nordot.app Open in urlscan Pro
2001:4860:4802:34::15 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nordot.app/836617821636165632?c=39550187727945729
Submission: On November 27 via api (November 27th 2021, 6:46:54 am UTC) from US — Scanned from DE

Summary HTTP 110 Redirects Links 111 Behaviour Indicators

Summary

This website contacted 48 IPs in 7 countries across 38 domains to perform 110 HTTP transactions. The main IP is 2001:4860:4802:34::15, located in United States and belongs to GOOGLE, US. The main domain is nordot.app.
TLS certificate: Issued by GTS CA 1D4 on October 22nd 2021. Valid for: 3 months.

This is the only time nordot.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2010	15169 (GOOGLE) (GOOGLE)
5	2a04:4e42::393 2a04:4e42::393	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2013	15169 (GOOGLE) (GOOGLE)
6	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
3	35.190.62.199 35.190.62.199	15169 (GOOGLE) (GOOGLE)
5	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3	143.204.207.46 143.204.207.46	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	65.9.71.126 65.9.71.126	16509 (AMAZON-02) (AMAZON-02)
2	151.101.129.194 151.101.129.194	54113 (FASTLY) (FASTLY)
1	184.51.9.34 184.51.9.34	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
3	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	202.233.84.2 202.233.84.2	131957 (MICROAD M...) (MICROAD MicroAd)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	107.23.88.187 107.23.88.187	14618 (AMAZON-AES) (AMAZON-AES)
1	3.85.46.201 3.85.46.201	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:de00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	119.63.198.176 119.63.198.176	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	51.89.42.88 51.89.42.88	16276 (OVH) (OVH)
1	52.19.22.209 52.19.22.209	16509 (AMAZON-02) (AMAZON-02)
1	54.218.247.33 54.218.247.33	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	35.227.239.69 35.227.239.69	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1 3	13.35.253.28 13.35.253.28	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:3200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	52.206.105.201 52.206.105.201	14618 (AMAZON-AES) (AMAZON-AES)
2	95.100.146.74 95.100.146.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
3	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.198.172 119.63.198.172	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1 1	130.211.11.246 130.211.11.246	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
110	48

7 2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)

nordot.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42::393 (United States)

ASN54113 (FASTLY, US)

nordot-res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

log.nordot.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.62.199 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 199.62.190.35.bc.googleusercontent.com

ancientact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.207.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-46.fra53.r.cloudfront.net

static.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.71.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-126.fra56.r.cloudfront.net

api.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.233.84.2 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-rtb-pb.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.88.187 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-88-187.compute-1.amazonaws.com

px.britepool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.85.46.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-46-201.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cd8a091567c3035f9c70c055894ae996.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:de00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.176 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

jp.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.42.88 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p27.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.218.247.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-247-33.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.239.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.239.227.35.bc.googleusercontent.com

storage.didna.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.28 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-28.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:3200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.18 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.105.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-105-201.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.100.146.74 (Slough, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-74.deploy.static.akamaitechnologies.com

assets-momentum.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rlog.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.172 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.11.246 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 246.11.211.130.bc.googleusercontent.com

jp-axia.m0mentum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	popin.cc api.popin.cc jp.popin.cc r.popin.cc rlog.popin.cc log.popin.cc inrecsys.popin.cc	145 KB
12	googlesyndication.com cd8a091567c3035f9c70c055894ae996.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	68 KB
7	nordot.app nordot.app	70 KB
6	pubmatic.com 3 redirects ads.pubmatic.com hbopenbid.pubmatic.com image8.pubmatic.com image2.pubmatic.com	57 KB
6	doubleclick.net 1 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net	155 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	solutionshindsight.net static.solutionshindsight.net api.solutionshindsight.net	26 KB
5	cloudinary.com nordot-res.cloudinary.com	83 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	nordot.jp log.nordot.jp	11 KB
4	googleapis.com storage.googleapis.com ajax.googleapis.com fonts.googleapis.com	250 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	microad.jp s-rtb-pb.send.microad.jp	1 KB
3	yahoo.com c2shb.ssp.yahoo.com	472 B
3	ancientact.com ancientact.com	30 KB
2	akamaized.net assets-momentum.akamaized.net	36 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	10 KB
2	google.com adservice.google.com www.google.com	2 KB
2	4dex.io script.4dex.io	23 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	73 KB
1	m0mentum.net 1 redirects jp-axia.m0mentum.net	965 B
1	treasuredata.com in.treasuredata.com	559 B
1	quantcount.com rules.quantcount.com	344 B
1	didna.io storage.didna.io	3 KB
1	adsrvr.org match.adsrvr.org	540 B
1	sharedid.org id.sharedid.org	210 B
1	crwdcntrl.net id.crwdcntrl.net	334 B
1	id5-sync.com id5-sync.com	528 B
1	gstatic.com fonts.gstatic.com	13 KB
1	adsafeprotected.com static.adsafeprotected.com	481 B
1	google.de adservice.google.de	792 B
1	thrtle.com thrtle.com
1	britepool.com 1 redirects px.britepool.com api.britepool.com Failed	650 B
1	adnxs.com ib.adnxs.com	694 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	google-analytics.com www.google-analytics.com	20 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
0	rlcdn.com Failed api.rlcdn.com Failed
110	38

	Domain	Requested by
7	nordot.app	nordot.app
6	tpc.googlesyndication.com	nordot.app securepubads.g.doubleclick.net tpc.googlesyndication.com
6	api.popin.cc	nordot.app api.popin.cc
5	pagead2.googlesyndication.com	nordot.app securepubads.g.doubleclick.net tpc.googlesyndication.com
5	cdn.ampproject.org	confiant-integrations.global.ssl.fastly.net
5	securepubads.g.doubleclick.net	storage.googleapis.com securepubads.g.doubleclick.net nordot.app
5	nordot-res.cloudinary.com	nordot.app
4	log.nordot.jp	nordot.app log.nordot.jp
3	log.popin.cc	nordot.app
3	image8.pubmatic.com	2 redirects nordot.app
3	sb.scorecardresearch.com	1 redirects storage.didna.io
3	jp.popin.cc	api.popin.cc nordot.app
3	s-rtb-pb.send.microad.jp	storage.googleapis.com
3	c2shb.ssp.yahoo.com	storage.googleapis.com
3	static.solutionshindsight.net	storage.googleapis.com static.solutionshindsight.net
3	ancientact.com	nordot.app ancientact.com
2	rlog.popin.cc	nordot.app
2	assets-momentum.akamaized.net	api.popin.cc assets-momentum.akamaized.net
2	mug.criteo.com	nordot.app
2	gum.criteo.com	1 redirects
2	script.4dex.io	storage.googleapis.com script.4dex.io
2	confiant-integrations.global.ssl.fastly.net	nordot.app confiant-integrations.global.ssl.fastly.net
2	api.solutionshindsight.net	static.solutionshindsight.net
2	storage.googleapis.com	nordot.app storage.googleapis.com
1	www.google.com	tpc.googlesyndication.com
1	jp-axia.m0mentum.net	1 redirects
1	inrecsys.popin.cc	nordot.app
1	r.popin.cc	nordot.app
1	in.treasuredata.com	api.popin.cc
1	image2.pubmatic.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	pixel.quantserve.com	storage.didna.io
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	storage.didna.io
1	storage.didna.io	nordot.app
1	match.adsrvr.org	ads.pubmatic.com
1	id.sharedid.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	confiant-integrations.global.ssl.fastly.net
1	static.adsafeprotected.com	nordot.app
1	cd8a091567c3035f9c70c055894ae996.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	thrtle.com	nordot.app
1	px.britepool.com	1 redirects
1	hbopenbid.pubmatic.com	storage.googleapis.com
1	ib.adnxs.com	storage.googleapis.com
1	cdn.jsdelivr.net	storage.googleapis.com
1	ads.pubmatic.com	nordot.app
1	www.google-analytics.com	nordot.app
1	cdnjs.cloudflare.com	nordot.app
1	ajax.googleapis.com	nordot.app
0	api.rlcdn.com Failed	ads.pubmatic.com
0	api.britepool.com Failed	ads.pubmatic.com
110	56

This site contains links to these domains. Also see Links.

Domain
www.47news.jp
twitter.com
timeline.line.me
www.youtube.com
www.facebook.com
b.hatena.ne.jp
a.popin.cc
traffic.popin.cc
discovery.popin.cc
github.com

Subject Issuer	Validity	Valid
nordot.app GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-06-22`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
log.nordot.jp GTS CA 1D4	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2021-10-22` - `2022-10-22`	a year	crt.sh
ancientact.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
solutionshindsight.net Amazon	`2021-02-19` - `2022-03-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
id.sharedid.org Amazon	`2021-01-08` - `2022-02-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
storage.didna.io GTS CA 1D4	`2021-10-18` - `2022-01-16`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.treasuredata.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://nordot.app/836617821636165632?c=39550187727945729
Frame ID: AA6E62662202013AF41FE943A73920F7
Requests: 82 HTTP requests in this frame

Frame: https://cd8a091567c3035f9c70c055894ae996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5C23D0FAB63F26BBBFA4B4BA5DD0A8CE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 7BC6D2113F6F6A578A2875FE6C018571
Requests: 16 HTTP requests in this frame

Frame: https://storage.didna.io/didna_trackers.html
Frame ID: D7AC65BF7EF1990209B82E6F5C2A09FE
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 036B201B9FE7283EEAD5064213FC813D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49F74376305959FA3F46D7079C434649
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

受診控え、がん患者6万人減　20年、コロナ影響で初めて｜共同通信nordotLogo

Page Statistics

110
Requests

91 %
HTTPS

41 %
IPv6

38
Domains

56
Subdomains

48
IPs

7
Countries

1191 kB
Transfer

3330 kB
Size

29
Cookies

111 Outgoing links

These are links going to different origins than the main page.

URL: https://www.47news.jp/

Search URL Search Domain Scan URL

URL: https://twitter.com/kyodo_official

Search URL Search Domain Scan URL

URL: https://timeline.line.me/user/_dVvQmT5O2CNNxtWGhXj1t0cE-m2jA6WppA58gC0

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCwJXtk_1CKlCrh7YJDP2uPw

Search URL Search Domain Scan URL

URL: https://www.47news.jp/politics/shuinsenkyo2021?sjkd_page=list_KA61260c4839273
Title: 特集ページを見る

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fnordot.app%2F836617821636165632%3Fc%3D39550187727945729

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%E5%8F%97%E8%A8%BA%E6%8E%A7%E3%81%88%E3%80%81%E3%81%8C%E3%82%93%E6%82%A3%E8%80%856%E4%B8%87%E4%BA%BA%E6%B8%9B%E3%80%8020%E5%B9%B4%E3%80%81%E3%82%B3%E3%83%AD%E3%83%8A%E5%BD%B1%E9%9F%BF%E3%81%A7%E5%88%9D%E3%82%81%E3%81%A6+%7C+2021%2F11%2F26+-+%E5%85%B1%E5%90%8C%E9%80%9A%E4%BF%A1&url=https%3A%2F%2Fnordot.app%2F836617821636165632%3Fc%3D39550187727945729

Search URL Search Domain Scan URL

URL: http://b.hatena.ne.jp/entry/s/nordot.app/836617821636165632

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Ffytte.jp%2Fdiet%2F153718%2F%3Futm_source%3Dpopin%26utm_medium%3Dads%26utm_campaign%3Dtieup%26utm_content%3Dfytte_glico_211114&data=eyJjdmlkIjoiZ2V0bmF2aSIsImMiOiIzMC4wIiwidHoiOiJqcCIsImYiOiIyIiwibmlkIjoiNjE5MzJiZDgwZmMxMGM2ZjhiMjkxODU2IiwibV9jYXQiOiIiLCJtZWRpYSI6InRoaXMua2lqaS5pcyIsIm0iOiIyNzI5OTkyNiIsInBiIjoicG9waW4iLCJjYW1wYWlnbiI6IjYxOTFkNzNhMGZjMTBjNGI0MzE4NTY1NCIsImNhdGVnb3J5IjoiaGVhbHRoIiwiZGV2aWNlIjoicGMiLCJsX2NhdCI6IklBQjEwLTgifQ==&token=31b988317ad544a8b3b7c252bd099fb0&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: もしかしたら糖質を減らし過ぎ？！自分に合った「適正糖質」量を知ろう江崎グリコ

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fkampo-select.jp%2Fpop_msn_kuwa_01%2F&data=eyJjdmlkIjoia3V3YUB0eWFrYXRlIiwiYyI6IjM1LjAiLCJ0eiI6ImpwIiwiZiI6IjIiLCJuaWQiOiI2MTc4ZTZiY2Y2ODZiNjdmYjUyZWViMzciLCJtX2NhdCI6IiIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwibSI6IjI3Mjk5OTI2IiwiY2FtcGFpZ24iOiI2MTFmMTZlNzlhMTA1MjYyODk3Y2FmNzQiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUIxMC04In0=&token=82e71e33f4ee6687b3f79716680fb0bc&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 医師が教えてくれない血糖値の秘密和漢

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fsb1.genpeiseiyaku.com%2Fab%2Fohana_popin_b&data=eyJjdmlkIjoiaHlha3VzYW4iLCJjIjoiMjUuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxN2EyMGFjOWExMDUyMWVkZDE0ZDgyNSIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJjYW1wYWlnbiI6IjYxNzdhOGRjOWExMDUyN2VhNzU0YjljNSIsImNhdGVnb3J5IjoiaGVhbHRoIiwiZGV2aWNlIjoicGMiLCJsX2NhdCI6IklBQjEzIn0=&token=2de083af8373ac152361c26c7ff9f761&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 蓄膿症の原因は鼻じゃない？蓄膿症に効く日本唯一の処方とは源平製薬

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=http%3A%2F%2Fbest-note.site%2Fouchi04b-p02&data=eyJjdmlkIjoibmVrby1TTVQiLCJjIjoiNDAuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxN2I5YWZjOWExMDUyMmNkYTUxYjE3NyIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJwYiI6InBvcGluIiwiY2FtcGFpZ24iOiI2MTIzNjM1OGY2ODZiNjU1NzA1NGRiNDQiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUIyMCJ9&token=4199fe74840afe261798f9b750256f5d&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 相続した実家がまさかの金額！人工知能でその場で分かる不動産査定が話題ouchi direct on best-note

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836930108080160768&popin=recommend
Title: 10万円相当の給付、事務作業に1200億円かかる？⇨立憲・後藤氏「厳しくチェックを」、国民・玉木氏「愚策」jaハフポスト日本版2021/11/26/ 11:41

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836400150113959936&popin=recommend
Title: 朝ドラ、ラストで衝撃“ナレ死” ネット動揺広がる「夢オチと思ったら」【ネタバレ】jaデイリースポーツ芸能2021/11/25/ 00:33

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837158512214704128&popin=recommend
Title: 首相、敵基地攻撃を排除せず検討ja共同通信2021/11/27/ 02:49

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836863841758314496&popin=recommend
Title: 「もう時代が許さない」黙認70年、尼崎・売春街解体の舞台裏ja神戸新聞2021/11/26/ 07:00

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837089898810736640&popin=recommend
Title: 野村周平「俺もそろそろLDH入ろうかな」白濱亜嵐&関口メンディーと仲良しプライベートトークjaフジテレビュー!!2021/11/26/ 22:15

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837166216891744256&popin=recommend
Title: 志位氏「自公追い詰めた」と総括ja共同通信2021/11/27/ 03:20

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837116862802886656&popin=recommend
Title: コロナ新変異株の国内監視強化ja共同通信2021/11/27/ 00:04

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836742957196034048&popin=recommend
Title: 男性ホルモンつくる細胞をiPSで作製男性の更年期障害、治療に光神戸大ja神戸新聞2021/11/25/ 23:00

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=http%3A%2F%2Fbest-note.site%2Fouchi19-p02&data=eyJjdmlkIjoibmVrby1TTVQiLCJjIjoiMzUuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxNmU5OThjOWExMDUyNmQ3YjdhNWIxNyIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJwYiI6InBvcGluIiwiY2FtcGFpZ24iOiI2MTRkMTcyMzlhMTA1MjNhMzM3ZjAwNzQiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUIyMCJ9&token=60a3fe4995ece3d3118bc15a291b731b&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 実家売る人続出!?ヤフーとソニーグループ共同運営の不動産査定が凄いOUCHI DIRECT

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Flumiere.life%2Fpopin_n_s%2F&data=eyJjdmlkIjoiVGVybWluYWxpYSIsImMiOiI0Ni4wIiwidHoiOiJqcCIsImYiOiIyIiwibmlkIjoiNjE4YTZmNTUwZmMxMGMwN2RjNDI2NmY2IiwibV9jYXQiOiIiLCJtZWRpYSI6InRoaXMua2lqaS5pcyIsIm0iOiIyNzI5OTkyNiIsInBiIjoicG9waW4iLCJjYW1wYWlnbiI6IjYxOGE2ZTJmMGZjMTBjMDdhZTFiZDQ3NCIsImNhdGVnb3J5IjoiaGVhbHRoIiwiZGV2aWNlIjoicGMiLCJsX2NhdCI6IklBQjEwLTQifQ==&token=cbede1338677c190bbbad96cc9deb6e5&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 「中澤佑二さんインスタで絶賛」体重を減らす方法！芸能界の愛用者続々ビタブリッドジャパン

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fsb-englishsp.discover-news.tokyo%2Fab%2Fpop-lp64&data=eyJjdmlkIjoiU1BfRW5nbGlzaCIsImMiOiIyNC4wIiwidHoiOiJqcCIsImYiOiIyIiwibmlkIjoiNjE0ZDRlY2MwZmMxMGM3OGQ4MDMzZDY0IiwibV9jYXQiOiIiLCJtZWRpYSI6InRoaXMua2lqaS5pcyIsIm0iOiIyNzI5OTkyNiIsInBiIjoicG9waW4iLCJjYW1wYWlnbiI6IjYwZmY5ZWNiOWExMDUyNDQ0NDEzZWU3NCIsImNhdGVnb3J5IjoiaGVhbHRoIiwiZGV2aWNlIjoicGMiLCJsX2NhdCI6IklBQjUifQ==&token=0be0f69dadb0ee8bc3b145c09ea24091&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 「英語は4つだけ覚えれば一瞬」英語系YouTuberが暴露、目からウロコな学習法株式会社Creajoy

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fsb-kabucollege.discover-news.tokyo%2Fab%2FZtSkQPgfODNQzvrLg&data=eyJjdmlkIjoia2FidV9Db2xsZWdlIiwiYyI6IjIzLjAiLCJ0eiI6ImpwIiwiZiI6IjIiLCJuaWQiOiI2MTkyNjJlYzlhMTA1MjYyODUzMjUwNjIiLCJtX2NhdCI6IiIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwibSI6IjI3Mjk5OTI2IiwicGIiOiJwb3BpbiIsImNhbXBhaWduIjoiNjE3OTNhZjE5YTEwNTI0ZmMwM2YxMzQ0IiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJwYyIsImxfY2F0IjoiSUFCMTcifQ==&token=f0054330c2d551309c2907af8e5bec94&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 1日で8億稼いだ投資家が暴露「癖になる」上がる銘柄がわかる株の新常識とは？株式会社カイザー

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836976723293323264&popin=recommend
Title: 濱田龍臣、番組でのカミングアウトに驚きの声「『やっぱり』と思う方が…」jaSirabee2021/11/26/ 14:30

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837077109984739328&popin=recommend
Title: 【九州場所】阿炎 “問題児” から一変！１２勝でＶキーマン恩師もホッ「大人になったなと」ja東スポWeb2021/11/26/ 21:25

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836882212565909504&popin=recommend
Title: 大学生が母親の頭を石で殴る「殺すつもりだった」jaFNNプライムオンライン2021/11/26/ 08:30

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837175625105702912&popin=recommend
Title: LINEペイで二重払い発生ja共同通信2021/11/27/ 03:56

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837097234860376064&popin=recommend
Title: NY円、113円半ばja共同通信2021/11/26/ 22:45

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836932140841680896&popin=recommend
Title: 生徒会応援演説頼まれ嫌だったja共同通信2021/11/26/ 11:48

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836750498242789376&popin=recommend
Title: 広島県の社長の出身大学ランキング―1位は広島大、2位は？ja中国新聞2021/11/25/ 23:40

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837112673811890176&popin=recommend
Title: 電車で居眠りした乗客を男が刺殺「サイコパスを早く逮捕して」の声が噴出jaSirabee2021/11/26/ 23:30

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fserai.jp%2Fhealth%2F1046746&data=eyJjdmlkIjoiZGltZSIsImMiOiIyMi4wIiwidHoiOiJqcCIsImYiOiIyIiwibmlkIjoiNjE4ZTRiNzNmNjg2YjY2ODI4MzcwZGZhIiwibV9jYXQiOiIiLCJtZWRpYSI6InRoaXMua2lqaS5pcyIsIm0iOiIyNzI5OTkyNiIsInBiIjoicG9waW4iLCJjYW1wYWlnbiI6IjYxOGU0YjZlZjY4NmI2NjgyODM3MGRmNCIsImNhdGVnb3J5IjoiaGVhbHRoIiwiZGV2aWNlIjoicGMiLCJsX2NhdCI6IklBQjEwLTUifQ==&token=38bbd20c7ad8b026d5405844fee8aa6b&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: ブリッジを入れている人こそ、季節の味覚を楽しむためのお手入れが大切サライ.jp

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Frfvtgb.xfreehub.com%2Fworldwide%2Fdrone-ta-jp%3Futm_medium%3Doutbrain2%26utm_source%3Doutbrain2%26utm_campaign%3Dpo-xf-drone-des-jp-an-11111d&data=eyJjdmlkIjoiU21hcnRsaWZ5LWpwIiwiYyI6IjIuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxOGNkMmI0OWExMDUyNWJkODZlYTA1NiIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJwYiI6InBvcGluIiwiY2FtcGFpZ24iOiI2MThjZDI1NzlhMTA1MjViZDk2NDMwNTQiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUIxOSJ9&token=c15ad6667e3476ad522ea54f7b68dfa9&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: ドローンテクノロジーが捕えたこの世で一番怖い写真Xfreehub

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fwww.soolide.com%2Fja%2F179972%3Futm_source%3Dpop%26utm_campaign%3D60caf9600fc10c0f163dce04%26utm_medium%3Dreferral%26utm_term%3Dthis.kiji.is&data=eyJjdmlkIjoiU29vbGlkZV9KYXBhbiIsImMiOiIzLjAiLCJ0eiI6ImpwIiwiZiI6IjIiLCJuaWQiOiI2MGNhZmQ2MDBmYzEwYzZjMjI3N2I2ZjUiLCJtX2NhdCI6IiIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwibSI6IjI3Mjk5OTI2IiwiY2FtcGFpZ24iOiI2MGNhZjk2MDBmYzEwYzBmMTYzZGNlMDQiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUI2In0=&token=d7a44321c5a23a22aed80e7c02f9ccd8&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 7世紀前のコインを発見したとして、警察に逮捕された少女Soolide

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fwww.mitsubishi-motors.co.jp%2Flineup%2Foutlander_phev%2F%3Fcid%3Do_dis-p_pp_ppd-all_ol-phev_appearance-na_hy_20211027&data=eyJjdmlkIjoiTWl0c3ViaXNoaW1vdG9yX05ld091dGxhbmRlclBIRVYiLCJjIjoiNDMuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxN2ZiMDkwOWExMDUyNDhlYzQ3NzQyNSIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJwYiI6InBvcGluIiwiY2FtcGFpZ24iOiI2MTdmYjAyYjlhMTA1MjQ4ZWM0Nzc0MjQiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUIxIn0=&token=bf9db9366388d42ebf7330bb99dcb0e8&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 先行注文特典で、選べるオプションプレゼント！新型アウトランダーPHEV誕生三菱自動車工業株式会社

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837014419287834624&popin=recommend
Title: デーブ・スペクター、『紅白歌合戦』の演出をバッサリ「どんどんダメにしてる」jaSirabee2021/11/26/ 17:10

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837074049697251328&popin=recommend
Title: 「史上最高の日本シリーズ」更新も？ 29年前との共通点から見た、ヤクルトvsオリックスの熱戦ぶりjaJ-CASTニュース2021/11/26/ 21:13

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836447675685027840&popin=recommend
Title: NHK「カムカム」アドリブが生んだ名シーン西田尚美が明かす撮影秘話「本当のお母さんみたいだった」jaJ-CASTニュース2021/11/25/ 03:44

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Ftraffic.popin.cc%2Fredirect%2Fdiscovery%3Furl%3Dhttps%253A%252F%252Fnordot.app%252F836487492299276288%26popin%3Drecommend&data=eyJjdmlkIjoibm9yZG90IiwiYyI6IjEuMCIsInR6IjoianAiLCJmIjoiMSIsIm5pZCI6IjYxYTBjMzVjOWExMDUyMzZjMTRkZjAzNSIsIm1fY2F0IjpudWxsLCJjYW1wYWlnbiI6IjYxYTBjMmUyOWExMDUyMTU0YzQxMTk2NCIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJyZXNlcnZlZF9wYyIsImxfY2F0IjpudWxsLCJtIjoiMCJ9&token=73a635a6b799f9d54c38352552512fcd&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: スウェーデン初の女性首相、数時間で辞任予算成立せず連立解消BBC NEWS JAPAN

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Ftraffic.popin.cc%2Fredirect%2Fdiscovery%3Furl%3Dhttps%253A%252F%252Fnordot.app%252F836718377415032832%26popin%3Drecommend&data=eyJjdmlkIjoibm9yZG90IiwiYyI6IjEuMCIsInR6IjoianAiLCJmIjoiMSIsIm5pZCI6IjYxYTBjNDEzOWExMDUyMmI5OTA2NzA3NiIsIm1fY2F0IjpudWxsLCJjYW1wYWlnbiI6IjYxYTBjMmUyOWExMDUyMTU0YzQxMTk2NCIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJyZXNlcnZlZF9wYyIsImxfY2F0IjpudWxsLCJtIjoiMCJ9&token=d01789364ce5f8a22cbc419c2fd65167&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: MLB労使協定失効まで1週間…大谷翔平がロックアウト不可避なら“大損”する理由日刊ゲンダイDIGITAL

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F833448719865479168&popin=recommend
Title: 月12万円で2人の子育て「ありがたい」賛否の10万円給付子のいない世帯はどう思う？ja沖縄タイムス＋プラス2021/11/16/ 20:48

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836775001147523072&popin=recommend
Title: シバター朝倉未来の「絶縁宣言」に嘆く「俺、そういうやつなんだよね」ja東スポWeb2021/11/26/ 01:25

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836830521860636672&popin=recommend
Title: 小林麻耶“スピリチュアル夫”復縁でラブラブ？芸能界復帰には「怖くて使えない」と戸惑う声ja日刊ゲンダイDIGITAL2021/11/26/ 05:00

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fwww.syokuraku-web.com%2Fcolumn%2F77780%2F&data=eyJjdmlkIjoidG9rdW1hIiwiYyI6IjIwLjAiLCJ0eiI6ImpwIiwiZiI6IjIiLCJuaWQiOiI2MTlkZDg5Y2Y2ODZiNjFiNzU3NjhjMTUiLCJtX2NhdCI6IiIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwibSI6IjI3Mjk5OTI2IiwicGIiOiJwb3BpbiIsImNhbXBhaWduIjoiNjE5ZGQ3ZDFmNjg2YjYxYjc1NzY4YzE0IiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJwYyIsImxfY2F0IjoiSUFCOSJ9&token=365cc3c3b066eb6a7ba42499f065ded0&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 幻のアサヒ生ビールが缶になって登場！俳優佐藤隆太も唸った、通称「マルエフ」の味に迫るアサヒビール株式会社

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fveryweb.jp%2Fkids%2F253129%2F%3Futm_source%3Dpopin%26utm_medium%3Dpromotion%26utm_campaign%3Dpopin_20211105_ku&data=eyJjdmlkIjoia29idW5zaGEiLCJjIjoiNDUuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxOWIyNjk4OWExMDUyNTViNTE3NTVhZCIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJwYiI6InBvcGluIiwiY2FtcGFpZ24iOiI2MTliMjVlZDlhMTA1MjI1ZWU3NDI2MTQiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUI1In0=&token=0fae8c7f44652c0c0ecbf888cd400922&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 子どものためになにかしてあげたいママ･パパにぴったり公文教育研究会 on VERY

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Ftgm.dholic.co.jp%2F%3F%26utm_medium%3Ddisplay%26utm_source%3DPopin%26utm_campaign%3DTGM%26utm_content%3Dcr204_text204&data=eyJjdmlkIjoiVEdNX0RIT0xJQyIsImMiOiIyMi4wIiwidHoiOiJqcCIsImYiOiIyIiwibmlkIjoiNjFhMDg2YTIwZmMxMGMxNTkxMDQzNjdhIiwibV9jYXQiOiIiLCJtZWRpYSI6InRoaXMua2lqaS5pcyIsIm0iOiIyNzI5OTkyNiIsInBiIjoicG9waW4iLCJjYW1wYWlnbiI6IjYxYTA4M2RhMGZjMTBjNDk5NzAyNTY3NCIsImNhdGVnb3J5IjoiaGVhbHRoIiwiZGV2aWNlIjoicGMiLCJsX2NhdCI6IklBQjI1LTYifQ==&token=842bb7c637270c1c9a3e919346a8efb6&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 大注目の「インフルエンサーイチ押し韓国ファッションアイテム」とは？TGM_DHOLIC

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fwww.felissimo.co.jp%2Fyoumore%2Fgcd348759%2F%3Fxid%3Dp_popin_fc_grasskasa05%26bid%3D12336&data=eyJjdmlkIjoiZmVsaXNzaW1vIiwiYyI6IjI1LjAiLCJ0eiI6ImpwIiwiZiI6IjIiLCJuaWQiOiI2MTlmMTVmMDlhMTA1MjUxYmM2MGM1ZjQiLCJtX2NhdCI6IiIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwibSI6IjI3Mjk5OTI2IiwicGIiOiJwb3BpbiIsImNhbXBhaWduIjoiNjA4OGFhOWE5YTEwNTI3YzliNmY0Yzk0IiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJwYyIsImxfY2F0IjoiSUFCMjUtNiJ9&token=8e453a39340ad26bb88d3e739e15e833&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 広げればあこがれの世界？大正ロマンなステンドグラスの傘フェリシモ

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836717833331113984&popin=recommend
Title: 眞子さんの結婚は「国民」の気持ちに反していたのか？皇室ジャーナリストの発言に違和感（森暢平）ja日刊ゲンダイDIGITAL2021/11/25/ 21:30

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836929905330454528&popin=recommend
Title: 佐々木希渡部建への本音は「働かないで家にいてほしい」有名レポーターがズバリja東スポWeb2021/11/26/ 11:40

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836884357785747456&popin=recommend
Title: 橋下徹氏が、玉木雄一郎氏が！クーポン給付の印刷費１２００億円に怒「いい加減にしろ」ja東スポWeb2021/11/26/ 08:39

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836885554339463168&popin=recommend
Title: 宮迫博之、焼肉店めぐる堀江貴文「ガチ忠告」に苦笑「もうマジで協力してください」とラブコールjaJ-CASTニュース2021/11/26/ 08:44

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fwww.47news.jp%2Fspecial%2Famr&data=eyJjdmlkIjoibm9yZG90IiwiYyI6IjEuMCIsInR6IjoianAiLCJmIjoiMSIsIm5pZCI6IjYxNzhmMmI0OWExMDUyNTUwYzNhMTM0NCIsIm1fY2F0IjpudWxsLCJjYW1wYWlnbiI6IjYxNzhmMjZmOWExMDUyNTMxMzA0YmZjNCIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJyZXNlcnZlZF9wYyIsImxfY2F0IjpudWxsLCJtIjoiMCJ9&token=85cfa67ff1d48257526a394c1a2687ad&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 薬剤耐性(AMR)とは？抗菌薬のリスクとできることAMR臨床リファレンスセンター on 47NEWS（PR）

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837065651103547392&popin=recommend
Title: 新変異株、「オミクロン」と命名ja共同通信2021/11/26/ 20:39

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837116330822189056&popin=recommend
Title: 有吉弘行、男子トイレで股間を出すタイミングに疑問便器前で出すのは「貴族」jaSirabee2021/11/26/ 23:45

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Ftraffic.popin.cc%2Fredirect%2Fdiscovery%3Furl%3Dhttps%253A%252F%252Fnordot.app%252F836885554339463168%26popin%3Drecommend&data=eyJjdmlkIjoibm9yZG90IiwiYyI6IjEuMCIsInR6IjoianAiLCJmIjoiMSIsIm5pZCI6IjYxYTBjNDJhOWExMDUyMmI5OTA2NzA3NyIsIm1fY2F0IjpudWxsLCJjYW1wYWlnbiI6IjYxYTBjMmUyOWExMDUyMTU0YzQxMTk2NCIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJyZXNlcnZlZF9wYyIsImxfY2F0IjpudWxsLCJtIjoiMCJ9&token=8a61f4bd387610548f185ac82e1c4088&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 宮迫博之、焼肉店めぐる堀江貴文「ガチ忠告」に苦笑「もうマジで協力してください」とラブコールJ-CASTニュース

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fveryweb.jp%2Ffashion%2F251851%2F%3Futm_source%3DpopinIn%26utm_medium%3Dpromotion%26utm_campaign%3DpopinIn_20211105_ne&data=eyJjdmlkIjoia29idW5zaGEiLCJjIjoiMjUuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxOTc0Zjg4MGZjMTBjNTRlZjRjMWYwOCIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJwYiI6InBvcGluIiwiY2FtcGFpZ24iOiI2MTk3NGVlZTBmYzEwYzIyODg3ZTY3MjQiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUIyNS02In0=&token=15048b18dcd86c7d8bfd7fc167741d6c&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 失敗したくない大物買いは、やっぱりリアルショッピングがいちばんニュウマン横浜 on VERY

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fproject.nikkeibp.co.jp%2Fmirakoto%2Fatcl%2Fmirai%2Fh_vol93%2F%3Fn_cid%3Dpopin&data=eyJjdmlkIjoibmlra2VpX0JQIiwiYyI6IjE3LjAiLCJ0eiI6ImpwIiwiZiI6IjIiLCJuaWQiOiI2MTk3NDRjOTlhMTA1MjM0YzUxNzQyOTciLCJtX2NhdCI6IiIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwibSI6IjI3Mjk5OTI2IiwiY2FtcGFpZ24iOiI2MTc4YjNhNzBmYzEwYzI0NDMxMDcwODQiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUIzIn0=&token=b8b881881de9c171aa748a9f6844301d&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 昭和の日用品が引き出すあの頃の記憶博物館がけん引する認知症予防とは？未来コトハジメ（日経BP）

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fveryweb.jp%2Fnavy%2Ffeature%2F251637%2F%3Futm_source%3DpopinIn%26utm_medium%3Dpromotion%26utm_campaign%3DpopinIn_20211105_di&data=eyJjdmlkIjoia29idW5zaGEiLCJjIjoiMjAuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxOTc0NjE3MGZjMTBjNjljMjdkZDI4OSIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJwYiI6InBvcGluIiwiY2FtcGFpZ24iOiI2MTk3NDVjODBmYzEwYzY5YzI3ZGQyODQiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUIyNS02In0=&token=09c8991f127f6f7bf6d84e651171542d&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 自分のために選ぶなら、ファッション性とお守り感、どちらも譲れないクリスチャンディオール on VERY NAVY

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fwww.japacrunch.com%2Flife-story%2Fwoman-made-big-changes-dropped-420-pounds-jp%2F%3Futm_source%3Dba%26utm_campaign%3Decv-d-jp-n-0-0-210729-jc-ba-0%26utm_medium%3Dthis.kiji.is&data=eyJjdmlkIjoiaGl2ZW1lZGlhIiwiYyI6IjMuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxNzAxOWI1MGZjMTBjMDhmMDJiOWVjNSIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJjYW1wYWlnbiI6IjYxMDMwZDRiMGZjMTBjNzBhMzMwYzE1NCIsImNhdGVnb3J5IjoiaGVhbHRoIiwiZGV2aWNlIjoicGMiLCJsX2NhdCI6IklBQjE5In0=&token=442818ee56109204c2962a65159f8ae6&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 300kgの巨漢の女性が一大決心その減量後の姿が圧巻Japacrunch

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Ftraffic.popin.cc%2Fredirect%2Fdiscovery%3Furl%3Dhttps%253A%252F%252Fnordot.app%252F836880860114370560%26popin%3Drecommend&data=eyJjdmlkIjoibm9yZG90IiwiYyI6IjEuMCIsInR6IjoianAiLCJmIjoiMSIsIm5pZCI6IjYxYTBjM2I1OWExMDUyMmI5OTA2NzA3NCIsIm1fY2F0IjpudWxsLCJjYW1wYWlnbiI6IjYxYTBjMmUyOWExMDUyMTU0YzQxMTk2NCIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJyZXNlcnZlZF9wYyIsImxfY2F0IjpudWxsLCJtIjoiMCJ9&token=37a50cdb344cec7c22590a789af26b5e&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 中国テニス選手のメール、「WTAは無視した」友人名乗る男性が非難BBC NEWS JAPAN

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fwww.47news.jp%2Fspecial%2Fserviceaward2021&data=eyJjdmlkIjoibm9yZG90IiwiYyI6IjEuMCIsInR6IjoianAiLCJmIjoiMSIsIm5pZCI6IjYxNzhmMGY4OWExMDUyNjdmYTI5NGZmNCIsIm1fY2F0IjpudWxsLCJjYW1wYWlnbiI6IjYxNzhmMDEzOWExMDUyMjg1NzQ1YjM2NCIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJyZXNlcnZlZF9wYyIsImxfY2F0IjpudWxsLCJtIjoiMCJ9&token=b446dcea7dd062ee642724dbb01bce53&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 「第4回日本サービス大賞」応募受付スタート！日本生産性本部 on 47NEWS（PR）

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837060486675447808&popin=recommend
Title: 米、アフリカから渡航制限ja共同通信2021/11/26/ 20:19

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837203932291940352&popin=recommend
Title: 片山氏の後任の共同代表に馬場幹事長を指名ja共同通信2021/11/27/ 05:48

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Ftraffic.popin.cc%2Fredirect%2Fdiscovery%3Furl%3Dhttps%253A%252F%252Fnordot.app%252F836714744066424832%26popin%3Drecommend&data=eyJjdmlkIjoibm9yZG90IiwiYyI6IjEuMCIsInR6IjoianAiLCJmIjoiMSIsIm5pZCI6IjYxYTBjMzc0OWExMDUyMzZjMTRkZjAzNiIsIm1fY2F0IjpudWxsLCJjYW1wYWlnbiI6IjYxYTBjMmUyOWExMDUyMTU0YzQxMTk2NCIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJyZXNlcnZlZF9wYyIsImxfY2F0IjpudWxsLCJtIjoiMCJ9&token=04032b1a58a8dd760f17131539656253&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: フジテレビ希望退職者募集の衝撃！くすぶり続けた〝辞めない〟ベテラン社員問題東スポWeb

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836443699214974976&popin=recommend
Title: 宮崎謙介、5歳長男へ「サプライズ弁当」まさかの中身に「アイデア抜群」「笑ってしまった」jaJ-CASTニュース2021/11/25/ 03:28

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837158175305285632&popin=recommend
Title: 謝罪のプロ、石川遼の謝罪会見「80点」座らなかった理由にスタジオ驚きjaデイリースポーツ芸能2021/11/27/ 02:46

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836436104295743488&popin=recommend
Title: 人気モデル中村里砂、整形疑惑を否定「目頭切りすぎ」指摘に「生まれつきなんだよね」jaJ-CASTニュース2021/11/25/ 02:58

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Frfvtgb.xfreehub.com%2Fworldwide%2Fnature-ta-jp%3Futm_medium%3Doutbrain2%26utm_source%3Doutbrain2%26utm_campaign%3Dpo-xf-nature-des-jp-an-02091d&data=eyJjdmlkIjoiU21hcnRsaWZ5LWpwIiwiYyI6IjIuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxMzBjY2UxOWExMDUyMDg4YjIwZDczNyIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJjYW1wYWlnbiI6IjYxMzBjYzBmOWExMDUyMDg4YjIwZDczNSIsImNhdGVnb3J5IjoiaGVhbHRoIiwiZGV2aWNlIjoicGMiLCJsX2NhdCI6IklBQjYifQ==&token=4069d652c29212f96f1a5a2bd61f2c3c&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 海の中で四角い波を見たら、すぐに海から出ようXfreehub

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fveryweb.jp%2Fnavy%2Ffeature%2F252128%2F%3Futm_source%3DpopinIn%26utm_medium%3Dpromotion%26utm_campaign%3DpopinIn_20211105_bo&data=eyJjdmlkIjoia29idW5zaGEiLCJjIjoiMjAuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxOTc0NGY4MGZjMTBjM2UxMjU0MTAzZCIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJwYiI6InBvcGluIiwiY2FtcGFpZ24iOiI2MTk3NDQ2ZjBmYzEwYzRiYTY0NDJmZDEiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUIyNS02In0=&token=809cb43fdb42e57c3631f304a2255c0c&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 今季も心躍る新作が目白押しなボッテガ･ヴェネタのバッグと小物たち。ボッテガ・ヴェネタジャパン on VERY NAVY

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fbusiness.nikkei.com%2Fatcl%2Fgen%2F19%2F00027%2F111200013%2F%3Fn_cid%3Dnbponb_piad_SF202139197_202111&data=eyJjdmlkIjoiY3Jlc2NvQE5pa2tlaUJQQUQiLCJjIjoiMzAuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxOWJiZTVjMGZjMTBjNjNmYzRhZjlkOCIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJwYiI6InBvcGluIiwiY2FtcGFpZ24iOiI2MTliYmRlMTBmYzEwYzYzZmM0YWY5ZDUiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUIzIn0=&token=b7d770b284815936b008b333643262e6&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 人間中心、実力本位の会社クレスコクレスコ on 日経ビジネス電子版

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fspecial.nikkeibp.co.jp%2Fatclh%2FONB%2F21%2Fkirin1104%2F%3Fn_cid%3Dnbponb_piad_SF202137340_202111&data=eyJjdmlkIjoiS2lyaW5CZWVyQE5ra2VpQlBBRCIsImMiOiIzMC4wIiwidHoiOiJqcCIsImYiOiIyIiwibmlkIjoiNjE4YzY3MmVmNjg2YjY2NDAxNTAzNTI2IiwibV9jYXQiOiIiLCJtZWRpYSI6InRoaXMua2lqaS5pcyIsIm0iOiIyNzI5OTkyNiIsInBiIjoicG9waW4iLCJjYW1wYWlnbiI6IjYxOGI0NmQ2ZjY4NmI2NGQ5YzM5YTczNCIsImNhdGVnb3J5IjoiaGVhbHRoIiwiZGV2aWNlIjoicGMiLCJsX2NhdCI6IklBQjkifQ==&token=7e245cdfd22f05d675426cf059bf1ddb&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 急成長クラフトビール市場「スプリングバレー」の魅力に迫るキリンビール on 日経ビジネス電子版Special

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837152345921863680&popin=recommend
Title: 米NY州、コロナ非常事態宣言ja共同通信2021/11/27/ 02:23

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836438129902338048&popin=recommend
Title: パトカーで性行為!? バカップルを逮捕jamashup NY2021/11/25/ 02:07

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836990906507526144&popin=recommend
Title: 「18歳と81歳の違い」18歳は道路を暴走、81歳は…ja山陰中央新報2021/11/26/ 21:00

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836613098009067520&popin=recommend
Title: コンプレックスビジネス、「下手だ」と恥をかかせてしまう文化…日本人の英語教育を取り巻く“闇”jaABEMA TIMES2021/11/25/ 11:04

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836933023339610112&popin=recommend
Title: JR東の音響案内、転落の恐れもja共同通信2021/11/26/ 11:52

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836597957467095040&popin=recommend
Title: バス停事故、死者2人負傷2人に横浜・戸塚の国道1号、ワゴン車運転の71歳逮捕ja神奈川新聞社2021/11/25/ 13:27

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836432499961937920&popin=recommend
Title: 中国の報道官、記者に逆ギレ？彭帥さん安否で羽鳥慎一「外交問題に...」jaJ-CASTニュース2021/11/25/ 02:44

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836430493377363968&popin=recommend
Title: 石川遼「遅すぎる」謝罪会見のナゼ…自主隔離違反で謹慎中、透けるメインスポンサーの思惑ja日刊ゲンダイDIGITAL2021/11/25/ 02:25

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Ftime-space.kddi.com%2Fau-kddi%2F20210301%2F3069%3Fcid%3Dco_prts_pop&data=eyJjdmlkIjoia2RkaSIsImMiOiI4LjAiLCJ0eiI6ImpwIiwiZiI6IjIiLCJuaWQiOiI2MTk0OWEzYTlhMTA1MjAzMGE2N2MzNzQiLCJtX2NhdCI6IiIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwibSI6IjI3Mjk5OTI2IiwicGIiOiJwb3BpbiIsImNhbXBhaWduIjoiNjE5NDc0MDlmNjg2YjYzNmRiMjA0MTc0IiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJwYyIsImxfY2F0IjoiSUFCMjYifQ==&token=a5d4d7412646583d03df886b2a297d34&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: JR大阪駅の5G電波対策の工夫とは？巨大な駅構内に電波を届ける裏側を取材TIME&SPACE

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fwww.itmedia.co.jp%2Fpcuser%2Farticles%2F2110%2F28%2Fnews005.html%23utm_source%3Dpop%26utm_medium%3Dnl1000e%26utm_campaign%3Dls211105&data=eyJjdmlkIjoiaXRtZWRpYSIsImMiOiIxNS4wIiwidHoiOiJqcCIsImYiOiIyIiwibmlkIjoiNjE5MzY4NmIwZmMxMGMxOGNlNzAwMTQ2IiwibV9jYXQiOiIiLCJtZWRpYSI6InRoaXMua2lqaS5pcyIsIm0iOiIyNzI5OTkyNiIsInBiIjoicG9waW4iLCJjYW1wYWlnbiI6IjYxOTM2NTg5MGZjMTBjMWRiYTEyOWMwNCIsImNhdGVnb3J5IjoiaGVhbHRoIiwiZGV2aWNlIjoicGMiLCJsX2NhdCI6IklBQjI2In0=&token=c9c184e3788da48125b44d02afab79b4&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 15.6型液晶を小型ボディに搭載、省スペースで高コスパなノートPCエプソンダイレクト

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fwww.felissimo.co.jp%2Fshopping%2FI180606%2FI280618%2FI380620%2FGCD122992%2F%3Fxid%3Dp_popin_fc_pute59%26bid%3D12336&data=eyJjdmlkIjoiZmVsaXNzaW1vIiwiYyI6IjEyLjAiLCJ0eiI6ImpwIiwiZiI6IjIiLCJuaWQiOiI2MWEwNDA0YjlhMTA1Mjc3ZWIzYTU3MzQiLCJtX2NhdCI6IiIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwibSI6IjI3Mjk5OTI2IiwicGIiOiJwb3BpbiIsImNhbXBhaWduIjoiNjE3MjI5MDI5YTEwNTIyY2MzMGQyNTg0IiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJwYyIsImxfY2F0IjoiSUFCMjUtNiJ9&token=2157e1ae76346b58943729cdfbea1557&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: お風呂上がりのリラックスタイムに、人懐っこいプテラノドンタオルフェリシモ

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fhugkum.sho.jp%2Fspecial%2F293442&data=eyJjdmlkIjoiaHVna3VtIiwiYyI6IjE1LjAiLCJ0eiI6ImpwIiwiZiI6IjIiLCJuaWQiOiI2MWEwNGUwZGY2ODZiNjA3MWEyOGU3NjUiLCJtX2NhdCI6IiIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwibSI6IjI3Mjk5OTI2IiwicGIiOiJwb3BpbiIsImNhbXBhaWduIjoiNjFhMDRlMGNmNjg2YjYwNzFhMjhlNzY0IiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJwYyIsImxfY2F0IjoiSUFCNiJ9&token=bd8e6757c8740f1535cdf8704915568d&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: ド迫力な恐竜たちから体験型の学びを、恐竜ラボディノサバイバルが全国20都市で開催hugkum.sho.jp

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837199572603027456&popin=recommend
Title: 【速報】広島県内の感染者、福山市の6人以外なし 27日新型コロナja中国新聞2021/11/27/ 05:27

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837163130048741376&popin=recommend
Title: 「応援演説頼まれたのが嫌だった」愛知中3刺殺事件で供述jaFNNプライムオンライン2021/11/27/ 03:06

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836995136437420032&popin=recommend
Title: 子どもの養育めぐりトラブルか車から女性遺体元夫逮捕jaFNNプライムオンライン2021/11/26/ 15:59

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836431620434493440&popin=recommend
Title: 木下富美子氏きっかけでポンコツ都議の報酬見直しも…上田令子氏「嫌な予感がする」ja東スポWeb2021/11/25/ 02:40

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837077347774234624&popin=recommend
Title: ＤＡＩＧＯ政界転身なしで名門「竹下派」完全消滅へ地元の待望論むなしく…ja東スポWeb2021/11/26/ 21:26

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837173760763166720&popin=recommend
Title: 古市憲寿氏 MC中居に「何にも聞いてくれないんですか」と必死のアピールjaデイリースポーツ芸能2021/11/27/ 03:47

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Ftraffic.popin.cc%2Fredirect%2Fdiscovery%3Furl%3Dhttps%253A%252F%252Fnordot.app%252F836827958651420672%26popin%3Drecommend&data=eyJjdmlkIjoibm9yZG90IiwiYyI6IjEuMCIsInR6IjoianAiLCJmIjoiMSIsIm5pZCI6IjYxYTBjM2QzOWExMDUyMTU0YzQxMTk2OCIsIm1fY2F0IjpudWxsLCJjYW1wYWlnbiI6IjYxYTBjMmUyOWExMDUyMTU0YzQxMTk2NCIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJyZXNlcnZlZF9wYyIsImxfY2F0IjpudWxsLCJtIjoiMCJ9&token=87cbf24288efe0bc70e8302a71cc669d&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 南アで新たな変異株を検出「これまでで最も激しい変異」BBC NEWS JAPAN

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837120128033292288&popin=recommend
Title: 宇宙ステーションの謎をチコちゃんが解説「無重力だから」ではなかった？jaSirabee2021/11/27/ 00:00

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fairis-flower.com%2Fbokunokorekara_pp_01%2F&data=eyJjdmlkIjoiYm9rdW5va29yZWthcmFfbWN2X2Fkc3R5bGVodWt1b2thIiwiYyI6IjMwLjAiLCJ0eiI6ImpwIiwiZiI6IjIiLCJuaWQiOiI2MTllYTAyZTBmYzEwYzA5NTczMzY4NWIiLCJtX2NhdCI6IiIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwibSI6IjI3Mjk5OTI2IiwicGIiOiJwb3BpbiIsImNhbXBhaWduIjoiNjE5ZTlkZDMwZmMxMGM0NWEyMzg4YWU1IiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJwYyIsImxfY2F0IjoiSUFCMjUtNSJ9&token=36db4625a0d1279f19671da087d7250f&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 息子(15)「もっと早く使いたかった」ニキビには新感覚のアレオモヤ

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fveryweb.jp%2Fnavy%2Ffeature%2F250610%2F%3Futm_source%3DpopinIn%26utm_medium%3Dpromotion%26utm_campaign%3DpopinIn_20211110_ta&data=eyJjdmlkIjoia29idW5zaGEiLCJjIjoiMjUuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxOTc0MjY5MGZjMTBjNGJhNjQ0MmZiZiIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJwYiI6InBvcGluIiwiY2FtcGFpZ24iOiI2MTk3NDE5YzBmYzEwYzNlMTI1NDEwMzQiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUIyNS02In0=&token=005020cb040801cfc76a928f67b22b76&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 知りたい。パールのmyレイヤードTASAKI on VERY NAVY

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fgooday.nikkei.co.jp%2Fatcl%2Freport%2F14%2F091100031%2F110500751%2Findex.html%3Fn_cid%3Dnbpgdy_piad_SF202138521_202111&data=eyJjdmlkIjoiRXpha2lnbGljb0BOaWtrZWlCUEFEIiwiYyI6IjMwLjAiLCJ0eiI6ImpwIiwiZiI6IjIiLCJuaWQiOiI2MTkzMWFhZmY2ODZiNjQ3N2Y2MjEwZTYiLCJtX2NhdCI6IiIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwibSI6IjI3Mjk5OTI2IiwicGIiOiJwb3BpbiIsImNhbXBhaWduIjoiNjE5MzE5YWVmNjg2YjYxN2NkMDc5YmM0IiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJwYyIsImxfY2F0IjoiSUFCMTAtNiJ9&token=225728d4a33e125ffa16f95d371c95d2&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: こだわりのおいしさ、間食も食事もサポートする「SUNAO」江崎グリコ on 日経Gooday

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fstoryweb.jp%2Fspecial-feature%2F202111dyson%2F%3Futm_source%3DpopinIn%26utm_medium%3Dpromotion%26utm_campaign%3DpopinIn_20211101_dy&data=eyJjdmlkIjoia29idW5zaGFfbW9kIiwiYyI6IjMwLjAiLCJ0eiI6ImpwIiwiZiI6IjIiLCJuaWQiOiI2MThlMDU1NWY2ODZiNjcxYjYyMDQ4OTYiLCJtX2NhdCI6IiIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwibSI6IjI3Mjk5OTI2IiwicGIiOiJwb3BpbiIsImNhbXBhaWduIjoiNjE4ZTAzOTRmNjg2YjY3MDI0NTE1NzE0IiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJwYyIsImxfY2F0IjoiSUFCMjUtMSJ9&token=8d20bf3ec786d89d793a2d5dbef0b39b&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: モデル藤井悠さんが新アタッチメントをお試し！ダイソン on STORY

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837163063488135168&popin=recommend
Title: 殺人未遂疑いで中2女子逮捕「ドンキ」屋上からカート落とすjaFNNプライムオンライン2021/11/27/ 03:06

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836403730906562560&popin=recommend
Title: 幼い兄弟の死にEXITりんたろー。涙兼近大樹は親類からの金の無心告白jaデイリースポーツ芸能2021/11/25/ 00:47

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836509637350277120&popin=recommend
Title: 愛知中3刺殺「嫌なことされた」ja共同通信2021/11/25/ 07:52

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836850986957537280&popin=recommend
Title: 東証大幅反落、747円安ja共同通信2021/11/26/ 06:26

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836949666516844544&popin=recommend
Title: クールポコ小野まじめ途中棄権で100万円獲得をネット絶賛コロナで月収1桁jaデイリースポーツ芸能2021/11/26/ 12:57

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F837146539551703040&popin=recommend
Title: パンサー尾形、『水ダウ』のトラウマ明かすいまだに恐怖感じるドッキリは…jaSirabee2021/11/27/ 01:45

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836699560468185088&popin=recommend
Title: ベッキーの会見欠席に臆測夫の元巨人・片岡治大氏が「妻バンザイ」でプチ炎上ja東スポWeb2021/11/25/ 20:25

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fnordot.app%2F836456163539501056&popin=recommend
Title: 兵庫・稲美町放火殺人逮捕の伯父、逃亡先に土地勘ある大阪選んだかja神戸新聞2021/11/25/ 03:44

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fveryweb.jp%2Fbeauty%2F253405%2F%3Futm_source%3DpopinIn%26utm_medium%3Dpromotion%26utm_campaign%3DpopinIn_20211101_dy&data=eyJjdmlkIjoia29idW5zaGEiLCJjIjoiMjUuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxOTFlODQ4MGZjMTBjN2U1ZjQ1YjJkZCIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJwYiI6InBvcGluIiwiY2FtcGFpZ24iOiI2MTkxZTdiYTBmYzEwYzA2ZjM2YzQ3NTQiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUIyNS0xIn0=&token=c18cc8d604e41c4641b7e21fe337f48b&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: ダイソンの最新「浮き毛抑制ツール」でブローいらずダイソン on VERY

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fwww.lalabegin.jp%2Farticle%2F45448%2F&data=eyJjdmlkIjoic2VrYWlidW5rYSIsImMiOiIyMC4wIiwidHoiOiJqcCIsImYiOiIyIiwibmlkIjoiNjE5ZGY0MDEwZmMxMGMwOWVjMWMxMzI1IiwibV9jYXQiOiIiLCJtZWRpYSI6InRoaXMua2lqaS5pcyIsIm0iOiIyNzI5OTkyNiIsInBiIjoicG9waW4iLCJjYW1wYWlnbiI6IjYxOWRmMDBhMGZjMTBjNGEwZTJlZWIzNCIsImNhdGVnb3J5IjoiaGVhbHRoIiwiZGV2aWNlIjoicGMiLCJsX2NhdCI6IklBQjkifQ==&token=252fc827986467fa694d6c470c679a68&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: クリスマスは、罪悪感なしで楽しめるヴィーガンケーキをシェアしよう！ビオクラ on LaLa Begin

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fwww.syokuraku-web.com%2Fcolumn%2F76863%2F&data=eyJjdmlkIjoidG9rdW1hIiwiYyI6IjIwLjAiLCJ0eiI6ImpwIiwiZiI6IjIiLCJuaWQiOiI2MTlkZWE2OWY2ODZiNjE5MTUzM2ZkY2MiLCJtX2NhdCI6IiIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwibSI6IjI3Mjk5OTI2IiwicGIiOiJwb3BpbiIsImNhbXBhaWduIjoiNjE5ZGU5NDhmNjg2YjYxOTE1MzNmZGM1IiwiY2F0ZWdvcnkiOiJoZWFsdGgiLCJkZXZpY2UiOiJwYyIsImxfY2F0IjoiSUFCOSJ9&token=1c71c92b57dda9d359cf70301fda6283&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: 福島県が14年かけて開発したお米「福､笑い」とは？株式会社USEN Media

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fveryweb.jp%2Fnavy%2Ffeature%2F251945%2F%3Futm_source%3DpopinIn%26utm_medium%3Dpromotion%26utm_campaign%3DpopinIn_20211105_ba&data=eyJjdmlkIjoia29idW5zaGEiLCJjIjoiMjUuMCIsInR6IjoianAiLCJmIjoiMiIsIm5pZCI6IjYxOTc0N2ExMGZjMTBjNjljMjdkZDI5NyIsIm1fY2F0IjoiIiwibWVkaWEiOiJ0aGlzLmtpamkuaXMiLCJtIjoiMjcyOTk5MjYiLCJwYiI6InBvcGluIiwiY2FtcGFpZ24iOiI2MTk3NDcwODBmYzEwYzY5YzI3ZGQyOTQiLCJjYXRlZ29yeSI6ImhlYWx0aCIsImRldmljZSI6InBjIiwibF9jYXQiOiJJQUIyNS02In0=&token=dac736adc97a8ec945a13ab6d11c73ee&t=1637995610473&uid=4a0f36c1ff2495897f41637995608949&api_host=jp.popin.cc&mode=20170420&referer_type=organic&td_client_id=135fcac9-82ab-499a-b77b-b190922d660f&extra=m_ch_pc&logid=76fe42f4-d8f0-4d26-be01-44e8e1b57384&piuid=4a0f36c1ff2495897f41637995608949
Title: BLACK or WHITE？パリのマーケットバッグが着想源の人気モノが進化！バレンシアガ on VERY NAVY

Search URL Search Domain Scan URL

URL: https://discovery.popin.cc/discovery/what-is.php
Title: Recommended by

Search URL Search Domain Scan URL

URL: https://github.com/nordot/otherthancode/blob/master/privacy_ja.md
Title: プライバシー

Search URL Search Domain Scan URL

URL: https://github.com/nordot/otherthancode/blob/master/terms_users_ja.md
Title: 利用規約

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=s9BcjnxCRWp5Y0dQUXZyMmwrT0RlQXZ2VE5CZ3hWeUNkUWF1TjRxaXVYQmhpcGVlbk9PVk5zbFhDbUxFNEtkSGpLMUFDdit1NDM4eFRhWjg1RTlHbFU4ZXVhTVMxd0NFV1JPL1R5RFFJVk1CczVqaUlERVJaYzBHVXRpRXdWcVhKcnV6UGFla1NjclBHNGdDUDBIV1lmRFoxZnhFeHd1d3dYWHJQeTNBMm1yUHJSZytwY29SSDBLVUxPbVBZVUxTMElLNHR3Y2V2NWhmYWdFaUZxNFF4TGJNU2JITWtOb2Ftc3crZ1F1TlI2QzdlVGZjPXw&cppv=2

Request Chain 45

https://px.britepool.com/new?partner_id=t HTTP 302
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=9b210e2e-5378-4eb4-9b7e-b1468cf47a7b

Request Chain 86

https://sb.scorecardresearch.com/b?c1=2&c2=27875916&ns__t=1637995610902&ns_c=UTF-8&ns_if=1&cv=3.5&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c9=https%3A%2F%2Fnordot.app%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=27875916&ns__t=1637995610902&ns_c=UTF-8&ns_if=1&cv=3.5&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c9=https%3A%2F%2Fnordot.app%2F

Request Chain 89

https://image8.pubmatic.com/AdServer/ImgSync?p=159745 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159745&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTJCNDEwRkUtMTBENi00MjQ3LUIwODAtMjQwQTIwQThBMkMw&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 101

https://jp-axia.m0mentum.net/clear/fraud/38?req=eyJpZCI6Ijc2ZmU0MmY0LWQ4ZjAtNGQyNi1iZTAxLTQ0ZThlMWI1NzM4NCIsImltcCI6W3siaWQiOiIxIiwidGFnaWQiOiJ0aGlzLmtpamkuaXMifV0sInNpdGUiOnsicGFnZSI6Imh0dHBzOi8vbm9yZG90LmFwcC84MzY2MTc4MjE2MzYxNjU2MzI_Yz0zOTU1MDE4NzcyNzk0NTcyOSIsInJlZiI6IiIsImRvbWFpbiI6IiJ9LCJkZXZpY2UiOnsianMiOjF9LCJleHQiOnsibW9tZW50dW0iOnsiaGVyb24iOnsiaWQiOiIyOVN5alg2RHVwd2hTLWxpTk9qUEQiLCJtb2RlIjowLCJyZXF1aXJlIjpbMSwyLDRdLCJwYXJhbXMiOiJleUowSWpveE5qTTNPVGsxTmpFeU1EQTRMQ0ppWm01eklqcGJNQ3d4TERJc015dzBMRFlzTnl3NUxERXdMREV4TERFekxERTBMREUxTERFMkxERTNMREU0TERFNUxESXdMREl4TERJeUxESXpMREkwTERJMUxESTJMREkzTERJNExESTVMRE13TERNeExETXlMRE16TERNMExETTJMRE0zTERNNExETTVMRFF3TERReExEUXlMRFEzTERVNUxEWXdMRFl5WFN3aWIyY2lPaUp1YjNKa2IzUXVZWEJ3SWl3aWNHeDBJam9pVEdsdWRYZ2dlRGcyWHpZMElpd2labVJ3SWpvd0xDSjBhWFJzWlNJNkl1V1BsLWlvdXVhT3AtT0JpT09BZ2VPQmpPT0NrLWFDby1pQWhUYmt1SWZrdXJybXVKdmpnSUF5TU9XNXRDNHVMaUlzSW5naU9qTXhOQ3dpZVNJNk1UazNOQzR5T0RFeU5Td2ljbVYySWpveE1EZ3dNQ3dpWlhnaU9uc2laVzUySWpwN0ltWnlJam93TENKa2JuUWlPakFzSW1ObGJpSTZNQ3dpYkdsc0lqb3dMQ0pzYVhJaU9qQXNJbXhwYnlJNk1Td2liR2wxSWpvd0xDSnpiMmNpT2pFc0ltNTJkSEFpT2pBc0luSmtZeUk2TUN3aWRuTjBJam93TENKaGJHOXVaU0k2TFRFc0ltMWxiU0k2T0N3aWJHTndkWE1pT2pRc0luTmlkaUk2TVgwc0luWndJanA3SW5ac0lqb3hMQ0p6WXlJNkxUSXNJbWwzSWpveE5qQXdMQ0pwYUNJNk1USXdNSDBzSW05eklqcDdJblpzSWpveExDSnpZeUk2TFRJc0ltbDNJam94TmpBd0xDSnBhQ0k2TVRJd01IMHNJbk56SWpwN0luWnNJam94TENKell5STZMVElzSW1sM0lqb3hOakF3TENKcGFDSTZNVEl3TUgwc0luWmlJanA3SW05MmJDSTZNU3dpYjNjaU9qazNNaXdpYjJnaU9qVTVNRE11TVRjeE9EYzFMQ0oyWWlJNk1Td2liMk1pT2pGOUxDSjJZU0k2ZXlKd2RtRWlPakVzSW1ad2RpSTZMVEY5TENKd2NtSWlPakI5ZlEuLiIsIm1ldHJpY3MiOjN9fX19&dest=http%3A%2F%2Fjp.popin.cc%2Fpopin_discovery%2Fpbc HTTP 302
https://jp.popin.cc/popin_discovery/pbc?m0-response=ljMazde7REVejrLpRVjSIUzH9%2B%2B7X8rB0UFvp9yuXEHcK5NzS8QQCyQgqqLWOZ6KAIKd5P8G5vJh%2FCPfQ8c15BniOcnnv3IETwbOmB778xoYfsmyHsnA%2Bk81HA%2FUvhaM9XTGOEwuof9QUHKWZADSvpdyUQx7%2BmKsUWHLeeZ3c02X0NuedjzP9r5ZKbDqzhlFGBFZI%2BIIQxOYwob0Bko9lQ%3D%3D

110 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 836617821636165632 Show response
nordot.app/ 39 KB
14 KB 202ms
171ms Document
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c1b7409f2bc3d63901c144ecf5e285a306dfe365aadda8849c1669442198aac9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
vary: Accept-Encoding User-Agent
content-encoding: gzip
x-cloud-trace-context: c28d04f76217775a90351cb9d578820f
date: Sat, 27 Nov 2021 06:46:47 GMT
server: Google Frontend
cache-control: private
content-length: 13916

GET
H2 200 didna_config.js Show response
storage.googleapis.com/didna_hb/nordot/nordot/ 19 KB
19 KB 159ms
122ms Script
text/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 15c1a58c468820fb34b6625ae962820783626d83eafb0ef354e7d55b38e3e32f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
x-guploader-uploadid: ADPycdtHige0N6_kHjiq5fnWs54ZvKHdKcEzDU7cZup5eTf0D4gFkwwMZ1h4j-U0nEkVzBn9lKgw1_7lNZT1o4sQEdw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19075
last-modified: Tue, 23 Nov 2021 18:24:38 GMT
server: UploadServer
etag: "9d24f15149e474a879ad295f121f5fcc"
x-goog-hash: crc32c=zdWr7Q==, md5=nSTxUUnkdKh5rSlfEh9fzA==
x-goog-generation: 1637691878481946
cache-control: no-store
x-goog-stored-content-length: 19075
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 27 Nov 2022 06:46:47 GMT

GET
H2 200 posts_detail.css
nordot.app/images/newsnor/kiji/css/pc/ 42 KB
43 KB 125ms
124ms Stylesheet
text/css 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nordot.app/images/newsnor/kiji/css/pc/posts_detail.css?1637307936
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 7f73ee585e817432c0d98736b26ed2301b1a13eaa60596380425554f15b171e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/836617821636165632?c=39550187727945729
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
server: Google Frontend
age: 0
etag: "xk9Nyg"
content-type: text/css
x-cloud-trace-context: 041fe5f07b02691af1a7548da33978b0
cache-control: public, max-age=1
content-length: 43397
expires: Sat, 27 Nov 2021 06:46:48 GMT

GET
H2 200 header_13.png
nordot-res.cloudinary.com/f_auto,q_auto:eco/ch/units/39166665832988672/ 2 KB
2 KB 70ms
8ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nordot-res.cloudinary.com/f_auto,q_auto:eco/ch/units/39166665832988672/header_13.png

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f10ab824acc419ad38dda5f5cd8f4b0156a181da4a113acc11ee820caff50140

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="header_13.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-11-27T06:46:47.615Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 1820
last-modified: Mon, 06 Jul 2020 01:13:21 GMT
server: Cloudinary
etag: "e8082963543a54f53c2a0931b4d61483"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 promo_image_35.png
nordot-res.cloudinary.com/c_limit,w_300,f_auto,q_auto:eco/ch/units/39166665832988672/ 5 KB
5 KB 80ms
18ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nordot-res.cloudinary.com/c_limit,w_300,f_auto,q_auto:eco/ch/units/39166665832988672/promo_image_35.png

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

4dd1ea46d0ad4600199abce86b0dfdc518c2207929c7aa79c19a9e497e8ca8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="promo_image_35.webp"
server-timing: fastly;dur=3;cpu=0;start=2021-11-27T06:46:47.615Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 4948
last-modified: Thu, 30 Sep 2021 01:47:11 GMT
server: Cloudinary
etag: "8cdd72832af0f7170c9d58eb4af20941"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 origin_1.jpg
nordot-res.cloudinary.com/c_limit,w_800,f_auto,q_auto:eco/ch/images/836762409445097472/ 66 KB
66 KB 71ms
9ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nordot-res.cloudinary.com/c_limit,w_800,f_auto,q_auto:eco/ch/images/836762409445097472/origin_1.jpg

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

90ac1d2e7aa68675803a962b43d37fc5800ed533a63d4a04f63caea9a96cdd1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="origin_1.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-11-27T06:46:47.615Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 67908
last-modified: Fri, 26 Nov 2021 00:35:19 GMT
server: Cloudinary
etag: "3eee9f8f8b3ea2921f6e0e63d21c17fc"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 profile_7.png
nordot-res.cloudinary.com/c_limit,w_300,h_300,f_auto,q_auto:eco/ch/units/39166665832988672/ 3 KB
3 KB 70ms
8ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nordot-res.cloudinary.com/c_limit,w_300,h_300,f_auto,q_auto:eco/ch/units/39166665832988672/profile_7.png

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

734688c48e3725752d393537165f0f316d63d474547aeb86c2feb3f29d406145

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="profile_7.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-11-27T06:46:47.615Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 2700
last-modified: Thu, 17 Oct 2019 12:59:48 GMT
server: Cloudinary
etag: "4b8ffd701a2993d5198082f0d03a3697"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 profile_4.png
nordot-res.cloudinary.com/c_limit,w_360,f_auto,q_auto:eco/cu/units/39550187727945729/ 6 KB
7 KB 69ms
7ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nordot-res.cloudinary.com/c_limit,w_360,f_auto,q_auto:eco/cu/units/39550187727945729/profile_4.png

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8709424e1d28835401062f4487ed97a4988105e1f1e450d8da91cac7d433f5d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="profile_4.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-11-27T06:46:47.615Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 6478
last-modified: Thu, 24 Oct 2019 00:35:18 GMT
server: Cloudinary
etag: "c1da5603c507095cb2bee3767b8d5477"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
94 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 23:07:11 GMT
x-content-type-options: nosniff
age: 27576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95992
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:07:11 GMT

GET
H2 200 common.js Show response
nordot.app/images/newsnor/kiji/js/pc/ 2 KB
2 KB 138ms
137ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nordot.app/images/newsnor/kiji/js/pc/common.js?1637307936
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: a562056fa84fd667a864978c5ebed4269389c216c2577ce5295e3153b7c3fbac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/836617821636165632?c=39550187727945729
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
server: Google Frontend
age: 0
etag: "xk9Nyg"
content-type: application/javascript
x-cloud-trace-context: a0e1ce25c18103c6da054909cb37e6a5
cache-control: public, max-age=1
content-length: 1662
expires: Sat, 27 Nov 2021 06:46:48 GMT

GET
H2 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 16 KB
6 KB 32ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 817418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5303
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04015-4041"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9so%2F0X7TnRTDNBbip0gdYucSh6MKX1AflABiz9PkJF4HKxF%2BHyeJhXVe8cuDsXKA06WOVvfZQlVAUNk9mlD3DnEYbB%2FvahzLgKiY6dKFqzjFWOKPsDb%2BdDDpUbWjJDL3y7xNhG2aOfbnxKvHiTiWobQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b4966c34967324c-FRA
expires: Thu, 17 Nov 2022 06:46:47 GMT

GET
H2 200 curatedBy.js Show response
nordot.app/images/newsnor/kiji/js/pc/ 6 KB
6 KB 139ms
137ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nordot.app/images/newsnor/kiji/js/pc/curatedBy.js?1637307936
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 7993a83292a6344fcf727c7035025f93fc8d0dbe6d2d7e7a12e765cab2ab4879

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/836617821636165632?c=39550187727945729
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
server: Google Frontend
age: 0
etag: "xk9Nyg"
content-type: application/javascript
x-cloud-trace-context: 991574c0191d8eb1af1f234e1a7bdb3d
cache-control: public, max-age=1
content-length: 6098
expires: Sat, 27 Nov 2021 06:46:48 GMT

GET
H2 200 ready.js Show response
nordot.app/images/newsnor/kiji/js/pc/ 4 KB
1 KB 126ms
124ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nordot.app/images/newsnor/kiji/js/pc/ready.js?1637307936
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 20dae3bb473081bf9c5bbe7560565708d726e1db6791503d1bd97a0dba962f7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/836617821636165632?c=39550187727945729
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
content-encoding: gzip
server: Google Frontend
age: 0
etag: "xk9Nyg"
content-type: application/javascript
x-cloud-trace-context: 07ecf9281acdd2ccb66e16fd4908ec5b
cache-control: public, max-age=1
content-length: 1307
expires: Sat, 27 Nov 2021 06:46:48 GMT

GET
H2 200 plugin.js Show response
nordot.app/images/newsnor/kiji/js/pc/ 15 KB
5 KB 125ms
123ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nordot.app/images/newsnor/kiji/js/pc/plugin.js?1637307936
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 1b86e36d7fb587850c521e26fc12f83333fa837c9d424153bc1762811b31876b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/836617821636165632?c=39550187727945729
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
content-encoding: gzip
server: Google Frontend
age: 0
etag: "xk9Nyg"
content-type: application/javascript
x-cloud-trace-context: b11a0b7b8dfe9e4bdd175bd8ca26b44a
cache-control: public, max-age=1
content-length: 4747
expires: Sat, 27 Nov 2021 06:46:48 GMT

GET
H2 200 beacon-1.1.0.js Show response
log.nordot.jp/js/ 25 KB
11 KB 1421ms
1372ms Script
application/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: dcc45c991696d726863fbd33b7c423cb24056d250b818b2fa735dc193718dbb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:48 GMT
content-encoding: gzip
server: Google Frontend
age: 0
etag: "GLle1Q"
content-type: application/javascript
x-cloud-trace-context: 31d0eae085b1bf1ac7752866fa9ee791
cache-control: public, max-age=1
content-length: 10602
expires: Sat, 27 Nov 2021 06:46:49 GMT

GET
H2 200 ads.js Show response
nordot.app/images/newsnor/kiji/js/pc/ 22 B
139 B 138ms
137ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nordot.app/images/newsnor/kiji/js/pc/ads.js?1637307936
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 799e81b5d4ca1cfd0f7ef8de2f75c3a3f7b6250e190bd217a774a83e64fd6038

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/836617821636165632?c=39550187727945729
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
content-encoding: gzip
server: Google Frontend
age: 0
etag: "xk9Nyg"
content-type: application/javascript
x-cloud-trace-context: c3743be1be8b25f1f844d666166db7b4
cache-control: public, max-age=1
content-length: 48
expires: Sat, 27 Nov 2021 06:46:48 GMT

GET
H/1.1 200
OK this_kiji.js Show response
api.popin.cc/searchbox/ 52 KB
9 KB 1121ms
263ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/this_kiji.js
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: d87c68744104c0200a065cb6118f9406775eb5f299f396b0bfc81a851142de44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:48 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Oct 2021 06:36:48 GMT
Server: nginx
ETag: W/"40cd318342c6e7feda0bf83c5da74b49"
X-Cache-Status: HIT from 10.252.55.25
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: vojsO6j6_6RFth03tj_gTjJDrMNLs9hf
Expires: Sat, 27 Nov 2021 07:46:48 GMT

GET
H2 200 v2gnp6T4I2RaHC6htBpJnb4Le1Yyo41UruGDrxJGN435l7JgxnHoIwKO_7z_20Imb Show response
ancientact.com/ 103 KB
30 KB 59ms
24ms Script
text/javascript 35.190.62.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ancientact.com/v2gnp6T4I2RaHC6htBpJnb4Le1Yyo41UruGDrxJGN435l7JgxnHoIwKO_7z_20Imb

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

199.62.190.35.bc.googleusercontent.com

Software

Resource Hash

ce999b49c91987d053fa5ac976e76d636202be1b225abc0429beeb316159ab82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "16dff567c8e4fc9617cd42792cf5d7e62c79d246f6c5a0900932cbb72f5a94a5"
vary: Accept-Encoding, Accept-Language
x-hostname: c984a0b3
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Sat, 27 Nov 2021 06:46:47 GMT
timing-allow-origin: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 71ms
23ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

08012aaf4b314a0b3df680beb89f433d55e98c3a027af9a95fdd1f3569fdcdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1056 / 577 of 1000 / last-modified: 1637708807"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26768
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 06:46:47 GMT

GET
H2 200 hindsightipads.min.js Show response
static.solutionshindsight.net/hindsightipads/ 83 KB
24 KB 36ms
9ms Script
application/javascript 143.204.207.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/hindsightipads/hindsightipads.min.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-46.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e44351fd1d3db063e5d687b93d017a949e82dc13c3fe8ad01f9361012e5c1b91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:17:24 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 17:11:24 GMT
server: AmazonS3
age: 2015
etag: "8527b75c7343fd795f7f9d13675e1ae7"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 24050
x-amz-cf-id: 6pFcdegPfeqNjQ7USWytUXtXLygGErxl16gF4XM_HMqd3XLLlRRn4Q==

GET
BLOB 200
OK aa6ba446-1bf5-4f51-856c-a0def0e64196
https://nordot.app/ 564 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://nordot.app/aa6ba446-1bf5-4f51-856c-a0def0e64196
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 564
Content-Type: text/javascript

GET
H2 200 bm9yZG90LmFwcA%3D%3D Show response
static.solutionshindsight.net/assets/ 2 KB
1 KB 39ms
9ms Fetch
application/json 143.204.207.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/assets/bm9yZG90LmFwcA%3D%3D
Requested by: Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/hindsightipads/hindsightipads.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-46.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1063c324cb24a333c01c020990b87552e785510b1f84cb8b304d43c8c5f1064d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"175fd1f9caa361e835d205ad5eea67f5"
age: 636
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 21:20:10 GMT
server: AmazonS3
date: Sat, 27 Nov 2021 06:40:35 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: T1mt0QonUCjuH0azXq0-cj-IY_gsuNLTDewZmZB5J8uF97KS3mvSGw==

GET
H3 200 didna_prebid.js.gz Show response
storage.googleapis.com/didna-prod/latest/ 450 KB
135 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d1e67632e15525fd9b02d2502dc8c295c413fede875ca418bf51208ab4984e36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 05:59:43 GMT
content-encoding: gzip
age: 2824
x-guploader-uploadid: ADPycds5cymUmAJXZZuZAgLFvKqTpB9pbWbC1ML5H2ZqAPBudH9Ms_rEJpsfQJVnIkF7LweDeK1l8EK_UlIzu34b-ujWA5p57Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138168
last-modified: Tue, 26 Oct 2021 13:54:05 GMT
server: UploadServer
etag: "4080c5942f9436fe4505e9d38b1383c5"
vary: Accept-Encoding
x-goog-hash: crc32c=iZrVxQ==, md5=QIDFlC+UNv5FBenTixODxQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1635256445229364
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=172800
x-goog-stored-content-length: 138168
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 29 Nov 2021 05:59:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6340
date: Sat, 27 Nov 2021 05:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 27 Nov 2021 07:01:07 GMT

GET
H3 200 pubads_impl_2021111701.js Show response
securepubads.g.doubleclick.net/gpt/ 345 KB
116 KB 29ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118578
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 06:46:47 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 128 B
120 B 30ms
15ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nordot.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e8b28df3573200f2c2ce36718bfed13c970d81e8b03120ee47868b795c7c83d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 06:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Sat, 27 Nov 2021 06:46:47 GMT

GET
H2 200 wp-banners.js Show response
static.solutionshindsight.net/teju-webclient/ 264 B
532 B 8ms
7ms Script
application/javascript 143.204.207.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/wp-banners.js
Requested by: Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/hindsightipads/hindsightipads.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-46.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:34:48 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 17:11:24 GMT
server: AmazonS3
age: 891
etag: "3dbe31279fb5d7b9fc3230563ef1eecd"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 190
x-amz-cf-id: Wtp_5KdXxt7uzj-ptLTuCBRMpnrn0klqLDDU1YEIT-lJfH50hE3gtQ==

POST
H2 201 _bulk
api.solutionshindsight.net/v2/events/ 0
0 290ms
290ms Fetch
application/json 65.9.71.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.solutionshindsight.net/v2/events/_bulk
Requested by: Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/hindsightipads/hindsightipads.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-126.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 27 Nov 2021 06:46:48 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: b8be24c2-f64c-4539-bac0-c08345d53caf
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61a1d458-2ef95f2e25491351567433cd
x-amz-apigw-id: Jc4d0FMUIAMFsGA=
content-length: 0
x-amz-cf-id: Pj1TxFKLw__Yn2B_CRGJqR18WUlFjlVA3QPmYT84EWosGMrUpoP9cQ==

OPTIONS
H2 200 _bulk
api.solutionshindsight.net/v2/events/ Frame 0
0 322ms
279ms Preflight
application/json 65.9.71.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.solutionshindsight.net/v2/events/_bulk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-126.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://nordot.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sat, 27 Nov 2021 06:46:47 GMT
x-amzn-requestid: c33082c8-8b85-41dd-90eb-81f1415d23a0
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: Jc4dxE5mIAMFouw=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: iNfyeiEQIlJ5_95Q8P_Fw4b5gk9ab553QwHxhJM4HumPIi-mdYGMug==

GET
BLOB 200
OK e607a4f0-0028-441f-a4e1-c0696db7f5ca Show response
https://nordot.app/ 197 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://nordot.app/e607a4f0-0028-441f-a4e1-c0696db7f5ca
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 503c7d7b547489f331708af7ba63a596423fea119d4d21d637737ce5aa2bfd75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 201375
Content-Type: text/javascript

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/oTC_dK0_uiGo6IYHKbPDY6Sqd8s/gpt_and_prebid/ 49 KB
12 KB 29ms
6ms Script
text/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/oTC_dK0_uiGo6IYHKbPDY6Sqd8s/gpt_and_prebid/config.js
Requested by: Host: nordot.app
URL: blob:https://nordot.app/e607a4f0-0028-441f-a4e1-c0696db7f5ca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55936e47e366c92c8acf4c3fd64a0b8c2d1b9ae68041d4de5b40c71a6cb2301c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:47 GMT
Content-Encoding: gzip
Age: 351
X-Cache: HIT
Connection: keep-alive
Content-Length: 11865
x-amz-id-2: UzAHw3C8x2pd/YbP8AzUpS4Yz2CijONUIzW6yiH4TAPuYEB4qd+j8Bp7qlgHWKeLkv2yclLkJpE=
X-Served-By: cache-fra19155-FRA
Last-Modified: Sat, 27 Nov 2021 05:52:23 GMT
Server: AmazonS3
X-Timer: S1637995608.824618,VS0,VE0
ETag: "753b4944661a5665f7105648e6cd3819"
x-amz-request-id: SFC2NS73Q2W1XXHP
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 1

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159745/4535/ 174 KB
56 KB 67ms
12ms Script
text/javascript 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Requested by: Host: nordot.app
URL: blob:https://nordot.app/e607a4f0-0028-441f-a4e1-c0696db7f5ca
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fdb1605c8b1c61e76038cb28e4ca328f3717f02a4dbcbe4c1909b7583fe378c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 19:58:31 GMT
server: Apache/2.2.15 (CentOS)
etag: "1520db4-2b82d-5c4d365f5b665"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=147948
accept-ranges: bytes
content-type: text/javascript
content-length: 56867
expires: Sun, 28 Nov 2021 23:52:35 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 35ms
18ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211127

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4977e03b9539aa567f88cd6faaacfd25ff1d9a7dbbdd7a14776dd6e11cb786a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13547
x-jsd-version: 1.0.1173
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19174-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69b-Lkvf/T1YPIWiLg3Bj4e7EqpcwFE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6b4966c4ed124dca-FRA

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
973 B 39ms
14ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11
content-type: application/javascript
x-amz-request-id: tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2: tx20fcbba173164c66b29ed-0061961d50
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2MU2bGvmnZjHO4JUAUN5nXNe2Z6pTD0EjG8Suc4osCFPD6yKkPRXJBT4jVxDdKTXfSI4Dg45lq2NJNFnzb%2BWuJoZjpay16HJTYOpg2WOjgGI87SpfU4QrkI8ei5mkn0LqmPtCkDmKSwcv%2Bl"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1637227780937425
cache-control: public, max-age=1800
cf-ray: 6b4966c4fa13d6e9-FRA
expires: Sat, 27 Nov 2021 07:16:47 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
694 B 32ms
12ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:46:47 GMT
X-Proxy-Origin: 136.243.198.80; 136.243.198.80; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: cfc3056b-f928-4b76-9d91-0a7d331a85c4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://nordot.app
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 116ms
74ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5067700f3&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 7b7d185e77c6c522ec895c10cce9580811150e8ff052fb4156ca35bbba1cfe80

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://nordot.app
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
288 B 105ms
64ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5637f00f4&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 320e91bee0960cc2af88617da2d229d09c8107c0b6aed988486f5e43147332ea

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://nordot.app
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 115ms
73ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d7444000fb&cmd=bid&secure=1
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: b32d6828254c4f4e13a49a13456ab8423d856c6717ae9933eb40578bffb6af39

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://nordot.app
access-control-allow-credentials: true
content-length: 62

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 119ms
75ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nordot.app
date: Sat, 27 Nov 2021 06:46:46 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 prebid Show response
s-rtb-pb.send.microad.jp/ 47 B
391 B 742ms
245ms XHR
application/json 202.233.84.2
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F836617821636165632&referrer=https%3A%2F%2Fnordot.app%2F836617821636165632%3Fc%3D39550187727945729&bid_id=1276d0cd124fa9d&transaction_id=01bc8cd7-8405-428f-a746-e0d3d98e2652&media_types=1&cbt=33aa4da83469c2017d60257708

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 06:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=86400
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: https://nordot.app
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
x-xss-protection: 1; mode=block

GET
H2 200 prebid Show response
s-rtb-pb.send.microad.jp/ 47 B
391 B 740ms
243ms XHR
application/json 202.233.84.2
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F836617821636165632&referrer=https%3A%2F%2Fnordot.app%2F836617821636165632%3Fc%3D39550187727945729&bid_id=13aad8fc1a4b399&transaction_id=01bc8cd7-8405-428f-a746-e0d3d98e2652&media_types=1&cbt=a2c9fe18b36db0017d60257708

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 06:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=86400
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: https://nordot.app
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
x-xss-protection: 1; mode=block

GET
H2 200 prebid Show response
s-rtb-pb.send.microad.jp/ 47 B
392 B 737ms
240ms XHR
application/json 202.233.84.2
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://s-rtb-pb.send.microad.jp/prebid?spot=bdab9c43160ecd0c3a19cf1006af2f91&url=https%3A%2F%2Fnordot.app%2F836617821636165632&referrer=https%3A%2F%2Fnordot.app%2F836617821636165632%3Fc%3D39550187727945729&bid_id=144db24123743c&transaction_id=01bc8cd7-8405-428f-a746-e0d3d98e2652&media_types=1&cbt=a3679d6777b09817d60257708

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_prebid.js.gz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 06:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=86400
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: https://nordot.app
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/ 189 KB
60 KB 6ms
6ms Script
application/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/oTC_dK0_uiGo6IYHKbPDY6Sqd8s/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:47 GMT
Content-Encoding: gzip
Age: 143
X-Cache: HIT
Connection: keep-alive
Content-Length: 61293
x-amz-id-2: jzXf5usRbJR3PYvp69Big/B/XsVaN007aaf8DzTo4oE6Ozrfyzq3/rqhk6J2PTv5JM4jjOX3BWs=
X-Served-By: cache-fra19155-FRA
Last-Modified: Wed, 17 Nov 2021 21:29:49 GMT
Server: AmazonS3
X-Timer: S1637995608.837993,VS0,VE0
ETag: "cb7589d017ac65aecf6dc6f5ec17c4b7"
x-amz-request-id: KY5DB13GGJV0P5XQ
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 48

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 35ms
20ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 767729
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx17e6145cd9b24d639b28f-0061961d53
x-amz-id-2: tx17e6145cd9b24d639b28f-0061961d53
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKHCRa9XqL1YzyXlY0uoxXLguWhOeFPFmEYzd59tSuriNMxsNhNSnJys%2FAT1nvgGUhqcDWEx8hSrA5r0Ofo%2Bw1QmPz9kdCCa4Ge8f0n9LD57OZAfb%2FUwyadPG8e10sap62Nq7RjDDWYkzZNh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1637227779984125
cf-ray: 6b4966c529b2433f-FRA
access-control-allow-headers: Authorization

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 50ms
16ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://nordot.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://nordot.app
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1535
date: Sat, 27 Nov 2021 06:46:47 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=s9BcjnxCRWp5Y0dQUXZyMmwrT0RlQXZ2VE5CZ3hWeUNkUWF1TjRxaXVYQmhpcGVlbk9PVk5zbFhDbUxFNEtkSGpLMUFDdit1NDM4eFRhWjg1RTlHbFU4ZXVhTVMxd0NFV1JPL1R5RFFJVk1CczVqaUlERVJaYzBHVXRpRX...

347 B
606 B

47ms
16ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=s9BcjnxCRWp5Y0dQUXZyMmwrT0RlQXZ2VE5CZ3hWeUNkUWF1TjRxaXVYQmhpcGVlbk9PVk5zbFhDbUxFNEtkSGpLMUFDdit1NDM4eFRhWjg1RTlHbFU4ZXVhTVMxd0NFV1JPL1R5RFFJVk1CczVqaUlERVJaYzBHVXRpRXdWcVhKcnV6UGFla1NjclBHNGdDUDBIV1lmRFoxZnhFeHd1d3dYWHJQeTNBMm1yUHJSZytwY29SSDBLVUxPbVBZVUxTMElLNHR3Y2V2NWhmYWdFaUZxNFF4TGJNU2JITWtOb2Ftc3crZ1F1TlI2QzdlVGZjPXw&cppv=2

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a0f7a48126bd85d73c339ad72834ac48b03e8244c3876eddbb3bc49e7bebccad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 27 Nov 2021 06:46:47 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2167
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 27 Nov 2021 06:46:47 GMT
location: https://mug.criteo.com/sid?cpp=s9BcjnxCRWp5Y0dQUXZyMmwrT0RlQXZ2VE5CZ3hWeUNkUWF1TjRxaXVYQmhpcGVlbk9PVk5zbFhDbUxFNEtkSGpLMUFDdit1NDM4eFRhWjg1RTlHbFU4ZXVhTVMxd0NFV1JPL1R5RFFJVk1CczVqaUlERVJaYzBHVXRpRXdWcVhKcnV6UGFla1NjclBHNGdDUDBIV1lmRFoxZnhFeHd1d3dYWHJQeTNBMm1yUHJSZytwY29SSDBLVUxPbVBZVUxTMElLNHR3Y2V2NWhmYWdFaUZxNFF4TGJNU2JITWtOb2Ftc3crZ1F1TlI2QzdlVGZjPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nordot.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4085
content-length: 482
expires: 0

GET
H2

404

insync
thrtle.com/
Redirect Chain

https://px.britepool.com/new?partner_id=t
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=9b210e2e-5378-4eb4-9b7e-b1468cf47a7b

0
0

315ms
103ms

Image
text/html

3.85.46.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=9b210e2e-5378-4eb4-9b7e-b1468cf47a7b
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Server: 3.85.46.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-85-46-201.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Date: Sat, 27 Nov 2021 06:46:48 GMT
Server: nginx
Vary: negotiate,Accept-Encoding
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=9b210e2e-5378-4eb4-9b7e-b1468cf47a7b
Cache-Control: no-cache, no-store, private
Tcn: Choice
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
X-Request-Id: 38c0b900ba4299830273b33a2221a551
Expires: Sat, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 152ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1060
date: Sat, 27 Nov 2021 06:46:47 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nordot.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 06:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nordot.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 06:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
12 KB 606ms
606ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=679425278735787&correlator=3970654964181417&output=ldjh&impl=fifs&eid=31063799%2C31063811&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211127&iu_parts=126379976%2Cright_content_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C300x600&prev_scp=auid%3Dright_content_1%26adLocation%3Datf&eri=1&cust_params=iab%3Diab7%26pub%3Dnordot.app%26path%3D%252F%26didna_version%3D4%26chunitid%3D39166665832988672%26cuunitid%3D39550187727945729&cookie_enabled=1&bc=31&abxe=1&lmt=1637995608&dt=1637995608575&dlt=1637995607396&idt=386&frm=20&biw=1600&bih=1200&oid=2&adxs=1172&adys=301&adks=453510430&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnordot.app%2F836617821636165632%3Fc%3D39550187727945729&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=899842055.1637995609&ga_sid=1637995609&ga_hid=1436048226&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c4ced215f38be55ff6d2af2a0c012d888b9fb7d85192d2d965494ecbe7288440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12490
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nordot.app
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cd8a091567c3035f9c70c055894ae996.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5C23 6 KB
4 KB 64ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd8a091567c3035f9c70c055894ae996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 06:46:48 GMT
expires: Sun, 27 Nov 2022 06:46:48 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK popIn-common-8.min.js Show response
api.popin.cc/lib8-lightweight/ 27 KB
10 KB 268ms
268ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/this_kiji.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 823ae0b92286f0ee5672eac80dae41ff1c895a8cc42b435d8d0c3fdddf723718

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 06:15:54 GMT
Server: nginx
ETag: W/"11c60c82428f41a838d3070986449da0"
X-Cache-Status: HIT from 10.252.55.25
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: Gmdcq_RRlzJmuTlx_OMwWgmhEXSXMVk0
Expires: Sat, 27 Nov 2021 07:46:48 GMT

GET
H/1.1 200
OK popIn-discovery-8.min.js Show response
api.popin.cc/lib8-lightweight/ 93 KB
25 KB 804ms
534ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/lib8-lightweight/popIn-discovery-8.min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/this_kiji.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 2bcdadeb090eed259454613750a076c6c2fb11bdd6464791aed54130633840aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Nov 2021 03:12:13 GMT
Server: nginx
ETag: W/"5abd07188a9ba7ee83fcd742967f2e67"
X-Cache-Status: HIT from 10.252.55.25
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: JekCVnR3HmIpj9VXL.Tbvk7muXdxLLOg
Expires: Sat, 27 Nov 2021 07:46:49 GMT

GET
H/1.1 200
OK popIn-read-8.min.js Show response
api.popin.cc/lib8-lightweight/ 28 KB
9 KB 809ms
281ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/lib8-lightweight/popIn-read-8.min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/this_kiji.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: a8c7bd5889bf7cafa5224603b5d25e472799c1305d1746737be4686ec4254834

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Feb 2020 08:22:46 GMT
Server: nginx
ETag: W/"bfabdf785f1615c61dbed4cf0bf7e547"
X-Cache-Status: HIT from 10.252.55.25
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: null
Expires: Sat, 27 Nov 2021 07:46:49 GMT

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 541ms
276ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.25
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: null
Expires: Sat, 27 Nov 2021 07:46:49 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 44ms
7ms Image
image/gif 2600:9000:211e:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
age: 9729135
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: meHTZrMM0G_3-i7BusNujU_WqWNBqdj8r5OsSBj4lP7NTVv3VSVjXA==

POST
H2 200 pageview
log.nordot.jp/ 0
343 B 1394ms
1394ms Ping
text/html 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://log.nordot.jp/pageview
Requested by: Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 27 Nov 2021 06:46:50 GMT
server: Google Frontend
vary: Origin
p3p: CP="Nordot does not have a P3P policy."
access-control-allow-origin: https://nordot.app
x-cloud-trace-context: aa9198736b94828ee97dd9e7577e7eed
cache-control: private
access-control-allow-credentials: true
content-type: text/html
x-appengine-log-flush-count: 1
content-length: 0
expires: Sat, 27 Nov 2021 06:46:50 GMT

POST
H2 200 event
log.nordot.jp/ 0
439 B 247ms
247ms Ping
text/html 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://log.nordot.jp/event
Requested by: Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 27 Nov 2021 06:46:49 GMT
server: Google Frontend
vary: Origin
p3p: CP="Nordot does not have a P3P policy."
access-control-allow-origin: https://nordot.app
x-cloud-trace-context: eca41dd17a1aead9fc378d189607ea97
cache-control: private
access-control-allow-credentials: true
content-type: text/html
x-appengine-log-flush-count: 1
content-length: 0
expires: Sat, 27 Nov 2021 06:46:49 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 7BC6 189 KB
54 KB 87ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 285375
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:30:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:30:34 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 7BC6 13 KB
5 KB 95ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 383673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 22 Nov 2021 20:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Nov 2022 20:12:16 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 7BC6 89 KB
28 KB 96ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 263222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Wed, 24 Nov 2021 05:39:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 24 Nov 2022 05:39:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 7BC6 5 KB
3 KB 84ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 286819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:06:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 7BC6 40 KB
13 KB 85ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 287205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:00:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:00:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7BC6 738 B
1015 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%AE%B6%E3%82%AD(i%E3%82%82%E3%80%91%E3%82%AF%E3%83%81%E7%92%B0%E8%AA%BF%E3%80%81%E3%83%83%E5%9B%BD-%E5%82%99%E5%A2%83%E3%83%BB%E3%83%9B%E5%99%A8%E7%90%86%E8%A6%8B%E3%82%8A%E3%83%ABF%E3%83%AF%E3%82%8C%E3%80%90%E7%A9%8D)%E5%AE%8C%E5%B8%B0%E3%81%91%E5%85%A5%E9%9B%BB%E3%83%B3%E8%80%85%E3%83%BC%E3%83%86%E5%85%B7%E3%81%8AW%E3%83%AC%E5%8F%97

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4aa54008bbb3fe7964b1499a4e4886815d6c7868a820efe4a61249b88dfe364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 06:46:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Nov 2021 06:46:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Nov 2021 06:46:49 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7BC6 3 KB
3 KB 29ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 23:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 26537
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Sat, 27 Nov 2021 23:24:32 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7BC6 344 B
805 B 29ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 35
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 28 Nov 2021 06:46:14 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7BC6 0
0 36ms
35ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeCm1WNShYfTuJaaB7_UP6fWh2AqO_YCXZtzdydnGDaLv4L_pDhABIICfvytglYqJjrAHoAGB45-nAsgBAakC8amv_QDxQj7gAgCoAwHIAwiqBLsCT9D269a76X3x2Mfc2aRhTy5-06auj8K4eQwp9zXtzpwHKiH4lO_LFC1bWD73xJ_0YTQyONmm7-dBSELt0UWK-sL7HhRASLN1B_ucvg5GsmQukIbEwkIhTLnugqoMSIepboqOeli8cLQ-TS9XtQO1ZIyf7K9E8WhDjNBrLU8z1mGWjbCJ72vFD0Cl_fMJy9rXe3Y7Abe2EkbOsJgJ9g7tgKfhgloaA-RbdiTvgcXIE0gtwVPyHp8AF9Xbzhb-kLc_ywUYZsQi97mh4-VTjHjx14f1aypwwj2LHtzxS-O9T_Ax6r01RCYJ2SWBQO_1wUMiognqD8Rv-zyAvY6kYOJYDDBYJX2Fm2LaVPRf2HO16_xhMhBf61Ixipd60ca7UgP6iPmqWlSKSjsRGcLtEsKBjjYtCONdSRjKi692wAT0ssrx4APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH55zg2AGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCW7kbSCAkIiOGAEBABGB2ACgHICwG4E50n2BMMiBQl0BUBmBYBgBcBshceChwIABIUcHViLTQzMDc1MzU4NTgxMTAyODIY4Joh&sigh=FZsPw3hEIUo&uach_m=[UACH]&template_id=5021&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5926933638564031096/ Frame 7BC6 7 KB
7 KB 23ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5926933638564031096/downsize_200k_v1?w=100&h=100

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f00e7ef4337126e39854e95bc7ed4ba8c63d129c9949c9f933f6f7784747acaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 20:14:46 GMT
x-content-type-options: nosniff
age: 210723
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6766
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 06:19:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 20:14:46 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12952358581306435110/ Frame 7BC6 19 KB
20 KB 23ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12952358581306435110/downsize_200k_v1?w=400&h=209

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c559a767e1c7aaf2b29d353d376a73667762bcdd64a98446f57377771f7314c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 06:37:20 GMT
x-content-type-options: nosniff
age: 86969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19947
x-xss-protection: 0
last-modified: Thu, 22 Apr 2021 23:55:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 06:37:20 GMT

GET
DATA 200
OK truncated
/ Frame 7BC6 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c4e31ba91a2025d76e9b69ce7e035726aed67cf87630041529d0c58403f4cc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7BC6 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7BC6 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56a7e73b926234e63ad5f0b0af49533795f5f109a1d10534a9c2090ca0f463d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 font
fonts.gstatic.com/l/ Frame 7BC6 12 KB
13 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12UQr8M4Uo4JLBtzNTSvW0AGgj_spibcw96Sv-7EHvmsJEPB7D3JXd7q6VrrthBFrcgzTX4ZWDJr-aM9n8aQDPAY3thHpFvWtB9Cp5JKoGLZ5IQi-fc6nd9pBGtcV4xKw4F9g830WgwT-SNOBFRh6ZYK9uJ3Wa3y&skey=fbc48de1c6e1b00c&v=v36

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%AE%B6%E3%82%AD(i%E3%82%82%E3%80%91%E3%82%AF%E3%83%81%E7%92%B0%E8%AA%BF%E3%80%81%E3%83%83%E5%9B%BD-%E5%82%99%E5%A2%83%E3%83%BB%E3%83%9B%E5%99%A8%E7%90%86%E8%A6%8B%E3%82%8A%E3%83%ABF%E3%83%AF%E3%82%8C%E3%80%90%E7%A9%8D)%E5%AE%8C%E5%B8%B0%E3%81%91%E5%85%A5%E9%9B%BB%E3%83%B3%E8%80%85%E3%83%BC%E3%83%86%E5%85%B7%E3%81%8AW%E3%83%AC%E5%8F%97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a745b1b8e57da2a7bfe4985a23615ec743ea4b5f49ab5049db60dc2ecc5d144e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nordot.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 21:58:33 GMT
x-content-type-options: nosniff
age: 31696
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12508
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 20:57:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Fri, 26 Nov 2021 21:58:33 GMT

GET
H/1.1 200 recommend Show response
jp.popin.cc/popin_discovery/ 886 B
1 KB 784ms
258ms Script
application/javascript 119.63.198.176
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://jp.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fnordot.app%2F836617821636165632&alg=ltr&device=pc&extra=windows&topn=0&uid=4a0f36c1ff2495897f41637995608949&related=false&callback=popInRequestCallBack0
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 9bac80b0465ff664a72b8feffa335a67728e6d9dd67445d7f9dc4e4d5fddbd18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:50 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx/1.13.5
Connection: keep-alive
Content-Length: 886
Content-Type: application/javascript;charset=UTF-8

GET
H/1.1 200 recommend Show response
jp.popin.cc/popin_discovery/ 304 KB
73 KB 1108ms
594ms Script
application/javascript 119.63.198.176
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://jp.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fnordot.app%2F836617821636165632&media=this.kiji.is&agency=popinag&device=pc&extra=windows&topn=100&ad=100&uid=4a0f36c1ff2495897f41637995608949&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTYuMC40NjY0IiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidXNlcl90ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii84MzY2MTc4MjE2MzYxNjU2MzIiLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiJUU1JThGJTk3JUU4JUE4JUJBJUU2JThFJUE3JUUzJTgxJTg4JUUzJTgwJTgxJUUzJTgxJThDJUUzJTgyJTkzJUU2JTgyJUEzJUU4JTgwJTg1NiVFNCVCOCU4NyVFNCVCQSVCQSVFNiVCOCU5QiVFMyU4MCU4MDIwJUU1JUI5JUI0JUUzJTgwJTgxJUUzJTgyJUIzJUUzJTgzJUFEJUUzJTgzJThBJUU1JUJEJUIxJUU5JTlGJUJGJUUzJTgxJUE3JUU1JTg4JTlEJUUzJTgyJTgxJUUzJTgxJUE2JTIwJUVGJUJEJTlDJTIwJUU1JTg1JUIxJUU1JTkwJThDJUU5JTgwJTlBJUU0JUJGJUExIiwidXNlcl90ZF91cmwiOiJodHRwczovL25vcmRvdC5hcHAvODM2NjE3ODIxNjM2MTY1NjMyP2M9Mzk1NTAxODc3Mjc5NDU3MjkiLCJ1c2VyX3RkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidXNlcl90ZF9ob3N0Ijoibm9yZG90LmFwcCIsInVzZXJfZGV2aWNlIjoicGMiLCJ1c2VyX3RpbWUiOjE2Mzc5OTU2MDg5NTEsImZydWl0X2JveF9wb3NpdGlvbiI6IiIsImZydWl0X3N0eWxlIjoiIn0=&r_category=all&redirect=true&ad_reserved=10&callback=popInRequestCallBack1
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/lib8-lightweight/popIn-common-8.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 1d0d5f4dd3b09d48d4f7d7d662f1819c95212de7348e7bc057477979fa9cc6c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:50 GMT
Content-Encoding: gzip
Server: nginx/1.13.5
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive

POST id
api.britepool.com/v1/britepool/ 0
0

POST
H/1.1 200 725.json Show response
id5-sync.com/g/v2/ 213 B
528 B 68ms
7ms XHR
application/json 51.89.42.88
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/725.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.42.88 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p27.id5-sync.com

Software

Resource Hash

c9d790f14c6afa37f906b1132530c5bd9d9fca8a9ae4788bf77634c5a610984c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://nordot.app
Date: Sat, 27 Nov 2021 06:46:49 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
334 B 124ms
51ms XHR
application/json 52.19.22.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 543cc78a20251cf03e568290d9eeb246e6ed0a5d2a587fafe3ca484b1028f0b0

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:50 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://nordot.app
cache-control: no-cache
x-server: 10.45.25.213
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 204 id Show response
id.sharedid.org/ 0
210 B 542ms
176ms XHR
text/plain 54.218.247.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.218.247.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-218-247-33.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nordot.app
pragma: no-cache
date: Sat, 27 Nov 2021 06:46:50 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
540 B 110ms
34ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 3903a015b795b02bdb7344ffb7b3e442e3fbcd17bcc42a9bafa07c0a5769d0cc

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 06:46:50 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nordot.app
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Mon, 27 Dec 2021 06:46:50 GMT

OPTIONS id
api.britepool.com/v1/britepool/ Frame 0
0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7BC6 42 B
497 B 52ms
30ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsur2SH9jivVmtqK0D1BcB_JQKMIKFxBZ4v7DzEkLFBNHwOoQVL2bO-RxAmUMEl-5TSCOdpf8NeKQit8ISOO-soOH5mR6h9pRVUHnWmm38jei8fXUVsVcQ&sai=AMfl-YSyTX6siW3psUyLN3gbk_je3nANcmR7AtB1X8GLCqLUdb643nuYD9O0NbATy5J7OHnwCcS7JNtnqFZzJL8KC280k482NlFY1vYq5xY-2vfrgqxUGSrIubaxexZeY50&sig=Cg0ArKJSzFx8xnI8kBvJEAE&id=ampim&o=1172,301&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=72&tls=1072&g=100&h=100&tt=1072&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=453510430

Requested by

Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 didna_trackers.html Show response
storage.didna.io/ Frame D7AC 3 KB
3 KB 33ms
8ms Document
text/html 35.227.239.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.didna.io/didna_trackers.html
Requested by: Host: nordot.app
URL: blob:https://nordot.app/e607a4f0-0028-441f-a4e1-c0696db7f5ca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.239.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.239.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/

Response headers

x-guploader-uploadid: ADPycduGAMm6-Ke9CnvsPc1BdSi0xMec2hhwxTHZq0SbOLEsPe8lIXiC20Y4MTyktngpCl_yqb9zI7u73SOcO38MQ-_gqx0msQ
expires: Sat, 27 Nov 2021 06:53:01 GMT
date: Sat, 27 Nov 2021 05:53:01 GMT
last-modified: Sun, 14 Jun 2020 19:10:59 GMT
etag: "13d9c4d6c276bc3cb0b5afd7ff642b8d"
x-goog-generation: 1592161859249348
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2867
content-type: text/html
x-goog-hash: crc32c=+vRTlQ== md5=E9nE1sJ2vDywta/X/2QrjQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 2867
server: UploadServer
age: 3229
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame D7AC 24 KB
10 KB 51ms
10ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.didna.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:50 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sat, 04 Dec 2021 06:46:50 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame D7AC 1 KB
1 KB 44ms
12ms Script
application/javascript 13.35.253.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-28.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.didna.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:26:16 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 92607
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: UMVZFEQXDgm_Q4qdPhaKIUkRShvDDNPZ8JIxvGGLEeR6C5bfTE1Dyg==

GET
H2

204

b2
sb.scorecardresearch.com/ Frame D7AC
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=27875916&ns__t=1637995610902&ns_c=UTF-8&ns_if=1&cv=3.5&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c7=https...
https://sb.scorecardresearch.com/b2?c1=2&c2=27875916&ns__t=1637995610902&ns_c=UTF-8&ns_if=1&cv=3.5&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c7=http...

0
224 B

9ms
9ms

Image
text/plain

13.35.253.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=27875916&ns__t=1637995610902&ns_c=UTF-8&ns_if=1&cv=3.5&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c9=https%3A%2F%2Fnordot.app%2F
Requested by: Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol: H2
Server: 13.35.253.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-28.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.didna.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:50 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: gyWcmXRy980XZVVfSHmTOuunJA0QM7ErYTNQqOzdYNhYWHq4O226pQ==
x-cache: Miss from cloudfront

Redirect headers

date: Sat, 27 Nov 2021 06:46:50 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=27875916&ns__t=1637995610902&ns_c=UTF-8&ns_if=1&cv=3.5&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c9=https%3A%2F%2Fnordot.app%2F
content-length: 298
x-amz-cf-id: -2ME-2t1eis0RaPQMs5P2nNL2-dQE9j2DzYEXGtBONu1tI6erUbmDQ==

GET
H2 200 rules-p-WnvyhEGJaE9Xh.js Show response
rules.quantcount.com/ Frame D7AC 2 B
344 B 34ms
7ms Script
application/javascript 2600:9000:211e:3200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-WnvyhEGJaE9Xh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.didna.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:38:03 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
server: AmazonS3
age: 526
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C2
content-length: 2
x-amz-cf-id: WljS7wvt82J8ix550ZqQInnxAW-2h8E9VrxKx_LEm08ia41deXz8xQ==

GET
H2 200 pixel;r=1347841237;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=https%3A%2F%2Fnordot.app%2F;uht=2;fpan=1;fpa=P0-1896868253-1637995610947;pbc=;ns=1;ce=1;qjs=1;...
pixel.quantserve.com/ Frame D7AC 35 B
371 B 19ms
11ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1347841237;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=https%3A%2F%2Fnordot.app%2F;uht=2;fpan=1;fpa=P0-1896868253-1637995610947;pbc=;ns=1;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;d=storage.didna.io;je=0;sr=1600x1200x24;dst=0;et=1637995610947;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield%2Cdescription.diDNA%20programmatic%20yield%20management%2Curl.https%3A%2F%2Fwww%252Edidna%252Eio%2F%2Csite_name.diDNA

Requested by

Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.didna.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159745
https://image8.pubmatic.com/AdServer/ImgSync?p=159745&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTJCNDEwRkUtMTBENi00MjQ3LUIwODAtMjQwQTIwQThBMkMw&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
219 B

12ms
11ms

Image
text/plain

198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Sat, 27 Nov 2021 06:46:51 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:377
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 459ms
112ms Script
application/javascript 52.206.105.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1637995611898&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjEwMCwicmlkIjoiIiwiYWxnIjoiIiwicmVzcG9uc2VfYWQiOjEwMSwic21qYWQiOjAsImFmIjoiIiwiYXBpX2hvc3QiOiJqcC5wb3Bpbi5jYyIsImNhdGVnb3J5IjoiamEiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwidXJsIjoiaHR0cHM6Ly9ub3Jkb3QuYXBwLzgzNjYxNzgyMTYzNjE2NTYzMiIsInBvcGluX3VzZXJfaWQiOiI0YTBmMzZjMWZmMjQ5NTg5N2Y0MTYzNzk5NTYwODk0OSIsInVpZCI6IjRhMGYzNmMxZmYyNDk1ODk3ZjQxNjM3OTk1NjA4OTQ5Iiwic21qSWQiOiIiLCJjb21tb25fY2F0ZWdvcnkiOiJoZWFsdGgiLCJsb2dpZCI6Ijc2ZmU0MmY0LWQ4ZjAtNGQyNi1iZTAxLTQ0ZThlMWI1NzM4NCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjEzNWZjYWM5LTgyYWItNDk5YS1iNzdiLWIxOTA5MjJkNjYwZiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLlj5foqLrmjqfjgYjjgIHjgYzjgpPmgqPogIU25LiH5Lq65ribIiwidGRfdXJsIjoiaHR0cHM6Ly9ub3Jkb3QuYXBwLzgzNjYxNzgyMTYzNjE2NTYzMj9jPTM5NTUwMTg3NzI3OTQ1NzI5IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im5vcmRvdC5hcHAiLCJ0ZF9wYXRoIjoiLzgzNjYxNzgyMTYzNjE2NTYzMiIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiY2xpZW50X2lkIjoiMTM1ZmNhYzktODJhYi00OTlhLWI3N2ItYjE5MDkyMmQ2NjBmIiwicG9waW5fdmVyc2lvbiI6OCwiaW50ZXJhY3Rpb25fbnVtYmVyIjowfQ%3D%3D&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.105.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-105-201.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:52 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length: 89
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript

GET
H/1.1 200
OK axss.js Show response
assets-momentum.akamaized.net/js/ 58 KB
19 KB 89ms
15ms Script
application/javascript 95.100.146.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-momentum.akamaized.net/js/axss.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/lib8-lightweight/popIn-discovery-8.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.100.146.74 Slough, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-74.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b146feeb19a9376a91c68fe528da66ed7f7fd8f46b4d3233b94ca6916fdd4212

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: aMRApPeIddv7PqUd5aysUrl.UxEA1RWY
Content-Encoding: gzip
x-amz-meta-pragma: no-cache
X-Amz-Cf-Pop: NRT51-C1
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 19223
ETag: W/"36d882e47d95968e9af6815e963a6b2e"
Last-Modified: Wed, 03 Mar 2021 06:23:54 GMT
Server: AmazonS3
Date: Sat, 27 Nov 2021 06:46:51 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-Amz-Cf-Id: JxEtCqnSapQTGg5P0_2vSzRK3wlaTYLw9gHk7K92uAUqTMjBGoW5AQ==
Expires: Sat, 27 Nov 2021 06:46:51 GMT

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 811ms
274ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-jp&uid=&url=https%3A%2F%2Fnordot.app%2F836617821636165632&t=1637995611884
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:52 GMT
last-modified: Tue, 10 Sep 2019 08:00:09 GMT
server: nginx
etag: "5d775809-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 s.gif
rlog.popin.cc/ 35 B
186 B 799ms
262ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fnordot.app%2F836617821636165632&uid=4a0f36c1ff2495897f41637995608949&type=pc_pv&nid=pc&media=this.kiji.is&r5=ca_ja&t=1637995611897&tz=jp
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:52 GMT
last-modified: Thu, 29 Aug 2019 01:24:26 GMT
server: nginx
etag: "5d67294a-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1047ms
263ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoianAucG9waW4uY2MiLCJjYXRlZ29yeSI6ImphIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InRoaXMua2lqaS5pcyIsInVybCI6Imh0dHBzOi8vbm9yZG90LmFwcC84MzY2MTc4MjE2MzYxNjU2MzIiLCJwb3Bpbl91c2VyX2lkIjoiNGEwZjM2YzFmZjI0OTU4OTdmNDE2Mzc5OTU2MDg5NDkiLCJ1aWQiOiI0YTBmMzZjMWZmMjQ5NTg5N2Y0MTYzNzk5NTYwODk0OSIsInNtaklkIjoiIiwiY29tbW9uX2NhdGVnb3J5IjoiaGVhbHRoIiwibG9naWQiOiI3NmZlNDJmNC1kOGYwLTRkMjYtYmUwMS00NGU4ZTFiNTczODQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIxMzVmY2FjOS04MmFiLTQ5OWEtYjc3Yi1iMTkwOTIyZDY2MGYiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Y+X6Ki65o6n44GI44CB44GM44KT5oKj6ICFNuS4h+S6uua4myIsInRkX3VybCI6Imh0dHBzOi8vbm9yZG90LmFwcC84MzY2MTc4MjE2MzYxNjU2MzI/Yz0zOTU1MDE4NzcyNzk0NTcyOSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTYuMC40NjY0LjQ1IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJub3Jkb3QuYXBwIiwidGRfcGF0aCI6Ii84MzY2MTc4MjE2MzYxNjU2MzIiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI5Ni4wLjQ2NjQiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMTM1ZmNhYzktODJhYi00OTlhLWI3N2ItYjE5MDkyMmQ2NjBmIiwicG9waW5fdmVyc2lvbiI6OCwiaW50ZXJhY3Rpb25fbnVtYmVyIjowfQ==&t=1637995611897
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:52 GMT
Last-Modified: Fri, 10 Jan 2020 11:34:08 GMT
Server: nginx/1.13.5
ETag: "5e186130-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
145 B 814ms
269ms Image
text/plain 119.63.198.172
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJkb21haW4iOiJub3Jkb3QuYXBwIiwidl9kaXNoX2xhYmVscyI6IuOBjOOCk+iouueZgumAo+aQuuaLoOeCueeXhemZoizlm73nq4vjgYzjgpPnoJTnqbbjgrvjg7Pjgr/jg7ws44Kz44Ot44OKLOWOmuWKtOecgSzoqLrmlq0s44GM44KT5qSc6Ki6LOeZuuihqOOBl+OBnyzjgYzjgpPmsrvnmYIs55Sf5a2Y546HLOOBn+OBruOBryIsInZfZGlzaF90bGFiZWxzIjoi44GM44KT5oKj6ICFLOS4h+S6uizmjqfjgYgiLCJrZXkiOiJrZXkxNjM3OTk1NjA5NzQ1IiwiY2xpZW50X2lkIjoiMTM1ZmNhYzktODJhYi00OTlhLWI3N2ItYjE5MDkyMmQ2NjBmIiwidXJsIjoiaHR0cHM6Ly9ub3Jkb3QuYXBwLzgzNjYxNzgyMTYzNjE2NTYzMiIsInVpZCI6IjRhMGYzNmMxZmYyNDk1ODk3ZjQxNjM3OTk1NjA4OTQ5IiwicG9waW5fdXNlcl9pZCI6IjRhMGYzNmMxZmYyNDk1ODk3ZjQxNjM3OTk1NjA4OTQ5Iiwic21qSWQiOiIiLCJhcGlfaG9zdCI6ImpwLnBvcGluLmNjIiwiY2F0ZWdvcnkiOiJqYSIsImRldmljZSI6InBjIiwibG9naWQiOiI3NmZlNDJmNC1kOGYwLTRkMjYtYmUwMS00NGU4ZTFiNTczODQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIxMzVmY2FjOS04MmFiLTQ5OWEtYjc3Yi1iMTkwOTIyZDY2MGYiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Y+X6Ki65o6n44GI44CB44GM44KT5oKj6ICFNuS4h+S6uua4myIsInRkX3VybCI6Imh0dHBzOi8vbm9yZG90LmFwcC84MzY2MTc4MjE2MzYxNjU2MzI/Yz0zOTU1MDE4NzcyNzk0NTcyOSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTYuMC40NjY0LjQ1IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJub3Jkb3QuYXBwIiwidGRfcGF0aCI6Ii84MzY2MTc4MjE2MzYxNjU2MzIiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoiMTM2LjI0My4xOTguODAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTYuMC40NjY0IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImRpc2hfY29tbW9uX2NhdGVnb3J5IjoiaGVhbHRoIiwiZGlzaF9tZWRpYSI6InRoaXMua2lqaS5pcyIsIm5vdyI6MTYzNzk5NTYxMTg5NywicG9waW5fdmVyc2lvbiI6OH0=
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:52 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 0
Content-Type: text/plain

GET
H2 200 s.gif
rlog.popin.cc/ 35 B
186 B 810ms
273ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fnordot.app%2F836617821636165632&uid=4a0f36c1ff2495897f41637995608949&type=pc_channel_pv&nid=pc&media=this.kiji.is&r5=ca_ja|ch_pc&t=1637995611897&tz=jp
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:52 GMT
last-modified: Thu, 29 Aug 2019 01:24:26 GMT
server: nginx
etag: "5d67294a-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1086ms
268ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJjaGFubmVsX2lkIjoicGMiLCJleHBlY3RlZF9hZCI6MzYsInJlbmRlcmVkX2FkIjo0NCwiYXBpX2hvc3QiOiJqcC5wb3Bpbi5jYyIsImNhdGVnb3J5IjoiamEiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwidXJsIjoiaHR0cHM6Ly9ub3Jkb3QuYXBwLzgzNjYxNzgyMTYzNjE2NTYzMiIsInBvcGluX3VzZXJfaWQiOiI0YTBmMzZjMWZmMjQ5NTg5N2Y0MTYzNzk5NTYwODk0OSIsInVpZCI6IjRhMGYzNmMxZmYyNDk1ODk3ZjQxNjM3OTk1NjA4OTQ5Iiwic21qSWQiOiIiLCJjb21tb25fY2F0ZWdvcnkiOiJoZWFsdGgiLCJsb2dpZCI6Ijc2ZmU0MmY0LWQ4ZjAtNGQyNi1iZTAxLTQ0ZThlMWI1NzM4NCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjEzNWZjYWM5LTgyYWItNDk5YS1iNzdiLWIxOTA5MjJkNjYwZiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLlj5foqLrmjqfjgYjjgIHjgYzjgpPmgqPogIU25LiH5Lq65ribIiwidGRfdXJsIjoiaHR0cHM6Ly9ub3Jkb3QuYXBwLzgzNjYxNzgyMTYzNjE2NTYzMj9jPTM5NTUwMTg3NzI3OTQ1NzI5IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im5vcmRvdC5hcHAiLCJ0ZF9wYXRoIjoiLzgzNjYxNzgyMTYzNjE2NTYzMiIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijk2LjAuNDY2NCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiIxMzVmY2FjOS04MmFiLTQ5OWEtYjc3Yi1iMTkwOTIyZDY2MGYiLCJwb3Bpbl92ZXJzaW9uIjo4LCJpbnRlcmFjdGlvbl9udW1iZXIiOjB9&t=1637995611898
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:52 GMT
Last-Modified: Thu, 13 Dec 2018 07:19:53 GMT
Server: nginx/1.13.5
ETag: "5c120819-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ 66 B
347 B 1139ms
282ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjEwMCwicmlkIjoiIiwiYWxnIjoiIiwicmVzcG9uc2VfYWQiOjEwMSwic21qYWQiOjAsImFmIjoiIiwiYXBpX2hvc3QiOiJqcC5wb3Bpbi5jYyIsImNhdGVnb3J5IjoiamEiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoidGhpcy5raWppLmlzIiwidXJsIjoiaHR0cHM6Ly9ub3Jkb3QuYXBwLzgzNjYxNzgyMTYzNjE2NTYzMiIsInBvcGluX3VzZXJfaWQiOiI0YTBmMzZjMWZmMjQ5NTg5N2Y0MTYzNzk5NTYwODk0OSIsInVpZCI6IjRhMGYzNmMxZmYyNDk1ODk3ZjQxNjM3OTk1NjA4OTQ5Iiwic21qSWQiOiIiLCJjb21tb25fY2F0ZWdvcnkiOiJoZWFsdGgiLCJsb2dpZCI6Ijc2ZmU0MmY0LWQ4ZjAtNGQyNi1iZTAxLTQ0ZThlMWI1NzM4NCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjEzNWZjYWM5LTgyYWItNDk5YS1iNzdiLWIxOTA5MjJkNjYwZiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLlj5foqLrmjqfjgYjjgIHjgYzjgpPmgqPogIU25LiH5Lq65ribIiwidGRfdXJsIjoiaHR0cHM6Ly9ub3Jkb3QuYXBwLzgzNjYxNzgyMTYzNjE2NTYzMj9jPTM5NTUwMTg3NzI3OTQ1NzI5IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im5vcmRvdC5hcHAiLCJ0ZF9wYXRoIjoiLzgzNjYxNzgyMTYzNjE2NTYzMiIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijk2LjAuNDY2NCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiIxMzVmY2FjOS04MmFiLTQ5OWEtYjc3Yi1iMTkwOTIyZDY2MGYiLCJwb3Bpbl92ZXJzaW9uIjo4LCJpbnRlcmFjdGlvbl9udW1iZXIiOjB9&t=1637995611899
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:52 GMT
Last-Modified: Thu, 13 Dec 2018 07:24:27 GMT
Server: nginx/1.13.5
ETag: "5c12092b-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK logo.png
api.popin.cc/images/ 2 KB
3 KB 262ms
262ms Image
image/png 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:52 GMT
Last-Modified: Tue, 02 Apr 2019 12:00:56 GMT
Server: nginx
ETag: "b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status: HIT from 10.252.55.25
x-amz-version-id: null
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2316
Expires: Sat, 27 Nov 2021 07:46:52 GMT

GET
H3-Q050 200 sentry-5.9.1.js Show response
assets-momentum.akamaized.net/js/ 51 KB
16 KB 84ms
33ms Script
application/javascript 95.100.146.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-momentum.akamaized.net/js/sentry-5.9.1.js
Requested by: Host: assets-momentum.akamaized.net
URL: https://assets-momentum.akamaized.net/js/axss.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 95.100.146.74 Slough, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-74.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 29cedaf9eb3c04834d44f111759ee9d2b693da331d6ff4ecaba5c2d3e793e1a4

Request headers

Referer: https://nordot.app/
Origin: https://nordot.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: R5S.lr7TYU9ZownjLKUfdfQG5Hcoc7Hh
content-encoding: gzip
etag: W/"6e989a6e57e92afc7d3383ac0fadbe9f"
x-amz-cf-pop: NRT12-C2
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 16219
last-modified: Wed, 21 Apr 2021 06:28:59 GMT
server: AmazonS3
date: Sat, 27 Nov 2021 06:46:52 GMT
access-control-max-age: 86400
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=9095
access-control-allow-credentials: false
access-control-allow-headers: *
x-amz-cf-id: p4i_7eeWGheXo5nhnryrE7BStsU2rSpQXgCBtXSPq1rbnB09ytWiYA==
quic-version: Q050

GET
H/1.1

200

pbc
jp.popin.cc/popin_discovery/
Redirect Chain

https://jp-axia.m0mentum.net/clear/fraud/38?req=eyJpZCI6Ijc2ZmU0MmY0LWQ4ZjAtNGQyNi1iZTAxLTQ0ZThlMWI1NzM4NCIsImltcCI6W3siaWQiOiIxIiwidGFnaWQiOiJ0aGlzLmtpamkuaXMifV0sInNpdGUiOnsicGFnZSI6Imh0dHBzOi8vb...
https://jp.popin.cc/popin_discovery/pbc?m0-response=ljMazde7REVejrLpRVjSIUzH9%2B%2B7X8rB0UFvp9yuXEHcK5NzS8QQCyQgqqLWOZ6KAIKd5P8G5vJh%2FCPfQ8c15BniOcnnv3IETwbOmB778xoYfsmyHsnA%2Bk81HA%2FUvhaM9XTGOEw...

0
163 B

256ms
256ms

Image
text/plain

119.63.198.176
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp.popin.cc/popin_discovery/pbc?m0-response=ljMazde7REVejrLpRVjSIUzH9%2B%2B7X8rB0UFvp9yuXEHcK5NzS8QQCyQgqqLWOZ6KAIKd5P8G5vJh%2FCPfQ8c15BniOcnnv3IETwbOmB778xoYfsmyHsnA%2Bk81HA%2FUvhaM9XTGOEwuof9QUHKWZADSvpdyUQx7%2BmKsUWHLeeZ3c02X0NuedjzP9r5ZKbDqzhlFGBFZI%2BIIQxOYwob0Bko9lQ%3D%3D
Requested by: Host: nordot.app
URL: https://nordot.app/836617821636165632?c=39550187727945729
Protocol: HTTP/1.1
Server: 119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:52 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx/1.13.5
Connection: keep-alive
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:52 GMT
via: 1.1 google, 1.1 google
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
location: https://jp.popin.cc/popin_discovery/pbc?m0-response=ljMazde7REVejrLpRVjSIUzH9%2B%2B7X8rB0UFvp9yuXEHcK5NzS8QQCyQgqqLWOZ6KAIKd5P8G5vJh%2FCPfQ8c15BniOcnnv3IETwbOmB778xoYfsmyHsnA%2Bk81HA%2FUvhaM9XTGOEwuof9QUHKWZADSvpdyUQx7%2BmKsUWHLeeZ3c02X0NuedjzP9r5ZKbDqzhlFGBFZI%2BIIQxOYwob0Bko9lQ%3D%3D
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 34ms
20ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

460af25572b989a9d2a83905a42266912871a355f5246756486244051cb67b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 06:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9182
x-xss-protection: 0

POST
H2 200 v2qwmdXjGRpR8jg68qPLu2gkt3PR_6wEDpfDP2Vlh068XE5ONhE3FBJnFwBJ_kOjEPQo0FgKit4t9r5KXWQ Show response
ancientact.com/ 216 B
609 B 41ms
17ms Fetch
application/json 35.190.62.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ancientact.com/v2qwmdXjGRpR8jg68qPLu2gkt3PR_6wEDpfDP2Vlh068XE5ONhE3FBJnFwBJ_kOjEPQo0FgKit4t9r5KXWQ

Requested by

Host: ancientact.com
URL: https://ancientact.com/v2gnp6T4I2RaHC6htBpJnb4Le1Yyo41UruGDrxJGN435l7JgxnHoIwKO_7z_20Imb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

199.62.190.35.bc.googleusercontent.com

Software

Resource Hash

1a7f47736830b2460574e8cee06002f50972f5cb16a3e82afc891e206ea6deb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Sat, 27 Nov 2021 06:46:53 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nordot.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: c984a0b3
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Sat, 27 Nov 2021 06:46:52 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063799

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 27 Nov 2021 06:46:53 GMT

POST
H2 200 v2zykFbzhI_GWiLyYtz5WSJxo9Ik9o_rMFfTK2P8DC9WxjCdNjhmI4zXERMKNP9n6I9PGxdx2ce5K_5hfHg Show response
ancientact.com/ 3 B
36 B 34ms
34ms Fetch
application/json 35.190.62.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ancientact.com/v2zykFbzhI_GWiLyYtz5WSJxo9Ik9o_rMFfTK2P8DC9WxjCdNjhmI4zXERMKNP9n6I9PGxdx2ce5K_5hfHg

Requested by

Host: ancientact.com
URL: https://ancientact.com/v2gnp6T4I2RaHC6htBpJnb4Le1Yyo41UruGDrxJGN435l7JgxnHoIwKO_7z_20Imb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

199.62.190.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Sat, 27 Nov 2021 06:46:53 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nordot.app
access-control-allow-credentials: true
x-hostname: c984a0b3
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 036B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 27 Nov 2021 02:34:21 GMT
expires: Sun, 27 Nov 2022 02:34:21 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 49F7 783 B
1 KB 38ms
17ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce510176d0b2934c9b35183377ff26705385a9322c7011fbc74d1bb489a6bb5a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CgZ3KuIeoGOfi7xWk1QK3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 27 Nov 2021 06:46:53 GMT
date: Sat, 27 Nov 2021 06:46:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-CgZ3KuIeoGOfi7xWk1QK3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 036B 35 KB
13 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:59:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 13:59:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 49F7 0
0 60ms
60ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111701&jk=679425278735787&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111701&jk=679425278735787&bg=!2tml2Z3NAAZQLpa_UC47ACkAdvg8WjSKn1Ozkv_EtpEVRJPBLYsiGb2B_w2vJPDfDikTrdSneOJfdQIAAABeUgAAAAhoAQcKAIrNi05bxfY2_M_v1mLC52U4en-smJgIkjPx72WE-qN_RsBxukMV-guiDyQYgxZdeKjcSii1Ceqy8m1Z47Pa-fLB7hrdFAw30qsXFg0IBuVGxt71wMcSJbLNm5UxS1TDJBK4Eseie7VG38Ibhyo2vz3zT4HSarMobByZcnwxamcrt0AUFjO13845QCaZAnWfm_W043poDmavWyxXypEUrf7IeAuma0svqRVr7W3w11w8UPbuSkTz7HjcGkaYNcMNbxI92e90VbykxyIMwnR8FY91GWmYsPOT4YmfvqP8Eq5E34pPYjZXBNJYuv9kq0oajb-D4h6V2WPOGQLtSE56eSUvE66Sf9TkDWrRb2x49YoOAJstrDxgStHfKLLXRUkUjLPotO-radi8R-b-uIV4Qk2qfcoTo4Ny4L245YCQ_lf3TweAw8np2D5QhGQ6X1zyaYM-l1oO2NklWCDm4UfKV0cF5ESn4bdV6WFeF-F17cMY01906IGGCMNg2RJwJ9VOp6B0IqUERuqb6wI6eKdsv_Ao3l58W1bNcjZAWxzsxdkprrxm3hWrliM2F3SxoVVyDqxNSiJuSp58LiCy-v3JB2J1sR4RblzgnnRH_PyBcms6kd4sgeesBJ7UNY536Jzck77xC4rgY4I9D1RaIL8OGeTzyT_oHA9fdA_qXg0mbxwfIB1fC_9BkjwohC5aaXws-M6wKvanFNeeEIs92yGEfEhEVwshRPvunzELnSWQEQvwxK6yE_ZYm0Wjekdy8Wsi2SR6la5K6pt-QPvofO7fGglQmdq5_VTIQSdB9bMwQusWjKa963G5HRTb4fX1AjfftTOsgOvFcJXROZcoFkDGn7_XeWFSfND6S3tcafaDThLsUMEtiUv7Ve9RQSpR-cvNa4BgpJE19edUAtlisWZ2QKy_NB4IGLq8LJ9j3gijg-wJX2nnTsOYTf-j9qlQ9gqvlI_mhg1umRLaGjMqkawBoJODcKfUPYJ9kvUUjApbZj_fdOMENiQkr0nT13t_iG1SQ8KSKg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nordot.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 event
log.nordot.jp/ 0
77 B 249ms
248ms Ping
text/html 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://log.nordot.jp/event
Requested by: Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nordot.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 27 Nov 2021 06:46:54 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://nordot.app
x-cloud-trace-context: 868354fa54e3f0d2a13421a2bbb596be
access-control-allow-credentials: true
x-appengine-log-flush-count: 1
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.britepool.com
URL: https://api.britepool.com/v1/britepool/id

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=26

Domain: api.britepool.com
URL: https://api.britepool.com/v1/britepool/id

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nordot.app/	1970-01-19 23:43:07	Name: _pbjs_userid_consent_data Value: 3524755945110770
.nordot.app/	1970-01-20 03:19:07	Name: _pubcid Value: c5518b87-32bd-4b10-aac1-e5c7b0c5ff0f
nordot.app/	1970-01-20 08:21:31	Name: cto_bidid Value: CkPzhl90bnJocTFXSFk4cVloVEVGTmJnRGd1VVdMRnFZSmVncm92QjBCYmY0aEpabk1Kc05ESTYzckJWUmkwaWxqWElWZ0dLREFLWXU2NWgxOCUyQk4yNGE4dkhRJTNEJTNE
nordot.app/	1970-01-20 08:21:31	Name: cto_bundle Value: VCPmQF9sdWRSN1RXd3M1Q1hKSEs0UXElMkJMOXp1b01FaDQwOE1pYTdERXVjNnZNVkE4Wkx4dHBtZklkeHJqYSUyRiUyQmYyOTlwdUZlZFpmeTl1ME83Z0MyeldCaUp1U0ZOSWdYNCUyRk1oJTJGeDIyaFdjY0Jpc01oWDdZNExKV3dYQVJJZGZsc2h2Wkk
.britepool.com/	1970-01-20 00:04:43	Name: _temp_bpid_ Value: 9b210e2e-5378-4eb4-9b7e-b1468cf47a7b
.nordot.app/	1970-01-20 07:45:31	Name: _ss_pp_id Value: 4a0f36c1ff2495897f41637995608949
.nordot.app/	1970-01-20 08:21:31	Name: __gads Value: ID=31d747493fd3d5ff-22b54d4706cc0012:T=1637995608:S=ALNI_MZHqXkXRnZufrpuyKmd-KqjG6aqEw
.doubleclick.net/	1970-01-20 08:21:31	Name: IDE Value: AHWqTUmivF-MDlceWIEy0S1ZeKsshNhP3Cqdf5wC3Fef0cCZzZSTOuQ18Vj-ZCdLdY4
.nordot.app/	1970-01-20 16:31:07	Name: _td Value: 135fcac9-82ab-499a-b77b-b190922d660f
nordot.app/	1970-01-19 22:59:59	Name: _lr_retry_request Value: true
nordot.app/	1970-01-19 23:43:07	Name: _lr_env_src_ats Value: false
.adsrvr.org/	1970-01-20 07:45:31	Name: TDID Value: b9e17c13-fc69-4f7d-bf84-439931421701
nordot.app/	1970-01-20 00:26:19	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22b9e17c13-fc69-4f7d-bf84-439931421701%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-11-27T06%3A46%3A50%22%7D
.nordot.app/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1638082010012
.popin.cc/	1970-01-20 07:45:31	Name: uid Value: 4a0f36c1ff2495897f41637995608949
log.nordot.jp/	1970-01-20 16:31:07	Name: browser Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIzMDg5ZDBhYTcwNDk2NGYwZDdkNTBhOWVmYTgyZGM4MCIsImlhdCI6MTYzNzk5NTYxMCwianRpIjoiMTE3ODkyMDkzNiIsImV4cCI6MTcwMTA2NzYxMH0.sd1uCUWPUvuzOukYoOkmAWPTOBv58Duk0mgzKpRdm30
nordot.app/	1970-01-19 23:40:14	Name: sharedid Value: %7B%7D
.scorecardresearch.com/	1970-01-20 16:16:43	Name: UID Value: 12ME2T1EIS0RAPQMS5P2NNg1637995611
.quantserve.com/	1970-01-20 08:30:10	Name: mc Value: 61a1d45a-eb687-c9c54-62ec3
.pubmatic.com/	1970-01-19 23:01:22	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 01:09:31	Name: SyncRTB3 Value: 1639180800%3A220
.pubmatic.com/	1970-01-20 01:09:31	Name: KADUSERCOOKIE Value: 12B410FE-10D6-4247-B080-240A20A8A2C0
.pubmatic.com/	1970-01-20 01:09:31	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 23:01:22	Name: pi Value: 159745:3
.pubmatic.com/	1970-01-20 01:09:31	Name: chkChromeAb67Sec Value: 2
.m0mentum.net/	1970-01-20 16:31:07	Name: axid Value: MTYzNzk5NTYxMnxvRm50WWRRWTNlWXB2Y2kxTDBZYUJJWlZaVndWekVLMnVrUDNKNTBWajU3dktyZExWVFU3Vk9ob3NxLTRkMXhvbjlfWVBkSzhHOXJnYXQ3TlhMRUxrZ3B5ZDNEakVDb3FkamlvX2JlZ3RrcFVtaGQtWnM2TVRqb0w1Qm5jSGdlRlU2OFAzVVJFYk5SUXz64FU7xUwsKCpjTUJmyqU1koPlcFCVmxP19wujWAF-8g==
.m0mentum.net/	1970-01-20 16:31:07	Name: auid Value: 3ad66b46-f9b6-49a7-9f6d-aad9c274e275
.in.treasuredata.com/	1970-01-20 16:31:07	Name: _td_global Value: ca122c8b-f9af-47fa-b360-3fd4c7d887b4
.nordot.app/	1970-01-21 01:16:43	Name: _awl Value: 2.1637995613.0.4-14ba9511-d8184d7c242e25d799f1c4de719393fc-6763652d6575726f70652d7765737431-61a1d45d-0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=9b210e2e-5378-4eb4-9b7e-b1468cf47a7b Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://nordot.app/836617821636165632?c=39550187727945729 Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=26' from origin 'https://nordot.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=26 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ancientact.com
api.britepool.com
api.popin.cc
api.rlcdn.com
api.solutionshindsight.net
assets-momentum.akamaized.net
c2shb.ssp.yahoo.com
cd8a091567c3035f9c70c055894ae996.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
id.sharedid.org
id5-sync.com
image2.pubmatic.com
image8.pubmatic.com
in.treasuredata.com
inrecsys.popin.cc
jp-axia.m0mentum.net
jp.popin.cc
log.nordot.jp
log.popin.cc
match.adsrvr.org
mug.criteo.com
nordot-res.cloudinary.com
nordot.app
pagead2.googlesyndication.com
pixel.quantserve.com
px.britepool.com
r.popin.cc
rlog.popin.cc
rules.quantcount.com
s-rtb-pb.send.microad.jp
sb.scorecardresearch.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.solutionshindsight.net
storage.didna.io
storage.googleapis.com
thrtle.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
api.britepool.com
api.rlcdn.com
107.23.88.187
119.63.193.220
119.63.198.143
119.63.198.172
119.63.198.176
119.63.198.188
13.35.253.28
130.211.11.246
142.250.186.98
142.250.74.194
143.204.207.46
151.101.129.194
178.250.0.157
184.51.9.34
185.64.189.112
185.64.190.80
198.47.127.18
2001:4860:4802:34::15
202.233.84.2
2600:9000:211e:3200:6:44e3:f8c0:93a1
2600:9000:211e:de00:8:48e:53c0:93a1
2606:4700:20::ac43:4bf1
2606:4700::6810:135e
2606:4700::6810:5514
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:803::2010
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:4001:831::2013
2a02:2638:1::13
2a04:4e42::393
3.85.46.201
35.190.62.199
35.227.239.69
35.71.131.137
37.252.173.27
51.89.42.88
52.19.22.209
52.206.105.201
52.28.203.152
54.218.247.33
65.9.71.126
95.100.146.74
08012aaf4b314a0b3df680beb89f433d55e98c3a027af9a95fdd1f3569fdcdd6
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1063c324cb24a333c01c020990b87552e785510b1f84cb8b304d43c8c5f1064d
15c1a58c468820fb34b6625ae962820783626d83eafb0ef354e7d55b38e3e32f
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1a7f47736830b2460574e8cee06002f50972f5cb16a3e82afc891e206ea6deb1
1b86e36d7fb587850c521e26fc12f83333fa837c9d424153bc1762811b31876b
1d0d5f4dd3b09d48d4f7d7d662f1819c95212de7348e7bc057477979fa9cc6c6
20dae3bb473081bf9c5bbe7560565708d726e1db6791503d1bd97a0dba962f7d
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a
29cedaf9eb3c04834d44f111759ee9d2b693da331d6ff4ecaba5c2d3e793e1a4
2bcdadeb090eed259454613750a076c6c2fb11bdd6464791aed54130633840aa
2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1
320e91bee0960cc2af88617da2d229d09c8107c0b6aed988486f5e43147332ea
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
3903a015b795b02bdb7344ffb7b3e442e3fbcd17bcc42a9bafa07c0a5769d0cc
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
460af25572b989a9d2a83905a42266912871a355f5246756486244051cb67b00
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4dd1ea46d0ad4600199abce86b0dfdc518c2207929c7aa79c19a9e497e8ca8e5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
503c7d7b547489f331708af7ba63a596423fea119d4d21d637737ce5aa2bfd75
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
543cc78a20251cf03e568290d9eeb246e6ed0a5d2a587fafe3ca484b1028f0b0
55936e47e366c92c8acf4c3fd64a0b8c2d1b9ae68041d4de5b40c71a6cb2301c
56a7e73b926234e63ad5f0b0af49533795f5f109a1d10534a9c2090ca0f463d5
5c559a767e1c7aaf2b29d353d376a73667762bcdd64a98446f57377771f7314c
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
734688c48e3725752d393537165f0f316d63d474547aeb86c2feb3f29d406145
7993a83292a6344fcf727c7035025f93fc8d0dbe6d2d7e7a12e765cab2ab4879
799e81b5d4ca1cfd0f7ef8de2f75c3a3f7b6250e190bd217a774a83e64fd6038
7b7d185e77c6c522ec895c10cce9580811150e8ff052fb4156ca35bbba1cfe80
7c4e31ba91a2025d76e9b69ce7e035726aed67cf87630041529d0c58403f4cc4
7f73ee585e817432c0d98736b26ed2301b1a13eaa60596380425554f15b171e3
815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383
823ae0b92286f0ee5672eac80dae41ff1c895a8cc42b435d8d0c3fdddf723718
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8709424e1d28835401062f4487ed97a4988105e1f1e450d8da91cac7d433f5d1
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
90ac1d2e7aa68675803a962b43d37fc5800ed533a63d4a04f63caea9a96cdd1a
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9bac80b0465ff664a72b8feffa335a67728e6d9dd67445d7f9dc4e4d5fddbd18
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f7a48126bd85d73c339ad72834ac48b03e8244c3876eddbb3bc49e7bebccad
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a562056fa84fd667a864978c5ebed4269389c216c2577ce5295e3153b7c3fbac
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a745b1b8e57da2a7bfe4985a23615ec743ea4b5f49ab5049db60dc2ecc5d144e
a8c7bd5889bf7cafa5224603b5d25e472799c1305d1746737be4686ec4254834
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b146feeb19a9376a91c68fe528da66ed7f7fd8f46b4d3233b94ca6916fdd4212
b32d6828254c4f4e13a49a13456ab8423d856c6717ae9933eb40578bffb6af39
c1b7409f2bc3d63901c144ecf5e285a306dfe365aadda8849c1669442198aac9
c4aa54008bbb3fe7964b1499a4e4886815d6c7868a820efe4a61249b88dfe364
c4ced215f38be55ff6d2af2a0c012d888b9fb7d85192d2d965494ecbe7288440
c9d790f14c6afa37f906b1132530c5bd9d9fca8a9ae4788bf77634c5a610984c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce510176d0b2934c9b35183377ff26705385a9322c7011fbc74d1bb489a6bb5a
ce999b49c91987d053fa5ac976e76d636202be1b225abc0429beeb316159ab82
d1e67632e15525fd9b02d2502dc8c295c413fede875ca418bf51208ab4984e36
d4977e03b9539aa567f88cd6faaacfd25ff1d9a7dbbdd7a14776dd6e11cb786a
d87c68744104c0200a065cb6118f9406775eb5f299f396b0bfc81a851142de44
dcc45c991696d726863fbd33b7c423cb24056d250b818b2fa735dc193718dbb9
e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44351fd1d3db063e5d687b93d017a949e82dc13c3fe8ad01f9361012e5c1b91
e8b28df3573200f2c2ce36718bfed13c970d81e8b03120ee47868b795c7c83d6
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00e7ef4337126e39854e95bc7ed4ba8c63d129c9949c9f933f6f7784747acaa
f10ab824acc419ad38dda5f5cd8f4b0156a181da4a113acc11ee820caff50140
fdb1605c8b1c61e76038cb28e4ca328f3717f02a4dbcbe4c1909b7583fe378c5

nordot.app Open in urlscan Pro 2001:4860:4802:34::15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

110 Requests

91 %HTTPS

41 %IPv6

38 Domains

56 Subdomains

48 IPs

7 Countries

1191 kBTransfer

3330 kBSize

29 Cookies

111 Outgoing links

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nordot.app Open in urlscan Pro
2001:4860:4802:34::15 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

91 %
HTTPS

41 %
IPv6

38
Domains

56
Subdomains

48
IPs

7
Countries

1191 kB
Transfer

3330 kB
Size

29
Cookies

110 HTTP transactions
3 data transactions