KB
1 KB
Document
General
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
671
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 00:32:19 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
setuid
pbs.nextmillmedia.com/ Frame 6CB1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=1778145512646273912
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=1778145512646273912
86 B
501 B
Document
General
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=1778145512646273912
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.126.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-126-70.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Wed, 31 Jan 2024 00:32:19 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:32:19 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=1778145512646273912
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame 4030
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_conse...
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=372da745-c861-4be4-a663-bb7abb9adcef
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=372da745-c861-4be4-a663-bb7abb9adcef
86 B
411 B
Document
General
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=372da745-c861-4be4-a663-bb7abb9adcef
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.126.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-126-70.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Wed, 31 Jan 2024 00:32:19 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:32:19 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=372da745-c861-4be4-a663-bb7abb9adcef
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame AF1B
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26g...
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ZbmVBm36UL0X6IZT6stR7gAA%26128
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZbmVBm36UL0X6IZT6stR7gAA&128
0
287 B
Document
General
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZbmVBm36UL0X6IZT6stR7gAA&128
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.126.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-126-70.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Wed, 31 Jan 2024 00:32:19 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:32:19 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZbmVBm36UL0X6IZT6stR7gAA&128
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame 58D8
Redirect Chain
  • https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%...
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=f7c22092-3c9d-49d6-ba8f-84519bc86b4e&gdpr_consent=null&gdpr=null
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=f7c22092-3c9d-49d6-ba8f-84519bc86b4e
86 B
700 B
Document
General
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=f7c22092-3c9d-49d6-ba8f-84519bc86b4e
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.126.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-126-70.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Wed, 31 Jan 2024 00:32:19 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:32:19 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=f7c22092-3c9d-49d6-ba8f-84519bc86b4e
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame 8135
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D...
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=51675f62-2557-4c27-b981-00abd48e6778
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=51675f62-2557-4c27-b981-00abd48e6778
0
595 B
Document
General
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=51675f62-2557-4c27-b981-00abd48e6778
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.126.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-126-70.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Wed, 31 Jan 2024 00:32:19 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:32:19 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=51675f62-2557-4c27-b981-00abd48e6778
server
fasthttp
cs
ad.turn.com/r/ Frame 850A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%...
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent=
0
0

usync.html
eus.rubiconproject.com/ Frame 5106
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid=
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jan 2024 00:32:19 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 31 Jan 2024 00:32:19 GMT
location
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
server
AkamaiGHost
pixel
ap.lijit.com/ Frame 9C7F
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.238.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-238-183.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Wed, 31 Jan 2024 00:32:18 GMT
getuid
eb2.3lift.com/ Frame 7126
0
37 B
Document
General
Full URL
https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Wed, 31 Jan 2024 00:32:18 GMT
setuid
pbs.nextmillmedia.com/ Frame 331A
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://cookies.nextmillmedia.com/setuid?bidder=yieldmo&nmuid=&uid=VEDQE33vvQ33WAhuquvk&gdpr=&gdpr_consent=&us_privacy=
  • https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEDQE33vvQ33WAhuquvk
86 B
592 B
Document
General
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEDQE33vvQ33WAhuquvk
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.126.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-126-70.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Wed, 31 Jan 2024 00:32:19 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:32:19 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEDQE33vvQ33WAhuquvk
server
fasthttp
v1
lb.eu-1-id5-sync.com/lb/
33 B
270 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/f3eb7804-5174-4276-b3e9-712dfd130fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v1
lb.eu-1-id5-sync.com/lb/ Frame 6B68
33 B
269 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/3a949536-d1db-4bef-a9e1-8a81fb28d4ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:32:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pixel;r=2127884293;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=https%3A%2F%2Fnordot.app%2F;uht=2;fpan=1;fpa=P0-2146782103-1706661138310;pbc=;ns=1;ce=1;qjs=1;...
pixel.quantserve.com/ Frame 072A
35 B
294 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=2127884293;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=https%3A%2F%2Fnordot.app%2F;uht=2;fpan=1;fpa=P0-2146782103-1706661138310;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=storage.didna.io;dst=1;et=1706661139076;tzo=480;ogl=locale.en_US%2Ctype.website%2Ctitle.diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield%2Cdescription.diDNA%20programmatic%20yield%20management%2Curl.https%3A%2F%2Fwww%252Edidna%252Eio%2F%2Csite_name.diDNA;ses=65dc7eb5-0a66-4d59-82bd-e6eb86080360;mdl=
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sponser._ad.php
fundingchoicesmessages.google.com/f/AGSKWxWUB7zkiehpPKo0wB1HurBAa3POATWQLovOzfhXQWUtGmyYECx4hvjkxNcs3EVIyi-8CP17avKgux9BA8BU1_wWeFKf9L6mKNwCHsinGvJWsPPvBhZ0LVfQKZWwUR8iL3oaN7WelrElDTL1i_3U3CVbXI_7V...
54 B
110 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWUB7zkiehpPKo0wB1HurBAa3POATWQLovOzfhXQWUtGmyYECx4hvjkxNcs3EVIyi-8CP17avKgux9BA8BU1_wWeFKf9L6mKNwCHsinGvJWsPPvBhZ0LVfQKZWwUR8iL3oaN7WelrElDTL1i_3U3CVbXI_7VaQQtlQqE6wyBNH1u8rAsbLoNaaYKwcn/_/adhost./sponser._ad.php?/ads.cfm?/adsense4.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwUwk8S3lvqCRjdd4FHf7_IJcArdw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SINZ3MQ4dTpCiIkV1yWENg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-SINZ3MQ4dTpCiIkV1yWENg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXFEKAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEzTF51bO1bAINX24lAAAeHlhT"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/
86 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwUwk8S3lvqCRjdd4FHf7_IJcArdw/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:13:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
1113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31168
x-xss-protection
0
server
cafe
etag
14589227577193608053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 01:13:46 GMT
AGSKWxUXIo1DI_Dcpi0vVpE6VHDJZdtSRUNz35Ue-Fyh3rQZXJxsd33zH4sILXdoEAMBUwo2WpbiKVfN0vg4bageGrXTOPIjbbONcWFZStOOMMwE_jIJ4fH8o_xe0PmAPa2K6Z_DxXfKgA==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUXIo1DI_Dcpi0vVpE6VHDJZdtSRUNz35Ue-Fyh3rQZXJxsd33zH4sILXdoEAMBUwo2WpbiKVfN0vg4bageGrXTOPIjbbONcWFZStOOMMwE_jIJ4fH8o_xe0PmAPa2K6Z_DxXfKgA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n7U4RbYhrcJ_ElpV9KhvNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-n7U4RbYhrcJ_ElpV9KhvNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY_KqZ2vZBH78bdjNBADt7yDX"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://nordot.app
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A6A4
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzNCI37UTm-ALd8GB2A4myiipzhLXT-yKBaBHgfFJxbriXV274MLl-Cok9npRP6wUTBO3xXWmE42f9-WORlPXjaVuqw5CDtYXTS4O_wChyLhl2cgBbT-vVYLQy2wnOBGxRkO0tmawdUXS4_HG66bIcCQbu&sig=Cg0ArKJSzLym9fhHPb2EEAE&id=lidar2&mcvt=1000&p=752,986,1352,1286&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240123&bin=7&avms=nio&bs=1600,1200&mc=0.75&vu=1&app=0&itpl=19&adk=3196454924&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706661126725&rpt=11388&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:32:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.us.criteo.net/ Frame 954C
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=dD8GzIdZE_Ax8bGCuF4fp7tP5__6O-JedpqIHW6176QSC4BVyaOhxZ55tMYxElBL8bzJzbWecyvaP72haFuulhvpTVWLPpz3XVwGHH5CuPtBFrTC6NUA7Y4MW2g5XV2SqP5RIRdbFfNKEEW9m26pZGhx_oX0oa53a-m70beormMYJdQIrWvJUSHpganZwY_nKFj_dhMNz8X1EGuxzTgBDAZh-tXP9ZNkQSD4_DOfAjYB19aQ4EqoFhL5DU7AUnrewoUcrA&sds=2&rev=90409&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 00:32:18 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
cookie
sync.kueezrtb.com/api/ Frame 422C
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-grid1%26userId%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D?gdpr=0&gdpr_con...
  • https://sync.kueezrtb.com/api/cookie?partnerId=kueez-grid1&userId=372da745-c861-4be4-a663-bb7abb9adcef&gdpr=0&gdpr_consent=&us_privacy=
43 B
495 B
Image
General
Full URL
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-grid1&userId=372da745-c861-4be4-a663-bb7abb9adcef&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: sync.kueezrtb.com
URL: https://sync.kueezrtb.com/api/sync/iframe/?cid=65686dbe623fb8a7bb1324d7&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
159.89.230.101 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.kueezrtb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Location
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-grid1&userId=372da745-c861-4be4-a663-bb7abb9adcef&gdpr=0&gdpr_consent=&us_privacy=
Date
Wed, 31 Jan 2024 00:32:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
AGSKWxUXIo1DI_Dcpi0vVpE6VHDJZdtSRUNz35Ue-Fyh3rQZXJxsd33zH4sILXdoEAMBUwo2WpbiKVfN0vg4bageGrXTOPIjbbONcWFZStOOMMwE_jIJ4fH8o_xe0PmAPa2K6Z_DxXfKgA==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUXIo1DI_Dcpi0vVpE6VHDJZdtSRUNz35Ue-Fyh3rQZXJxsd33zH4sILXdoEAMBUwo2WpbiKVfN0vg4bageGrXTOPIjbbONcWFZStOOMMwE_jIJ4fH8o_xe0PmAPa2K6Z_DxXfKgA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iw3plbxJkXe6Oq1Gmd6lkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-iw3plbxJkXe6Oq1Gmd6lkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY_KqZ2vZBBqOnN3FBADs0CB2"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUXIo1DI_Dcpi0vVpE6VHDJZdtSRUNz35Ue-Fyh3rQZXJxsd33zH4sILXdoEAMBUwo2WpbiKVfN0vg4bageGrXTOPIjbbONcWFZStOOMMwE_jIJ4fH8o_xe0PmAPa2K6Z_DxXfKgA==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUXIo1DI_Dcpi0vVpE6VHDJZdtSRUNz35Ue-Fyh3rQZXJxsd33zH4sILXdoEAMBUwo2WpbiKVfN0vg4bageGrXTOPIjbbONcWFZStOOMMwE_jIJ4fH8o_xe0PmAPa2K6Z_DxXfKgA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uoCnI4Kr9JG3wikcC_v1eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-uoCnI4Kr9JG3wikcC_v1eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY_KqZ2vZBCbsmrWTCQDpAyA9"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://nordot.app
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUXIo1DI_Dcpi0vVpE6VHDJZdtSRUNz35Ue-Fyh3rQZXJxsd33zH4sILXdoEAMBUwo2WpbiKVfN0vg4bageGrXTOPIjbbONcWFZStOOMMwE_jIJ4fH8o_xe0PmAPa2K6Z_DxXfKgA==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUXIo1DI_Dcpi0vVpE6VHDJZdtSRUNz35Ue-Fyh3rQZXJxsd33zH4sILXdoEAMBUwo2WpbiKVfN0vg4bageGrXTOPIjbbONcWFZStOOMMwE_jIJ4fH8o_xe0PmAPa2K6Z_DxXfKgA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6ZWsduuqY-DdLJ1zRiIrYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6ZWsduuqY-DdLJ1zRiIrYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY_KqZ2vZBDa82r2LCQDrZCCx"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUaWg90TkuRLgzpVlhD0xyMMNRrmLLKOAB8UYgYVWO37-w3KOiy-rJNmLJm4IxL2VxXOsD-O0aTf2CCvIlpiykolPNMVyBlvGFPrxXGYrSPnwnZzPrHsLzrqkP8oeK7AXRX6GhIrA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUaWg90TkuRLgzpVlhD0xyMMNRrmLLKOAB8UYgYVWO37-w3KOiy-rJNmLJm4IxL2VxXOsD-O0aTf2CCvIlpiykolPNMVyBlvGFPrxXGYrSPnwnZzPrHsLzrqkP8oeK7AXRX6GhIrA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NjYxMTM5LDMyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ub3Jkb3QuYXBwLzExMDM0NjMzMTMyMzc2MDY0MDAiLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5dllTeaDd3CCTm-101ksuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-5dllTeaDd3CCTm-101ksuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KshxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEwzF51bO1bAIzzh3czwgAdGhYig"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
cframe.js
assets.a-mo.net/js/ Frame 19A3
16 KB
7 KB
Script
General
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
via
1.1 3340b5a392e45fce453c4d978abfd6be.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
YTO50-P2
age
41
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 25 Jan 2024 17:28:00 GMT
server
cloudflare
etag
W/"d458c9c4d04e49d089648ee8a1473ba4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
84dddb5c98c8a1fe-YYZ
x-amz-cf-id
44vGwfuUW7c9osz2FCvBqoNvRE2FCsiFKkHWHAjQ7iOozG58NQRJKw==
expires
Wed, 31 Jan 2024 01:32:19 GMT
AGSKWxW1w-eC2fOVJ5j-3oIvELM0DZ6oCR0RpUSDdJq-I9viugVG9uVh2o8Dijo-Y4gaDbLaGCdEFZv2OlAR7zko8mc3hBf2xiypF_rJ1mESVq7vsy8zVfbLOfp0QKCaW5pfHUoBsOGT7w==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW1w-eC2fOVJ5j-3oIvELM0DZ6oCR0RpUSDdJq-I9viugVG9uVh2o8Dijo-Y4gaDbLaGCdEFZv2OlAR7zko8mc3hBf2xiypF_rJ1mESVq7vsy8zVfbLOfp0QKCaW5pfHUoBsOGT7w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qYaUXuTCldsy9W6nxTB7ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qYaUXuTCldsy9W6nxTB7ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY_KqZ2vZBFa0LtvFBADofyAs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://nordot.app
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 5106
39 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:32:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 17:22:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60589
Connection
keep-alive
Content-Length
10919
Expires
Wed, 31 Jan 2024 17:22:08 GMT
cookie
sync.kueezrtb.com/api/ Frame 422C
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-sovrn%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26userId%3D%24UID
  • https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sovrn&gdpr=0&gdpr_consent=&us_privacy=&userId=IFKAABZHuM1z_0ZqTyi3aUH_
43 B
495 B
Image
General
Full URL
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sovrn&gdpr=0&gdpr_consent=&us_privacy=&userId=IFKAABZHuM1z_0ZqTyi3aUH_
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
159.89.230.101 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.kueezrtb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:19 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

location
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sovrn&gdpr=0&gdpr_consent=&us_privacy=&userId=IFKAABZHuM1z_0ZqTyi3aUH_
access-control-allow-origin
*
date
Wed, 31 Jan 2024 00:32:19 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
access-control-allow-methods
GET, POST, DELETE, PUT
sid
mug.criteo.com/ Frame
0
0

sid
mug.criteo.com/ Frame
0
0

725.json
id5-sync.com/g/v2/
0
0

725.json
id5-sync.com/g/v2/ Frame 6B68
0
0

4364633.json
agen-assets.ftstatic.com/display/7892527/ Frame A6A4
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
trends.revcontent.com
URL
https://trends.revcontent.com/api/demand/?w=169267
Domain
trends.revcontent.com
URL
https://trends.revcontent.com/sync
Domain
static.criteo.net
URL
https://static.criteo.net/design/dt/1ccdc96a10814ce19f0b5b19ef8cc44b_ProximaNovaSoft-Semibold.woff
Domain
mug.criteo.com
URL
https://mug.criteo.com/sid?cpp=_xuLP3xqZUZEa0F1UTJQUEp3SnNPUkZ0SXAycjFnV0FPdUFIellzQlJGN2lzNFZkL0czUUI1aFpkQzVqTll2V2Y3YzlzU0RDTTRhWEZXUUxMRHZQZHBkdkluZHZzV3BSK2ZXblB1MVpMSmxSNGFYbDJVaWhYZlJHTDVaTy80RFhwQ3pWYXNrZys4S2hiaklMUVYraDExZzBJS2ZvLzJnMkRINkdWeDE2djhHeUlad1lkUEJKT3hsZ3RxYVAza1VQYm9JMVovbnFqdmN2STZ0T09LWSsrcFpoTVZ4bmw1VURJa2lpUGc3UCszb2VvazNJPXw&cppv=2
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=26
Domain
mug.criteo.com
URL
https://mug.criteo.com/sid?cpp=3r77S3xnVjM1VUd6Zk1QekxUL3VUVXJSZkRTelRqSTVmbWtBSEVxMW4vR2JFSDdTUXoweWlBVXczUXd2SUlTL3JQczFiSnFaQitXV3llS1g1S3VrNE04VXZpYlRNblV0R0F3MlBOUWV5WUVXYU41Q3p2d05JeE9iaklnbUNBc2NSV3EwTi8rYThxdzZ0UUM1M3RRR2NBZGRHZHVvSUxhemtCMjcySFRCbmd0dXNOQVA1N1hFU2VvOTgwcXNqM3NJdW1xSEdhUjlzNW1lcUFmczBUQlR4Q01CVVB6NklMdjlaZjJoMCtPdlF0SGJmVlo4PXw&cppv=2
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS11YW6R-I-KBWL
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=a61c90ad-cbd5-4bfa-9795-b880d4064069
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=a61c90ad-cbd5-4bfa-9795-b880d4064069
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=a61c90ad-cbd5-4bfa-9795-b880d4064069
Domain
s.yimg.jp
URL
https://s.yimg.jp/images/advertising/common/js/iicon.min.js
Domain
media.revcontent.com
URL
https://media.revcontent.com/cr_videos/169831/11059515.mp4
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?ev=AAAkHU7LcyoAABNITdS3Zw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D45d5601e-104d-4fb7-8e4a-33e12fcbe49c%252C%252C
Domain
sync.cootlogix.com
URL
https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=ded2b91a-6c74-45aa-88ce-42124394b735
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=45d5601e-104d-4fb7-8e4a-33e12fcbe49c&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D45d5601e-104d-4fb7-8e4a-33e12fcbe49c%252C%252C
Domain
quantcast584928381.s.moatpixel.com
URL
https://quantcast584928381.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=0&tet=6083&fi=0&apd=10889&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=nordot.app&L1id=p-1RYxePXT9bCS2&L2id=qfm&L3id=29c19cfe-5b25-479b-ad1b-0d549031b1e9&L4id=4847247c-5cac-4637-9489-c5b8bc08c882&S1id=nordot.app&S2id=-&ord=1706661127814&r=894758821354&t=nht&os=1&fi2=0&div1=0&ait=0&uid=sr_ZgLXJ1oPds6L1sabVgcfIzIu1vNeexM2k8sSy0Pe0zdfxsrVbld8&bedc=1&q=5&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent=
Domain
mug.criteo.com
URL
https://mug.criteo.com/sid?cpp=3r77S3xnVjM1VUd6Zk1QekxUL3VUVXJSZkRTelRqSTVmbWtBSEVxMW4vR2JFSDdTUXoweWlBVXczUXd2SUlTL3JQczFiSnFaQitXV3llS1g1S3VrNE04VXZpYlRNblV0R0F3MlBOUWV5WUVXYU41Q3p2d05JeE9iaklnbUNBc2NSV3EwTi8rYThxdzZ0UUM1M3RRR2NBZGRHZHVvSUxhemtCMjcySFRCbmd0dXNOQVA1N1hFU2VvOTgwcXNqM3NJdW1xSEdhUjlzNW1lcUFmczBUQlR4Q01CVVB6NklMdjlaZjJoMCtPdlF0SGJmVlo4PXw&cppv=2
Domain
mug.criteo.com
URL
https://mug.criteo.com/sid?cpp=_xuLP3xqZUZEa0F1UTJQUEp3SnNPUkZ0SXAycjFnV0FPdUFIellzQlJGN2lzNFZkL0czUUI1aFpkQzVqTll2V2Y3YzlzU0RDTTRhWEZXUUxMRHZQZHBkdkluZHZzV3BSK2ZXblB1MVpMSmxSNGFYbDJVaWhYZlJHTDVaTy80RFhwQ3pWYXNrZys4S2hiaklMUVYraDExZzBJS2ZvLzJnMkRINkdWeDE2djhHeUlad1lkUEJKT3hsZ3RxYVAza1VQYm9JMVovbnFqdmN2STZ0T09LWSsrcFpoTVZ4bmw1VURJa2lpUGc3UCszb2VvazNJPXw&cppv=2
Domain
id5-sync.com
URL
https://id5-sync.com/g/v2/725.json
Domain
id5-sync.com
URL
https://id5-sync.com/g/v2/725.json
Domain
agen-assets.ftstatic.com
URL
https://agen-assets.ftstatic.com/display/7892527/4364633.json

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

8 Console Messages

Source Level URL
Text
other warning URL: https://d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2095DDCB8B-5B7B-462F-9F6F-623830FFB7BB&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVBgADL2EH48C1AAVVXAwgOLxsaYeF8EX5qA&u=%7CVQ%2FzV8RRs2lrbWk2CYJxmBmFi4hmpqr5wTmcPSRRjO4%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78QfrxpkyJmzJj0_tcC9N1YiaRUcwlFBU20qlh8DHawGj3InT9y_LHfQtH009au1AtXIyBIBl8Tmt1oYEHQG-s59Z6ZlBi7VmoO9-qh-d9t91lP_yUqCVR5Tez57VVGCdxBbFGyuzhME_0FAXIDHvYT01Gc1JLejepOdDjWNj6kCUg2-uuozxXj4o5azyxzr4KsLKB7vqdEmr2G5kESyiufqQvCQjqH7UBvhrQpc6U6Te7_cNm6_pZC1HAM4F8BAIdiXvKTMds7torR7mrLxVnM6IIfsnebN8q2O0-Jr8_1QGMygQF7Tej-koPruTjuTgeSFu-xZJnBuNEVhwWQPWzXVxAfGmEcRhgK8zbqzN__SCpjKB7GsjQmZIQg91NDUc6xDN_rDpzQpiFKOUzHV4dKWIkjoMS7Rkyakdtd6xhyI7jHoQuSzwJLNr_BriP-aSBMrmircpdecQItuEwxx-sONakwoiFOxV0mKLFSkOsmaQGQ04L2feeaB1qmbU5WkG5FynY0dFQ8mVi84X3llPQCHJDD0pVE1bFHyuyL08KkqjC-ggryGXJiFl7u_DlOxGYGpMlYTJEF4YGb-l22461AYyLXi88oKgtmbEJ2a6OPfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP3JjBpW5ZeHeDLWBj-8P3KqV8AGcge-wXKLKp6p0wI23ARABIABgfYIBF2NhLXB1Yi00MzA3NTM1ODU4MTEwMjgyyAEJ4AIAqAMByAMCqgSpAk_QA95-PZc-aN8tJBBFtwID992cftbI2nKJTy3BqCKPdRZapgVTpRQaFEgDeoZzTfJdplYU2qj2wMGCZo57timA7NJULkhu_dtAnZNETqWZcnBvtNE7bNqNVbHfU3m9zA2cCftwIK1_D-_1D3MF-drrLRzvOjHeolfIwFGaFBPvjpVtJa9g1Np7yTgBaaz27XS33LayOfsZz-TYp6IH7yGfZr-LDpPT9sNPRx2qORf-2BNRd5PwbSAm8yEgAcujCD-kzVHN2FuaVbaOJ6Q0mWkhTRoN0SMHqeJJqO-Pomzxs9lskeiFyG3eDHEqyc7l9G-hhYwUJrAuTNdw4C7f_X7dpVyyu-Ep0LH9zYkzjUR5lplFLVzxDrdIcyQbaNht1TtjVq-hoj2bYeAEAYAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKHKtpGwhoQD-gsCCAGADAHiDRMI-_u2kbCGhAMVtcDjBx1cVQUe0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y32HRKSgS7fQ9aQTl1LmEVn_hAg%26client%3Dca-pub-4307535858110282%26adurl%3D
Message:
Access to font at 'https://static.criteo.net/design/dt/1ccdc96a10814ce19f0b5b19ef8cc44b_ProximaNovaSoft-Semibold.woff' from origin 'https://ads.us.criteo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://static.criteo.net/design/dt/1ccdc96a10814ce19f0b5b19ef8cc44b_ProximaNovaSoft-Semibold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://nordot.app/1103463313237606400
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=26' from origin 'https://nordot.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=26
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ex.ingage.tech/v1/sync/colossus/363546c6-f8af-4f33-8c94-663c5bd45eaa?uid=ded2b91a-6c74-45aa-88ce-42124394b735
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.us.criteo.com
ads.yieldmo.com
agen-assets.ftstatic.com
ajax.googleapis.com
ajs-assets.ftstatic.com
amazon-tam-match.dotomi.com
ap.lijit.com
api.rlcdn.com
api.whizzco.com
assets.a-mo.net
assets.revcontent.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bisrtb.cootlogix.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cat.va.us.criteo.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.whizzco.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
colossusssp.com
config.aps.amazon-adsystem.com
connectid.analytics.yahoo.com
content.quantcount.com
cookies.nextmillmedia.com
crb.kargo.com
cs.media.net
csm.us.criteo.net
csync.loopme.me
d.adroll.com
d2ecd0d1c1a82d4958b9ce6336cf57c4.safeframe.googlesyndication.com
de.tynt.com
didna.b-cdn.net
dpm.demdex.net
dsum-sec.casalemedia.com
e.dlx.addthis.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
ex.ingage.tech
exch.quantserve.com
exchange.kueezrtb.com
fastlane.rubiconproject.com
fid.agkn.com
fundingchoicesmessages.google.com
funes.solutionshindsight.net
gtrack.kueezssp.com
gum.criteo.com
hbopenbid.pubmatic.com
hde.tynt.com
he.lijit.com
i.liadm.com
ib.adnxs.com
id5-sync.com
ids.ad.gt
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imageproxy.us.criteo.net
images.revcontent.com
img.revcontent.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
lexicon.33across.com
log.nordot.jp
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
media.revcontent.com
mp.4dex.io
mug.criteo.com
nordot-res.cloudinary.com
nordot.app
oa.openxcdn.net
onetag-sys.com
openrtb.cootlogix.com
p.alcmpn.com
p.rfihub.com
pagead2.googlesyndication.com
pbs.nextmillmedia.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantcount.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
quantcast584928381.s.moatpixel.com
report2.hb.brainlyads.com
rtb-use.mfadsrvr.com
rtb.mfadsrvr.com
rtb.openx.net
rtb.va.us.criteo.com
rules.quantcount.com
s-rtb-pb.send.microad.jp
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.yimg.jp
sb.scorecardresearch.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
st.pubmatic.com
stags.bluekai.com
static.criteo.net
static.solutionshindsight.net
static.vidazoo.com
storage.didna.io
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.colossusssp.com
sync.cootlogix.com
sync.crwdcntrl.net
sync.intentiq.com
sync.ipredictive.com
sync.kueezrtb.com
sync.srv.stackadapt.com
t.adx.opera.com
tags.crwdcntrl.net
targeting.unrulymedia.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
track.kueezssp.com
trends.revcontent.com
um.simpli.fi
um4.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.dlx.addthis.com
yads.c.yimg.jp
yeet.revcontent.com
z.moatads.com
ad.turn.com
agen-assets.ftstatic.com
api.rlcdn.com
bh.contextweb.com
dpm.demdex.net
id5-sync.com
media.revcontent.com
mug.criteo.com
quantcast584928381.s.moatpixel.com
s.yimg.jp
static.criteo.net
sync.cootlogix.com
sync.intentiq.com
trends.revcontent.com
104.18.35.167
104.36.115.111
129.80.143.41
13.32.208.44
142.251.111.154
147.135.94.212
147.75.198.144
151.101.1.108
151.101.2.49
157.230.1.97
159.89.230.101
162.19.138.116
162.19.138.82
162.248.18.36
172.240.155.84
172.64.151.101
173.237.69.68
18.161.34.76
18.210.70.9
18.239.163.100
183.79.249.124
192.132.33.69
192.241.159.82
199.38.167.131
2001:19f0:5:56cf:5400:4ff:fea4:3dcd
2001:4860:4802:32::15
202.233.84.2
207.198.113.93
213.19.162.90
216.22.16.69
23.192.31.127
23.192.41.210
23.197.109.53
23.20.238.88
23.203.242.17
23.209.57.14
23.209.58.25
23.221.252.28
23.39.177.103
2400:52e0:1a00::845:1
2600:1f18:4e9:5a07:c5b1:19c6:6405:5eda
2600:1f18:61c0:2204:7843:899a:d4d0:979d
2600:9000:2105:b600:6:44e3:f8c0:93a1
2600:9000:2199:b400:a:e047:753:eb41
2600:9000:2199:d600:10:dd8:5e40:93a1
2600:9000:2305:6a00:1b:5138:8a40:93a1
2602:803:c002:200::32
2606:4700:10::6816:3556
2606:4700:10::6816:43d
2606:4700:10::ac43:17ea
2606:4700:20::681a:4d
2606:4700:20::681a:8a9
2606:4700:3035::6815:faa
2606:4700:4400::ac40:994e
2606:4700::6811:190e
2606:4700::6812:651
2606:4700::6813:9f13
2606:ae80:1451:12::1690
2607:f8b0:4004:c06::61
2607:f8b0:4004:c06::66
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c07::79
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c08::cf
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c17::84
2620:100:a001::16
2620:100:a001::18
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:100:a001::c
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2a04:4e42:200::485
2a04:4e42::393
3.162.3.33
3.21.9.176
3.211.143.64
3.217.51.221
3.33.220.150
3.92.156.8
34.102.146.192
34.111.113.62
34.193.13.213
34.200.65.202
34.225.168.29
34.235.214.237
34.235.77.155
34.237.238.183
34.96.70.87
34.96.71.22
35.186.253.211
35.190.39.111
35.207.24.140
35.208.249.213
35.211.178.172
35.214.250.24
35.226.42.89
35.227.239.69
35.236.220.17
35.244.159.8
35.244.193.51
40.76.134.238
44.196.126.70
44.209.113.136
44.216.238.183
50.31.142.255
51.222.239.230
52.202.42.48
52.21.39.178
52.223.22.214
52.3.97.246
52.46.155.104
52.55.97.47
52.71.119.229
52.73.214.211
52.87.69.37
54.146.185.181
54.146.20.223
54.192.51.13
54.192.51.46
54.192.51.49
54.192.51.66
54.192.51.78
54.192.51.94
54.192.51.99
54.204.225.159
54.84.92.154
54.90.40.160
64.227.26.10
67.202.105.22
67.202.105.32
67.220.228.201
68.67.160.132
69.173.151.100
69.194.240.11
69.194.240.13
74.119.119.147
8.28.7.81
8.28.7.83
8.28.7.84
8.43.72.97
82.145.213.8
99.84.242.155
00d38aba554491252d57c462a721f53b97c9dbc9286600e7d8fce2d334e8dc21
05b979970c578d7fb7fbf47c95953bf0102ca33d0f88eb005361bcd4421a7fd5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1049c5e95e167b0736954f907484f59f0c328eebcccebdeb14ba8ed90be33698
105259ff2025b1c9da4a0dcc63b0dfa87aab72cc030d1437d3eba86fcad0712f
13e921baff7dcf1c6112841437b95602bf4f445bf38054129a407003818a111d
1781b696d0260b6fbaa8cee4557699ee6c23b51718c099b9949e36734ef98a1d
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b3bae37878a9bc1eb731a1e0301a86788e62b15217c2d055a0748a4a1498f58
1ebcd54ed4e7b68282a0cb6fdcbe40783b2e3f257396919056f7c02384b4cbdc
1eff17bfd64e6cabc3e250aec00bbf6201c90c1963441f89cc2495a954a40204
1f9e494521255366cfcbbddbc0c58d2d692616f197754a799bf4c9d84fa997dc
1fed7da86f9d9735ea1018a3ac1be1e3e6fc105b7c7dc2c809626d34b4ee85c1
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a
251ecb46af95fc8be3eca898642647fc77d7ad6f6b2d4161a016c72a438739e2
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2645d122be74564e70144e3c7d5063a319af72963f6b06d7d9b00027c9a74705
2690c635c1a9ec667f2be63c36a9b7079526fd8fa733da1235a0dbf893b95f5b
26b74084193a7882fc9988b59107a58c455555d4fdea0b79f3360b7e97b178df
26fe1f65e356dffb8f60a7608bd70dbaca44a61b79f7501db7e74af746b876bc
2a2982d1f827e63af430413250f64336eb291d3c88c91533ea3c4a556e3107b9
2c96dfdde76872e6894ea5ca3202e6894e221f26be7b7243e39943c1d329ff5b
2cab86bc3a7e228393bfd67700af7d3507bbbacb6107d09311407f1c2df8d9a7
2d2f0d368bf03561099df3cb58b8116ba09abd5695497a5b986e8e959d39d443
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775
30c705961d9ad2a8cd4baf66c9256f75cdc7c37f8751044cf0ade69b266142f9
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326290efc9cd104798f5664e57ca82a2f7e9bc3c9d67d3eeeeb7e20e8bc4a687
386de69ed69f6b04ae237717fa5a622b93809db65ec7c2d65d349e21f2add2e4
3b5643d68d1a2b193f231d52b6874db57455a0217b55fdf8bebcec60d3288e39
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fd3c0dd4672a50ca923d692f42a0d8d9f741543aa5ad697491450f514c911ac
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405e43cd3a1d6144f42375bbf65312766341fae117f8809b9faa4d023a279068
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
472e3aaa91feaa4bd79e8e8ab7e67c4c5cc1c695ab7c8a2a9e910735f2602b4d
4761af700d2a30254d4709b617ba843907373af7d0fdcd7dc9069d067d4d87c8
47b7e1d25467ab837fa60c147545f23be4c2b10e33c6e433b4a7460b82e267f9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c0c0652213b10729997c6c43dcbce4f18f36d011c0ed2dbfd4006808e80569
49b0decbc87abc0c5fe97f8928eeff5f7bf1735e612edd1fbdfcff12839e5d4e
4bba6a1902101c3049586c697060efcb276dad4042bd0286dfab6ad83319af79
4c9afca1f1a89595b15d84e7b3eb6e249494d42a57532950e2c89318a04d2fc5
4d8562efd8364015edd8080e72d8bd98f0a92019058f15df14e03f9951e01876
4d90a541ee636d1c866bb0c0ed6fa32d55c4ae6a2aa7566a2cca5d91a40d9789
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edab288d02a2436bd81bec6eb85bcf2bb52db55521173e01c28d334f4eabeac
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
508ec1418d9498ff28d313b9972402037e837ceca5c372c672099a23dbdb764d
5248878bb919ddfe078c3d0e00860cd107c95a24a4636d820953900ef5ad0c27
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5dfac05c613d09c5b09acd45e8d85b792f1849ae022f4dcf5c5e0a17acfa957a
5f6bb5d053b27ed6289fc56a621ab7879e1a0f30805246532a5dee5f1d859903
6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6962f2c8d8abd7ab178a0d61f33ebd427711fb64604c71b060766af51d504922
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76af30d47c586aeb92671ba9754181815bd0a090665ed2592e07e1e3454b1bd2
778dd0c4a8d4ae17e8528e1f39edbe879523fe0e73095e4bf545c448ccacd72d
7812e9bd05e684e703cdf66dc02bbd17f4ec50af9faa93910e73eb06f384c492
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
7a722ec818027f13158fcc6d656fbb0bcb77709f22a7e1229a462fbb7f472392
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
8065b40879ee291260084a91bef981607f9e66952a6cc4b1eb8828256e5e00c2
83ddc2be181965ab02ca3976baf3a5bc8bf3d9cc15cf636336e0bcc037a9106b
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84825ad2be9c8f4b0988504b86e19c48206bc14fb9319a5a652b4b843bbf6507
88479f9ff0e6e37d18132ea3d3652f14cd0325d4a455d014821bc3e7c61413d3
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f06440dab8c5d5eb0c68fe3d53655ac8c99a1803009faa70ff02c29b1ced7c8
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
98590349443ab5e895ccb7518448a454c451174f94670dcbaeb780ee88a24af0
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841
9ebe74980c0ed21e28fab6d9984687ba0075f6cd666c9f56a8a8e2fe7cdc5c72
9ecb1bae5ca2179d8e182b5be11a8ceba1a3ecac58829cd18532ece95c4c5a64
9f71c68db8f50cecab42686d45c685b9fa2710dac74bd8eb50df4689575fc204
9ff0e4473261366bc6fa654df2b3cf1adeb436e85bbbe08e324ede2f013a81e6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2b76daf36d25928914a6c6fa838ea4797d8f61ef8ff7f294d9ec6bec5db89d0
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ac5f84953b819acd13bb03618f955fd214f3cd62492acb291e4819ede07f9708
adb583162413fa54fa2c364e258d84445b1445ea638ab40e04ba607c60ff9c04
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b80e0a9102663e7bdec1f8dc01741171d9e8b40603550b6adbdef141e65fc811
b89c568781c6e259990a7e563451439705ef527e6223de06e44597a328fb0475
b8d38e626f853c59575c97422eb0d04da71d29f2f7a71d68452e6644a09d20ad
b92c5ad2e393a354c1779d0aecf19deb5dc6608444d3b68c00b1d2d4971283fe
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c00f5ecd583759a15fd2f14cf2b9578f8a6331195f21e9910811fe1f36ea2f10
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2dc30dc0532d720976148b4a10b87c9d2bf73271c82a3b92491feabf571b22e
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c902954ed2287c3048b40d687bc6152b0fc195fd4cb1b89ec4bf0b99f3805491
c983c511d21b05249b766eeba349279938546d4e1779cf332e7681abcb24f964
caef97921f1d7c67cb47c57110d97077facd5189bb9995cc644940b3dd88ce9c
ceb5f5e6bcb91fcc4c03c82b96002bea3a2627413e785c6de5db6e2b78a4a124
d31ff0a68a7e63a905a5bdd0e13cf1fae3a4f36cbac4de56a9cdd1e5557bfa82
d375cdf0e7d805b12c609ace7196b04dbd9f27372ec234720be3e09a476ba76a
d3d0a880333239e0e6ab17ec1f7822223994e6be3bf307087315513821ed4e51
d50e7cf0a20f44a45242aee3a67629cfc278e0575fcd2edf1fca03a686433f6f
d8011f8702c24591e152399f1ab4ad3b11bb4f080dbd09c252caa565468065e4
dafcc42b19f044200f9bbcbab3455df70330e2012713c04909b2736566a6c997
dc969b8279fd7072f856e0ac11a5ffe9673dc9b0b190cb2d7e27c06c443e0005
dcc45c991696d726863fbd33b7c423cb24056d250b818b2fa735dc193718dbb9
e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe
e057d4a0ee850afecffa3ffc2eb8fa7cd9bf772bab8a0444ac2cb36ef11a5d61
e0f614339a69161df13a533add75a74dd1e349df73359e1f33f2a017009f5477
e33fd1af9c91ed609edd954c9341444a1fd3db38d480d91cbe1aff618b5545cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f8eed8f325395fb25c9643d823541a817d69d6238a51d88e3a3306d6ce333e
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e7134732accadd8fdd0901abfa44cd7e05605d08f6229e7708f77517dc8b9f
f133a51ef7c7dc05d05949e3c372d552e0e58c07f29eb221878304a5498dd3dd
f64be3ba2acc6081147b4ffc417b0c6290369db5fd8ea86dabd424f3aee8dd50
f75df56e5bcdfa2a12d4b82c3d048f07228341f1e0262e7d030cdb4a63d7b934