urlscan.io logo urlscan.io
SecurityTrails logo

nordot.app Open in urlscan Pro
216.239.32.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://nordot.app/1103463313237606400
Submission: On January 31 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 110 IPs in 8 countries across 100 domains to perform 576 HTTP transactions. The main IP is 216.239.32.21, located in United States and belongs to GOOGLE, US. The main domain is nordot.app. The Cisco Umbrella rank of the primary domain is 290750.
TLS certificate: Issued by GTS CA 1D4 on December 31st 2023. Valid for: 3 months.
This is the only time nordot.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 216.239.32.21 15169 (GOOGLE)
3 142.251.16.207 15169 (GOOGLE)
4 18.161.21.121 16509 (AMAZON-02)
20 183.79.219.252 24572 (YAHOO-JP-...)
3 151.101.65.137 54113 (FASTLY)
1 172.67.163.80 13335 (CLOUDFLAR...)
1 172.253.122.95 15169 (GOOGLE)
1 142.251.16.97 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
17 172.253.122.121 15169 (GOOGLE)
4 104.21.15.170 13335 (CLOUDFLAR...)
15 142.251.16.156 15169 (GOOGLE)
3 3.162.8.154 16509 (AMAZON-02)
3 18.160.10.101 16509 (AMAZON-02)
10 142.251.163.100 15169 (GOOGLE)
10 69.194.240.11 26120 (RHYTHMONE)
4 151.101.1.229 54113 (FASTLY)
6 104.26.8.169 13335 (CLOUDFLAR...)
1 11 54.172.1.24 14618 (AMAZON-AES)
8 104.18.34.178 13335 (CLOUDFLAR...)
6 25 68.67.160.117 29990 (ASN-APPNEX)
8 8.43.72.32 26667 (RUBICONPR...)
18 54.144.15.249 14618 (AMAZON-AES)
11 54.84.92.154 14618 (AMAZON-AES)
4 23.221.253.11 16625 (AKAMAI-AS)
13 52.203.1.116 14618 (AMAZON-AES)
4 4 64.202.112.159 23352 (SERVERCEN...)
9 10 35.211.178.172 15169 (GOOGLE)
11 11 35.207.24.140 15169 (GOOGLE)
1 65.8.19.31 16509 (AMAZON-02)
12 13.249.190.125 16509 (AMAZON-02)
2 5 3.162.3.125 16509 (AMAZON-02)
1 99.86.229.2 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
15 74.119.119.131 19750 (AS-CRITEO)
1 104.22.52.86 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 3.162.3.33 16509 (AMAZON-02)
1 3.161.253.193 16509 (AMAZON-02)
1 3.161.213.68 16509 (AMAZON-02)
1 172.64.152.89 13335 (CLOUDFLAR...)
8 142.251.167.154 15169 (GOOGLE)
2 202.233.84.2 131957 (MICROAD M...)
2 13 51.222.39.186 16276 (OVH)
8 74.119.119.129 19750 (AS-CRITEO)
1 35.227.239.69 396982 (GOOGLE-CL...)
2 192.184.68.149 14618 (AMAZON-AES)
1 3 3.162.3.51 16509 (AMAZON-02)
1 3.162.3.123 16509 (AMAZON-02)
8 142.250.31.132 15169 (GOOGLE)
1 172.253.62.95 15169 (GOOGLE)
9 172.253.115.132 15169 (GOOGLE)
1 142.251.16.94 15169 (GOOGLE)
8 74.119.119.139 19750 (AS-CRITEO)
1 5 35.244.193.51 396982 (GOOGLE-CL...)
1 3.93.122.201 14618 (AMAZON-AES)
10 11 52.201.172.228 14618 (AMAZON-AES)
5 23.221.252.246 16625 (AKAMAI-AS)
8 23.39.177.103 16625 (AKAMAI-AS)
2 2 216.200.232.253 30419 (MEDIAMATH...)
14 24 69.173.151.100 26667 (RUBICONPR...)
9 18 172.253.122.155 15169 (GOOGLE)
1 147.135.94.213 16276 (OVH)
2 20 52.46.151.131 16509 (AMAZON-02)
4 5 8.28.7.82 62713 (AS-PUBMATIC)
5 7 34.200.65.202 14618 (AMAZON-AES)
6 6 3.33.220.150 16509 (AMAZON-02)
2 8.28.7.81 62713 (AS-PUBMATIC)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
1 40.76.134.238 8075 (MICROSOFT...)
2 4 35.71.139.29 16509 (AMAZON-02)
3 11 8.28.7.83 62713 (AS-PUBMATIC)
2 2 34.150.170.96 396982 (GOOGLE-CL...)
1 2 3.82.86.24 14618 (AMAZON-AES)
1 2 52.21.39.178 14618 (AMAZON-AES)
4 44.205.63.57 14618 (AMAZON-AES)
1 35.190.39.111 15169 (GOOGLE)
3 37.19.207.34 60068 (CDN77 _)
1 4 8.28.7.84 62713 (AS-PUBMATIC)
8 8 67.202.105.21 32748 (STEADFAST)
1 2 67.202.105.32 32748 (STEADFAST)
5 147.28.129.140 54825 (PACKET)
3 3 3.217.51.221 14618 (AMAZON-AES)
7 7 52.7.65.124 14618 (AMAZON-AES)
1 1 23.83.76.90 395954 (LEASEWEB-...)
2 2 193.122.130.38 31898 (ORACLE-BM...)
4 10 104.18.36.155 13335 (CLOUDFLAR...)
1 1 198.148.27.131 19189 (PULSEPOINT)
1 2 35.170.24.131 ()
1 2 35.244.159.8 396982 (GOOGLE-CL...)
1 54.146.20.223 14618 (AMAZON-AES)
2 2 52.4.73.70 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
10 10 8.18.45.76 25751 (VALUECLICK)
1 1 35.214.167.88 15169 (GOOGLE)
3 3 35.227.252.103 396982 (GOOGLE-CL...)
1 1 50.116.194.21 6336 (TURN-US-ASN)
3 3 23.192.31.127 16625 (AKAMAI-AS)
2 104.19.158.19 13335 (CLOUDFLAR...)
1 1 18.208.47.7 14618 (AMAZON-AES)
2 142.251.16.99 15169 (GOOGLE)
6 34.117.239.71 396982 (GOOGLE-CL...)
5 162.19.138.118 16276 (OVH)
1 3 131.153.242.59 19437 (SS-ASH)
5 147.28.146.89 54825 (PACKET)
1 37.157.3.20 198622 (ADFORM)
1 8.28.7.105 62713 (AS-PUBMATIC)
3 3 8.43.72.97 26667 (RUBICONPR...)
1 67.220.228.200 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
1 23.55.60.16 20940 (AKAMAI-ASN1)
1 1 3.161.213.38 16509 (AMAZON-02)
1 34.230.167.23 14618 (AMAZON-AES)
2 162.19.138.117 16276 (OVH)
1 54.192.51.124 16509 (AMAZON-02)
8 13.225.199.75 16509 (AMAZON-02)
1 1 54.192.51.91 16509 (AMAZON-02)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 1 184.31.52.28 16625 (AKAMAI-AS)
1 1 23.105.12.143 30633 (LEASEWEB-...)
6 44.194.20.78 14618 (AMAZON-AES)
2 2 104.18.24.173 ()
4 68.67.179.164 29990 (ASN-APPNEX)
2 2 207.198.113.204 13768 (COGECO-PEER1)
1 1 199.38.167.130 54312 (ROCKETFUEL)
1 1 69.90.254.78 ()
6 34.236.83.94 ()
2 173.237.69.132 ()
2 104.36.115.111 ()
3 74.119.119.73 ()
1 74.119.119.65 ()
1 142.251.163.155 ()
2 2 185.167.164.43 ()
1 35.205.207.25 ()
1 1 20.121.97.20 ()
1 74.119.119.147 ()
17 74.119.119.80 ()
2 74.119.119.149 ()
1 74.119.119.130 ()
576 110
8    216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net
nordot.app
3    142.251.16.207 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f207.1e100.net
storage.googleapis.com
4    18.161.21.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-21-121.bos50.r.cloudfront.net
assets.revcontent.com
20    183.79.219.252 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
yads.c.yimg.jp
s.yimg.jp
yads.yjtag.yahoo.co.jp
3    151.101.65.137 (United States)

ASN54113 (FASTLY, US)
nordot-res.cloudinary.com
1    172.67.163.80 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.whizzco.com
1    172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net
ajax.googleapis.com
1    142.251.16.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f97.1e100.net
www.googletagmanager.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
17    172.253.122.121 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f121.1e100.net
log.nordot.jp
4    104.21.15.170 (None, )

ASN13335 (CLOUDFLARENET, US)
api.whizzco.com
15    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
securepubads.g.doubleclick.net
3    3.162.8.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-8-154.yul62.r.cloudfront.net
c.amazon-adsystem.com
3    18.160.10.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-101.iad12.r.cloudfront.net
static.solutionshindsight.net
10    142.251.163.100 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f100.1e100.net
fundingchoicesmessages.google.com
10    69.194.240.11 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
4    151.101.1.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
6    104.26.8.169 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
11    54.172.1.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-1-24.compute-1.amazonaws.com
ap.lijit.com
8    104.18.34.178 (None, )

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
25    68.67.160.117 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
nym1-ib.adnxs.com
secure.adnxs.com
8    8.43.72.32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
18    54.144.15.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-15-249.compute-1.amazonaws.com
pbs.nextmillmedia.com
11    54.84.92.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-92-154.compute-1.amazonaws.com
report2.hb.brainlyads.com
4    23.221.253.11 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-253-11.deploy.static.akamaitechnologies.com
ads.pubmatic.com
13    52.203.1.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-1-116.compute-1.amazonaws.com
trends.revcontent.com
yeet.revcontent.com
4    64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
10    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
11    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
rtb-use.mfadsrvr.com
1    65.8.19.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-19-31.bos50.r.cloudfront.net
img.revcontent.com
12    13.249.190.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-190-125.bos50.r.cloudfront.net
images.revcontent.com
5    3.162.3.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-125.yul62.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
1    99.86.229.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-229-2.iad79.r.cloudfront.net
media.revcontent.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
15    74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    3.162.3.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-33.yul62.r.cloudfront.net
tags.crwdcntrl.net
1    3.161.253.193 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-253-193.yul62.r.cloudfront.net
cdn.prod.uidapi.com
1    3.161.213.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-68.yul62.r.cloudfront.net
connectid.analytics.yahoo.com
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
8    142.251.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net
pagead2.googlesyndication.com
2    202.233.84.2 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-rtb-pb.send.microad.jp
13    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
8    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
1    35.227.239.69 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.239.227.35.bc.googleusercontent.com
storage.didna.io
2    192.184.68.149 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
3    3.162.3.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-51.yul62.r.cloudfront.net
sb.scorecardresearch.com
1    3.162.3.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-123.yul62.r.cloudfront.net
rules.quantcount.com
8    142.250.31.132 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f132.1e100.net
e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
cdn.ampproject.org
a121ff75dd5b77ef27f5c07ae6a4c23a.safeframe.googlesyndication.com
1    172.253.62.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f95.1e100.net
fonts.googleapis.com
9    172.253.115.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f132.1e100.net
tpc.googlesyndication.com
1    142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
fonts.gstatic.com
8    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
5    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    3.93.122.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-122-201.compute-1.amazonaws.com
fid.agkn.com
11    52.201.172.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-172-228.compute-1.amazonaws.com
cookies.nextmillmedia.com
5    23.221.252.246 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-252-246.deploy.static.akamaitechnologies.com
acdn.adnxs.com
8    23.39.177.103 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-177-103.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
24    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
18    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
cm.g.doubleclick.net
1    147.135.94.213 (United States)

ASN16276 (OVH, FR)
PTR: ip213.ip-147-135-94.us
ssbsync-global.smartadserver.com
20    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
7    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
6    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
4    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
11    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
2    3.82.86.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-86-24.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
2    52.21.39.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-39-178.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
4    44.205.63.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-63-57.compute-1.amazonaws.com
funes.solutionshindsight.net
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
3    37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 _, GB)
PTR: 37-19-207-34.bunnyinfra.net
didna.b-cdn.net
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
8    67.202.105.21 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.32 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
5    147.28.129.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    3.217.51.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-51-221.compute-1.amazonaws.com
cm.adgrx.com
7    52.7.65.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-65-124.compute-1.amazonaws.com
match.prod.bidr.io
1    23.83.76.90 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
rtb-csync.smartadserver.com
2    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
10    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    35.170.24.131 (None, )

ASN- ()
thrtle.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    54.146.20.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-20-223.compute-1.amazonaws.com
crb.kargo.com
2    52.4.73.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-73-70.compute-1.amazonaws.com
sync.ipredictive.com
2    38.98.69.175 (North Bergen, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
10    8.18.45.76 (United States)

ASN25751 (VALUECLICK, US)
PTR: ric05-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
33across-match.dotomi.com
amazon-tam-match.dotomi.com
casale-match.dotomi.com
dclk-match.dotomi.com
1    35.214.167.88 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 88.167.214.35.bc.googleusercontent.com
csync.loopme.me
3    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
ad.turn.com
3    23.192.31.127 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.19.158.19 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
1    18.208.47.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-47-7.compute-1.amazonaws.com
ads.yieldmo.com
2    142.251.16.99 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f99.1e100.net
www.google.com
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
5    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
3    131.153.242.59 (United States)

ASN19437 (SS-ASH, US)
id.a-mx.com
id.rtb.mx
5    147.28.146.89 (Ashburn, United States)

ASN54825 (PACKET, US)
sync.a-mo.net
1    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    8.28.7.105 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
3    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    67.220.228.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    23.55.60.16 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-60-16.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    3.161.213.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-38.yul62.r.cloudfront.net
live.primis.tech
1    34.230.167.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-167-23.compute-1.amazonaws.com
match.sharethrough.com
2    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    54.192.51.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-124.yul62.r.cloudfront.net
config.aps.amazon-adsystem.com
8    13.225.199.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-199-75.yul62.r.cloudfront.net
aax.amazon-adsystem.com
1    54.192.51.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-91.yul62.r.cloudfront.net
s.ad.smaato.net
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    184.31.52.28 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-52-28.deploy.static.akamaitechnologies.com
cs.media.net
1    23.105.12.143 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
6    44.194.20.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-20-78.compute-1.amazonaws.com
ce.lijit.com
2    104.18.24.173 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
4    68.67.179.164 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
yj-a.p.adnxs.com
2    207.198.113.204 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.90.254.78 (None, )

ASN- ()
ums.acuityplatform.com
6    34.236.83.94 (None, )

ASN- ()
c2shb.pubgw.yahoo.com
2    173.237.69.132 (None, )

ASN- ()
colossusssp.com
2    104.36.115.111 (None, )

ASN- ()
hbopenbid.pubmatic.com
3    74.119.119.73 (None, )

ASN- ()
ssp-sync.criteo.com
1    74.119.119.65 (None, )

ASN- ()
ads.us.criteo.com
1    142.251.163.155 (None, )

ASN- ()
www.googletagservices.com
2    185.167.164.43 (None, )

ASN- ()
c1.adform.net
1    35.205.207.25 (None, )

ASN- ()
ads.avads.net
1    20.121.97.20 (None, )

ASN- ()
www.temu.com
1    74.119.119.147 (None, )

ASN- ()
cat.va.us.criteo.com
17    74.119.119.80 (None, )

ASN- ()
imageproxy.us.criteo.net
2    74.119.119.149 (None, )

ASN- ()
csm.us.criteo.net
1    74.119.119.130 (None, )

ASN- ()
rtb.va.us.criteo.com
Apex Domain
Subdomains		 Transfer
46 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
eus.rubiconproject.com — Cisco Umbrella Rank: 579
pixel-eu.rubiconproject.com Failed
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
72 KB
34 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
imageproxy.us.criteo.net
csm.us.criteo.net
362 KB
34 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
acdn.adnxs.com — Cisco Umbrella Rank: 598
yj-a.p.adnxs.com — Cisco Umbrella Rank: 400146
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1419
secure.adnxs.com
124 KB
33 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
94 KB
33 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
533 KB
31 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 7198
trends.revcontent.com — Cisco Umbrella Rank: 2565
img.revcontent.com — Cisco Umbrella Rank: 9158
images.revcontent.com — Cisco Umbrella Rank: 8231
media.revcontent.com — Cisco Umbrella Rank: 18762
yeet.revcontent.com — Cisco Umbrella Rank: 8249
489 KB
29 nextmillmedia.com
pbs.nextmillmedia.com — Cisco Umbrella Rank: 3013
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2123
32 KB
29 pubmatic.com
hbopenbid.pubmatic.com Failed
ads.pubmatic.com — Cisco Umbrella Rank: 535
image8.pubmatic.com — Cisco Umbrella Rank: 664
image6.pubmatic.com — Cisco Umbrella Rank: 805
image2.pubmatic.com — Cisco Umbrella Rank: 912
simage2.pubmatic.com — Cisco Umbrella Rank: 870
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
image4.pubmatic.com — Cisco Umbrella Rank: 1237
ow.pubmatic.com — Cisco Umbrella Rank: 1571
167 KB
22 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679 Failed
gum.criteo.com — Cisco Umbrella Rank: 423
ssp-sync.criteo.com
ads.us.criteo.com
cat.va.us.criteo.com
rtb.va.us.criteo.com
68 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
a121ff75dd5b77ef27f5c07ae6a4c23a.safeframe.googlesyndication.com
88 KB
20 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1299
lexicon.33across.com — Cisco Umbrella Rank: 1517
ssc-cms.33across.com — Cisco Umbrella Rank: 901
events-ssc.33across.com — Cisco Umbrella Rank: 1615
12 KB
17 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
ce.lijit.com — Cisco Umbrella Rank: 859
9 KB
17 nordot.jp
log.nordot.jp — Cisco Umbrella Rank: 364296
15 KB
16 yahoo.com
c2shb.pubgw.yahoo.com Failed
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4267
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
13 KB
14 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1603
mp.4dex.io — Cisco Umbrella Rank: 2539
75 KB
14 yimg.jp
yads.c.yimg.jp — Cisco Umbrella Rank: 41156
s.yimg.jp — Cisco Umbrella Rank: 7636
273 KB
13 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707 Failed
7 KB
12 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
assets.a-mo.net — Cisco Umbrella Rank: 1466
sync.a-mo.net — Cisco Umbrella Rank: 1528
11 KB
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
www.google.com — Cisco Umbrella Rank: 2
71 KB
11 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282
rtb-use.mfadsrvr.com — Cisco Umbrella Rank: 5535
4 KB
11 brainlyads.com
report2.hb.brainlyads.com — Cisco Umbrella Rank: 4627
8 KB
10 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3439
33across-match.dotomi.com — Cisco Umbrella Rank: 3423
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5046
casale-match.dotomi.com — Cisco Umbrella Rank: 3039
dclk-match.dotomi.com
3 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
ssum.casalemedia.com — Cisco Umbrella Rank: 1252
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
dsum.casalemedia.com — Cisco Umbrella Rank: 1367
7 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
4 KB
10 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 863
996 B
8 nordot.app
nordot.app — Cisco Umbrella Rank: 290750
27 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
4 KB
7 solutionshindsight.net
static.solutionshindsight.net — Cisco Umbrella Rank: 36414
funes.solutionshindsight.net — Cisco Umbrella Rank: 39766
35 KB
6 yahoo.co.jp
yads.yjtag.yahoo.co.jp — Cisco Umbrella Rank: 67103
5 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
2 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 857
id5-sync.com — Cisco Umbrella Rank: 425 Failed
29 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 524
rtb.openx.net — Cisco Umbrella Rank: 625
1 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 410
104 KB
5 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 880
sync1.intentiq.com — Cisco Umbrella Rank: 3054
4 KB
5 whizzco.com
cdn.whizzco.com — Cisco Umbrella Rank: 98782
api.whizzco.com — Cisco Umbrella Rank: 98185
4 KB
5 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 286
ajax.googleapis.com — Cisco Umbrella Rank: 369
fonts.googleapis.com — Cisco Umbrella Rank: 28
83 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
1 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
3 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
4 KB
3 adform.net
cm.adform.net — Cisco Umbrella Rank: 1147
c1.adform.net
1 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1563
1 KB
3 b-cdn.net
didna.b-cdn.net — Cisco Umbrella Rank: 41511
4 KB
3 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1724
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6940
983 B
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
3 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
13 KB
3 cloudinary.com
nordot-res.cloudinary.com — Cisco Umbrella Rank: 299722
22 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914
539 B
2 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 1489
851 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4970
967 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
1 KB
2 thrtle.com
thrtle.com
686 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1913
2 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1526
hde.tynt.com — Cisco Umbrella Rank: 3986
3 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1331
1 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1364
pixel.quantserve.com — Cisco Umbrella Rank: 1007
10 KB
2 colossusssp.com
colossusssp.com Failed
sync.colossusssp.com Failed
267 B
2 microad.jp
s-rtb-pb.send.microad.jp — Cisco Umbrella Rank: 87784 Failed
1019 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
11 KB
1 temu.com
www.temu.com
514 B
1 avads.net
ads.avads.net
80 B
1 googletagservices.com
www.googletagservices.com
65 KB
1 acuityplatform.com
ums.acuityplatform.com
609 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
749 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1236
665 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1161
359 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
442 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1495
556 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
650 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
730 B
1 rtb.mx
id.rtb.mx — Cisco Umbrella Rank: 3072
158 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 651
526 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
517 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
279 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1149
359 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
989 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4356
494 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4022
1 agkn.com
fid.agkn.com — Cisco Umbrella Rank: 3001
683 B
1 gstatic.com
fonts.gstatic.com
34 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1345
642 B
1 didna.io
storage.didna.io — Cisco Umbrella Rank: 347959
3 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948
3 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 sharethrough.com
btlr.sharethrough.com Failed
match.sharethrough.com — Cisco Umbrella Rank: 508
280 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
93 KB
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 brand-display.com Failed
dmp.brand-display.com Failed
0 liadm.com Failed
i.liadm.com Failed
0 mobtrakk.com Failed
sync-dmp.mobtrakk.com Failed
0 bfmio.com Failed
sync.bfmio.com Failed
0 opera.com Failed
t.adx.opera.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 stickyadstv.com Failed
ads.stickyadstv.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
0 kueezrtb.com Failed
exchange.kueezrtb.com Failed
sync.kueezrtb.com Failed
576 100
Domain Requested by
22 ib.adnxs.com 5 redirects nordot.app
cookies.nextmillmedia.com
acdn.adnxs.com
20 s.amazon-adsystem.com 2 redirects onetag-sys.com
ads.pubmatic.com
nordot.app
c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
ce.lijit.com
18 cm.g.doubleclick.net 9 redirects onetag-sys.com
nordot.app
e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
18 pbs.nextmillmedia.com nordot.app
cookies.nextmillmedia.com
ads.pubmatic.com
hde.tynt.com
17 imageproxy.us.criteo.net ads.us.criteo.com
17 log.nordot.jp nordot.app
log.nordot.jp
15 pixel.rubiconproject.com 9 redirects onetag-sys.com
nordot.app
15 static.criteo.net securepubads.g.doubleclick.net
nordot.app
ads.us.criteo.com
cdnjs.cloudflare.com
static.criteo.net
15 securepubads.g.doubleclick.net storage.googleapis.com
securepubads.g.doubleclick.net
static.solutionshindsight.net
nordot.app
e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
13 onetag-sys.com nordot.app
onetag-sys.com
12 images.revcontent.com nordot.app
11 cookies.nextmillmedia.com 10 redirects nordot.app
11 report2.hb.brainlyads.com nordot.app
11 ap.lijit.com 1 redirects nordot.app
cookies.nextmillmedia.com
10 x.bidswitch.net 9 redirects onetag-sys.com
10 targeting.unrulymedia.com nordot.app
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 token.rubiconproject.com 5 redirects eus.rubiconproject.com
9 tpc.googlesyndication.com nordot.app
securepubads.g.doubleclick.net
tpc.googlesyndication.com
e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
9 trends.revcontent.com assets.revcontent.com
nordot.app
8 aax.amazon-adsystem.com c.amazon-adsystem.com
8 ssc-cms.33across.com 8 redirects
8 eus.rubiconproject.com nordot.app
cookies.nextmillmedia.com
eus.rubiconproject.com
hde.tynt.com
assets.a-mo.net
8 gum.criteo.com nordot.app
yj-a.p.adnxs.com
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
nordot.app
tpc.googlesyndication.com
e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
www.googletagservices.com
8 bidder.criteo.com nordot.app
static.criteo.net
8 fastlane.rubiconproject.com nordot.app
8 mp.4dex.io nordot.app
8 nordot.app nordot.app
7 s.yimg.jp yads.c.yimg.jp
nordot.app
s.yimg.jp
7 match.prod.bidr.io 7 redirects
7 simage2.pubmatic.com 2 redirects nordot.app
ads.pubmatic.com
cookies.nextmillmedia.com
7 ups.analytics.yahoo.com 5 redirects onetag-sys.com
assets.a-mo.net
7 yads.c.yimg.jp nordot.app
yads.c.yimg.jp
s.yimg.jp
6 yads.yjtag.yahoo.co.jp yads.c.yimg.jp
s.yimg.jp
6 ce.lijit.com s.amazon-adsystem.com
ce.lijit.com
6 events-ssc.33across.com hde.tynt.com
cookies.nextmillmedia.com
6 match.adsrvr.org 6 redirects
6 rtb-use.mfadsrvr.com 6 redirects
6 script.4dex.io nordot.app
script.4dex.io
6 c2shb.pubgw.yahoo.com nordot.app
5 sync.a-mo.net cookies.nextmillmedia.com
5 prebid.a-mo.net cookies.nextmillmedia.com
assets.a-mo.net
nordot.app
5 image8.pubmatic.com 4 redirects onetag-sys.com
5 acdn.adnxs.com nordot.app
s.yimg.jp
5 id5-sync.com nordot.app
cdn.id5-sync.com
5 lexicon.33across.com 1 redirects nordot.app
cdn-ima.33across.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 rtb.mfadsrvr.com 5 redirects
4 yj-a.p.adnxs.com yads.c.yimg.jp
yj-a.p.adnxs.com
4 funes.solutionshindsight.net static.solutionshindsight.net
4 image2.pubmatic.com 1 redirects nordot.app
4 eb2.3lift.com 2 redirects nordot.app
cookies.nextmillmedia.com
4 pixel.tapad.com 3 redirects nordot.app
4 yeet.revcontent.com assets.revcontent.com
4 b1sync.zemanta.com 4 redirects
4 ads.pubmatic.com assets.revcontent.com
nordot.app
4 cdn.jsdelivr.net nordot.app
securepubads.g.doubleclick.net
4 api.whizzco.com cdn.whizzco.com
4 assets.revcontent.com nordot.app
assets.revcontent.com
3 ssp-sync.criteo.com static.criteo.net
3 dsum-sec.casalemedia.com ssum-sec.casalemedia.com
3 pixel-us-east.rubiconproject.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 rtb.openx.net 3 redirects
3 ssum.casalemedia.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
3 cm.adgrx.com 3 redirects
3 didna.b-cdn.net nordot.app
3 sb.scorecardresearch.com 1 redirects storage.didna.io
3 sync.intentiq.com 2 redirects nordot.app
3 static.solutionshindsight.net storage.googleapis.com
static.solutionshindsight.net
3 c.amazon-adsystem.com storage.googleapis.com
c.amazon-adsystem.com
3 nordot-res.cloudinary.com nordot.app
3 storage.googleapis.com nordot.app
static.solutionshindsight.net
2 csm.us.criteo.net ads.us.criteo.com
2 c1.adform.net 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 nym1-ib.adnxs.com yj-a.p.adnxs.com
2 pixel-sync.sitescout.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 lb.eu-1-id5-sync.com nordot.app
2 id.a-mx.com 1 redirects assets.a-mo.net
2 33across-match.dotomi.com 2 redirects
2 www.google.com tpc.googlesyndication.com
e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
2 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
2 pubmatic-match.dotomi.com 2 redirects
2 pmp.mxptint.net 1 redirects nordot.app
2 sync.ipredictive.com 2 redirects
2 image4.pubmatic.com 1 redirects nordot.app
2 us-u.openx.net 1 redirects nordot.app
2 thrtle.com 1 redirects nordot.app
2 sync.technoratimedia.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 pr-bh.ybp.yahoo.com 1 redirects nordot.app
2 um.simpli.fi 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 sync1.intentiq.com nordot.app
2 colossusssp.com nordot.app
2 hbopenbid.pubmatic.com nordot.app
2 s-rtb-pb.send.microad.jp nordot.app
2 cdnjs.cloudflare.com nordot.app
ads.us.criteo.com
1 rtb.va.us.criteo.com e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
1 cat.va.us.criteo.com ads.us.criteo.com
1 www.temu.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.avads.net e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
1 www.googletagservices.com e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
1 ads.us.criteo.com e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
1 ums.acuityplatform.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 cs.media.net 1 redirects
1 trace.mediago.io 1 redirects
1 s.ad.smaato.net 1 redirects
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 match.sharethrough.com nordot.app
1 live.primis.tech 1 redirects
1 hb.yahoo.net nordot.app
1 px.ads.linkedin.com nordot.app
1 aax-eu.amazon-adsystem.com nordot.app
1 id.rtb.mx assets.a-mo.net
1 ow.pubmatic.com cookies.nextmillmedia.com
1 cm.adform.net cookies.nextmillmedia.com
1 ads.yieldmo.com 1 redirects
1 a121ff75dd5b77ef27f5c07ae6a4c23a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ad.turn.com 1 redirects
1 csync.loopme.me 1 redirects
1 crb.kargo.com nordot.app
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 hde.tynt.com cookies.nextmillmedia.com
1 de.tynt.com 1 redirects
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 us01.z.antigena.com nordot.app
1 ssbsync-global.smartadserver.com onetag-sys.com
1 fid.agkn.com nordot.app
1 fonts.gstatic.com fonts.googleapis.com
1 pixel.quantserve.com storage.didna.io
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com storage.didna.io
1 storage.didna.io nordot.app
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 media.revcontent.com nordot.app
1 img.revcontent.com nordot.app
1 www.googletagmanager.com nordot.app
1 ajax.googleapis.com nordot.app
1 cdn.whizzco.com nordot.app
0 sync-tm.everesttech.net Failed e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
0 dmp.brand-display.com Failed ssum-sec.casalemedia.com
0 i.liadm.com Failed ssum-sec.casalemedia.com
0 sync-dmp.mobtrakk.com Failed cookies.nextmillmedia.com
0 sync.bfmio.com Failed nordot.app
0 t.adx.opera.com Failed onetag-sys.com
0 cs.admanmedia.com Failed onetag-sys.com
0 ads.stickyadstv.com Failed onetag-sys.com
0 pixel-eu.rubiconproject.com Failed onetag-sys.com
0 sync.kueezrtb.com Failed nordot.app
0 sync.colossusssp.com Failed nordot.app
0 api.rlcdn.com Failed nordot.app
0 btlr.sharethrough.com Failed nordot.app
0 exchange.kueezrtb.com Failed nordot.app
576 177
Subject Issuer Validity Valid
nordot.app
GTS CA 1D4		 2023-12-31 -
2024-03-30		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
revcontent.com
Amazon RSA 2048 M02		 2023-05-18 -
2024-06-16		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2023-11-30 -
2024-12-29		 a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2023-12-14 -
2024-06-22		 6 months crt.sh
whizzco.com
Cloudflare Inc ECC CA-3		 2023-03-31 -
2024-03-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
log.nordot.jp
GTS CA 1D4		 2024-01-24 -
2024-04-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
solutionshindsight.net
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.lijit.com
Amazon RSA 2048 M02		 2023-03-12 -
2024-04-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
pbs.nextmillmedia.com
Amazon RSA 2048 M01		 2023-06-13 -
2024-07-12		 a year crt.sh
report2.hb.brainlyads.com
R3		 2023-12-21 -
2024-03-20		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2024-01-22 -
2024-04-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2024-01-24 -
2024-04-23		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2024-01-09 -
2024-07-04		 6 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2023-10-03 -
2024-11-03		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
storage.didna.io
GTS CA 1D4		 2024-01-24 -
2024-04-23		 3 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2024-01-05 -
2024-04-04		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-05 -
2024-11-11		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
*.a-mo.net
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2024-01-23 -
2024-04-22		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-12 -
2024-11-10		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-13 -
2024-12-22		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.p.adnxs.com
GeoTrust TLS RSA CA G1		 2023-01-31 -
2024-03-02		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-04-10		 6 months crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2023-09-08 -
2024-10-09		 a year crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-12 -
2024-04-12		 3 months crt.sh
*.avads.net
Go Daddy Secure Certificate Authority - G2		 2024-01-15 -
2025-02-15		 a year crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-25 -
2024-02-22		 3 months crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-22		 3 months crt.sh

This page contains 50 frames:

Primary Page: https://nordot.app/1103463313237606400
Frame ID: 1BE440A6884F923F1F16CF1DB59197EA
Requests: 267 HTTP requests in this frame

Frame: https://storage.didna.io/didna_trackers.html
Frame ID: A28A976B37C2319CC651F7AB07346A43
Requests: 6 HTTP requests in this frame

Frame: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 676EC97DB83F3A3C6BC33D3F581C644F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Frame ID: BE934A4715AE03675D9FC5C26A491813
Requests: 15 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/sync?type=iframe
Frame ID: 5AE2B34F57A1B779D265E240E45BCF00
Requests: 1 HTTP requests in this frame

Frame: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Frame ID: A4F844856833D35A419D80C6E02103BE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1706661197765
Frame ID: FAE4959C55ABD7A1093984F059F422D9
Requests: 17 HTTP requests in this frame

Frame: https://sync.kueezrtb.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 80383366D38699D29C7A6B844E05AA1D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Frame ID: 9FE54D5F15F1D13BDAF391CF98B3CAB9
Requests: 21 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4FC269B1AF2AF0D8A3F9888001C4E6EE
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AC770560713076E440C6F2453706A7AF
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 6130E5182C3B651D5ABA16EE3BA51E45
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B8B4ED2193C1C59A053922AD8A6345A4
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 19C7920A2F9F5F86A05F383BAEA87A2E
Requests: 16 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Frame ID: 6B9D2B2DA63D17F0EB31F0E7951AB392
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 163895F2CA8FBC5F85BE5CC3DB098D71
Requests: 20 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=6245270470711808888
Frame ID: 2EAE730A131C0156DD04E3A9119D321C
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
Frame ID: FEAA1C4992E1264EEBD93AB1B1D8BE6C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6245270470711808888&gdpr=0&gdpr_consent=
Frame ID: 8A90091C3388FC0C60B9EC921CB6919A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=58e65b1c-bfd0-11ee-b8d0-b4c1bd5172af
Frame ID: E6C6A0C6C173BA53B92DA56456FE6721
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2
Frame ID: 5569BAD6783CA29C5AA0A83948D943B8
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZbmVVprW8dtWEUcsNNASTgAA&129
Frame ID: 840830EF171C4C65A4912745EECB9305
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=52594fd4-3fc1-48ab-858e-15b5a5afdf80
Frame ID: EAB5BDE4FB8BBAE700ECAF6C8E62DEBC
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=c0914260-4668-43ee-ae5d-85013b972f91
Frame ID: 0899C08E3029F29936D2C3A587915855
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7948812739667623049&gdpr=&gdpr_consent=&us_privacy=
Frame ID: D9DF0B14F34B65D53A6CD34134CFF1C5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Frame ID: 6C30D517BCAD8B2738F8398FEEBC8765
Requests: 4 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 172E5B8B001D905E61BC02E9277A4951
Requests: 1 HTTP requests in this frame

Frame: https://a121ff75dd5b77ef27f5c07ae6a4c23a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 03B660CF750AEA864C81DA35AE7D1423
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Frame ID: 6397E4424E6F3481FC4C0EDF27CBDC76
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEDQE33vvQ3z7lCRlV8E
Frame ID: D14CA42B4971EBA9CC8995639F166BDA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8D9FB8109369623827A7AF2A594F6BEC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FF24C705EF70232133F6E27EDFCD225A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: F0E5B34048A8032EA362851A5CC9D6C7
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Frame ID: BC52FCA759BE668A3D8A5966CB2A7A57
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CAA73ADEB0E055481F5F8D6441BE5F52
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B14DF8B8B19CE785E111D045E4DD484F
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain
Frame ID: 3DE49FF4AD0B14E297B027DC4FBC15A1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: FF4AA318E96B999673569F454CE0D5A0
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Frame ID: F0E636C25117E1BFA5758F7813FC2A4A
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4365668101828837717&gdpr=0&gdpr_consent=
Frame ID: 540CA03B40C190827A300B602F52891B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACU3YPjpxvYQNAJ9FaAAAAAAA&expiration=1706747612&is_secure=true&gdpr=0
Frame ID: B2497A0B08F295C9AD1328E391F90625
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6245270470711808888&ex=appnexus.com&gdpr=0
Frame ID: 9A7CBCD7AA446062B91CA479A2390DE9
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Frame ID: CFFFAF7054CA6F29283777CF16F58F6F
Requests: 7 HTTP requests in this frame

Frame: https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661431&fr_id=yads_4120644-1&p_elem=yads2&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Frame ID: 1289BDE143AD9DF1057909C3AF8BDA98
Requests: 11 HTTP requests in this frame

Frame: https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661385&fr_id=yads_6432882-0&p_elem=yads1&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Frame ID: E60D4EAC6179E6A6E0F22FBA9DF00559
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3663&pub_id=1814365
Frame ID: 0A5CFC7C4D154AEF5D03F662974032DF
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3663&pub_id=1814365
Frame ID: CE8BA119A3EEE8D40BC9DBBD23260A17
Requests: 2 HTTP requests in this frame

Frame: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9822CA89FDD1773543FADBD7F1450E5E
Requests: 10 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Frame ID: F98CB9A048B68C4B86BB000E6F9A7DFE
Requests: 33 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C79EB9006053A19A1D8A624C7FEE6062
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Crown star Meg Bellamy she was 'nervous' to film Kate Middleton's famous fashion show scene | BANG Showbiz EnglishnordotLogo

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 80%
Detected patterns
  • <img[^>]+\.cloudinary\.com
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

576
Requests

72 %
HTTPS

0 %
IPv6

100
Domains

177
Subdomains

110
IPs

8
Countries

3067 kB
Transfer

9874 kB
Size

149
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=08b0148c0c7641a9991ffcb505d53ed9&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D08b0148c0c7641a9991ffcb505d53ed9_2%26bidder%3D3%26bidder_uid%3D__ZUID__%26callback%3DdspCMCallback&rev_dt=1706661196420 HTTP 302
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D08b0148c0c7641a9991ffcb505d53ed9_2%26bidder%3D3%26bidder_uid%3D__ZUID__%26callback%3DdspCMCallback&puid=08b0148c0c7641a9991ffcb505d53ed9&rev_dt=1706661196420&s=2 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=08b0148c0c7641a9991ffcb505d53ed9_2&bidder=3&bidder_uid=b0mVh_x1U4AbBMknLjlf&callback=dspCMCallback
Request Chain 87
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1706661196420 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1706661196420 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0c453536-e62c-4e6f-b398-48879847e99a&ssp=revcontent HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&callback=dspCMCallback
Request Chain 88
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=08b0148c0c7641a9991ffcb505d53ed9&rev_dt=1706661196420 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=08b0148c0c7641a9991ffcb505d53ed9&rev_dt=1706661196420 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=08b0148c0c7641a9991ffcb505d53ed9&bidder=154&bidder_uid=7b989c66-4663-4b04-8cf4-a7ded099b1f2&callback=dspCMCallback
Request Chain 107
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=42ac9060-0be5-4c4c-8619-7f34b8801c9c&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://rtb-use.mfadsrvr.com/ul_cb/sync?ssp=revcontent&seller_network=revcontent_&bid_id=42ac9060-0be5-4c4c-8619-7f34b8801c9c&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=0c453536-e62c-4e6f-b398-48879847e99a&callback=dspCMCallback
Request Chain 108
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=42ac9060-0be5-4c4c-8619-7f34b8801c9c&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://rtb-use.mfadsrvr.com/ul_cb/sync?ssp=intentiq&seller_network=revcontent_&bid_id=42ac9060-0be5-4c4c-8619-7f34b8801c9c&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=0c453536-e62c-4e6f-b398-48879847e99a HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=0c453536-e62c-4e6f-b398-48879847e99a&ckls=true&ci=HMaJUmuuSt&nc=false&trid=-1813594253
Request Chain 109
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=711f19be-fc50-4f00-9c50-34ebd2ed3414&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=0c453536-e62c-4e6f-b398-48879847e99a&callback=dspCMCallback
Request Chain 110
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=711f19be-fc50-4f00-9c50-34ebd2ed3414&initiator=me&us_privacy=1---&gdpr=0 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=0c453536-e62c-4e6f-b398-48879847e99a HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=0c453536-e62c-4e6f-b398-48879847e99a&ckls=true&ci=xyAaIFHpqp&nc=false&trid=-2024947773
Request Chain 189
  • https://sb.scorecardresearch.com/b?c1=2&c2=27875916&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706661200309&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c9=https%3A%2F%2Fnordot.app%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=27875916&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706661200309&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c9=https%3A%2F%2Fnordot.app%2F
Request Chain 192
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0&b=1&g=ut4zOmF0Mpl%2FcmptUNGPrRfKmZPaSFdMbb5Ty0Abuho%3D
Request Chain 204
  • https://rtb.mfadsrvr.com/sync?ssp=onetag&ssp_user_id=MsiWN7xI_BcnakTwlc3RbMx7fSk5pV_DotU8GxV4CQ0 HTTP 302
  • https://onetag-sys.com/match/?int_id=160&uid=7b989c66-4663-4b04-8cf4-a7ded099b1f2
Request Chain 205
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=c85765b9-9551-4700-82d0-3a50a75cd423&gdpr=1&gdpr_consent=
Request Chain 207
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6245270470711808888
Request Chain 212
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjVzvRAl5mYp637RQJZSaA4FASVSTSO5Kdw
Request Chain 214
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=MsiWN7xI_BcnakTwlc3RbMx7fSk5pV_DotU8GxV4CQ0
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIuYcHqi0oyeKVTqReLaYbM&google_cver=1
Request Chain 218
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&gdpr=0&gdpr_consent=
Request Chain 221
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Nf3GrcGJTUitlLXDTUl_4g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 223
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=35FDC6AD-C189-4D48-AD94-B5C34D497FE2 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=35FDC6AD-C189-4D48-AD94-B5C34D497FE2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ae687f3c-51ce-4d5b-a7e1-53f58f462959%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&ttd_puid=ae687f3c-51ce-4d5b-a7e1-53f58f462959%2C%2C
Request Chain 225
  • https://eb2.3lift.com/xuid?mid=7976&xuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzVGREM2QUQtQzE4OS00RDQ4LUFEOTQtQjVDMzRENDk3RkUy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJgXZOjubBaAGxGIltffFbc&google_cver=1
Request Chain 228
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DD5465C06D943EC9AC22BC365CFFD62
Request Chain 229
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&gdpr=0&gdpr_consent=
Request Chain 259
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Request Chain 263
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=6245270470711808888 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=6245270470711808888
Request Chain 264
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
Request Chain 265
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6245270470711808888&gdpr=0&gdpr_consent=
Request Chain 266
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=58e65b1c-bfd0-11ee-b8d0-b4c1bd5172af
Request Chain 267
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFT1cwN0xjeXNBQUJNYjZWVFVldw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEOW07LcysAABMb6VTUew&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4365668101828837717&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAEOW07LcysAABMb6VTUew&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4365668101828837717%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D4DCB6B2FADFF46BCA882FC96EED78312%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fmatch.prod.bidr.io%252Fcookie-sync%253Fgdpr%253D0%2526userid%253D4365668101828837717%2526gdpr%253D0%2526gdpr_consent%253D%2526bee_sync_partners%253Dpp%25252Cpm%2526bee_sync_current_partner%253Dsyn%2526bee_sync_initiator%253Dadx%2526bee_sync_hop_count%253D3%26uid%3D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&nuid=4DCB6B2FADFF46BCA882FC96EED78312&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4365668101828837717%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&uid=ZbmVVprW8dtWEUcsNNASTgAA%26129 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4365668101828837717&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEOW07LcysAABMb6VTUew&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4365668101828837717%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4365668101828837717&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAEOW07LcysAABMb6VTUew&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEOW07LcysAABMb6VTUew&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=pubmatic&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2
Request Chain 268
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=f9292f6c-e8ec-4926-942f-c63f56f756fd
Request Chain 269
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent=
Request Chain 272
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NkdxAkpE2uX6biqWz4kfA5hh5LrkB1k-~A&gdpr=0
Request Chain 273
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3954684e-eacf-4092-98e4-dce92a6fc57b&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_110201AC1_94329522&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 274
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7cb7f12ad90305ea&is_secure=true&networkId=17100&version=1&nuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANBHjHa4yhMANOcohAAAAAAAA&expiration=1706747606&nuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 275
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fgpp%3D%257B%257B.GPP%257D%257D%26bidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D&gdpr=&gdpr_consent=&gpp=%7B%7B.GPP%7D%7D&gppsid=%7B%7B.GPPSID%7D%7D&s=194962&us_privacy=&C=1 HTTP 302
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ZbmVVprW8dtWEUcsNNASTgAA%26129 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZbmVVprW8dtWEUcsNNASTgAA&129
Request Chain 276
  • https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D HTTP 307
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=52594fd4-3fc1-48ab-858e-15b5a5afdf80&gdpr_consent=null&gdpr=null HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=52594fd4-3fc1-48ab-858e-15b5a5afdf80
Request Chain 282
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=c0914260-4668-43ee-ae5d-85013b972f91 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=c0914260-4668-43ee-ae5d-85013b972f91
Request Chain 283
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7948812739667623049&gdpr=&gdpr_consent=&us_privacy=
Request Chain 284
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Request Chain 293
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=yieldmo&nmuid=&uid=VEDQE33vvQ3z7lCRlV8E&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEDQE33vvQ3z7lCRlV8E
Request Chain 300
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 301
  • https://ssc-cms.33across.com/ps/?_=1706661206997.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=33across&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=212336988706950 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=33across&uid=212336988706950
Request Chain 302
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&google_hm=ZWJmMmIyN2QtYTEwMi00ZDY4LWJkNzMtYmJkMmMyMDM2N2Jh&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB9_TcrEaagP3XfkMGBpoSY&google_cver=1&ssp=the33across&bsw_param=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&gdpr_consent= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=ebf2b27d-a102-4d68-bd73-bbd2c20367ba HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 303
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706661206997.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=c85765b9-9551-4700-82d0-3a50a75cd423
Request Chain 304
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-hUmjuORE2uGXMaigGpwwZtKjWuN4ZV3i~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-hUmjuORE2uGXMaigGpwwZtKjWuN4ZV3i%7EA&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 305
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=328c4ad34d2923dd&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMvcXVnmw8LwNOs6_AAAAAAAA&expiration=1706747607&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMvcXVnmw8LwNOs6_AAAAAAAA&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 306
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=1334555656355575701643 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1334555656355575701643&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 313
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Request Chain 314
  • https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&gdpr=0&gpp=%7B%7B.GPP%7D%7D&gpp_sid=%7B%7B.GPPSID%7D%7D&do=nordot.app HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=amx&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c
Request Chain 315
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=%7B%7B.GPPSID%7D%7D HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=adaptmx&bsw=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
Request Chain 316
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-26_gTNZE2uFbSJY.Qihuj88VqxztdFEwwSTGqZQ-~A
Request Chain 317
  • https://id.a-mx.com/u?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=%7B%7B.GPPSID%7D%7D&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dd7d3ec20-4010-4ed0-89ff-d56e7813b25c%26bidder%3Damx_com%26uid%3D HTTP 302
  • https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=amx_com&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c
Request Chain 318
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dd7d3ec20-4010-4ed0-89ff-d56e7813b25c%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=openx&uid=c0914260-4668-43ee-ae5d-85013b972f91
Request Chain 320
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.a-mo.net%252Fsetuid%253FA%253Dd7d3ec20-4010-4ed0-89ff-d56e7813b25c%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dd7d3ec20-4010-4ed0-89ff-d56e7813b25c%26bidder%3Dpubmatic%26uid%3D35FDC6AD-C189-4D48-AD94-B5C34D497FE2 HTTP 302
  • https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=pubmatic&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2
Request Chain 321
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dd7d3ec20-4010-4ed0-89ff-d56e7813b25c%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=index_rtb&uid=ZbmVVprW8dtWEUcsNNASTgAA%26129
Request Chain 323
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dd7d3ec20-4010-4ed0-89ff-d56e7813b25c%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=appnexus&uid=6245270470711808888
Request Chain 336
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17888&nmuid=&khaos=LS120EQR-R-BSOS HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=rubicon&uid=LS120EQR-R-BSOS&nmuid= HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LS120EQR-R-BSOS
Request Chain 339
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFMxMjBFUVItUi1CU09T HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIovY4mUyeCzctffAMQtons&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxMjBFUVItUi1CU09T&google_push=
Request Chain 340
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=L39gKNaiTqK5MHkulYvOwA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=L39gKNaiTqK5MHkulYvOwA
Request Chain 341
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/R8A3mWR-Mf50F_h_Q3qu2A?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FvCCY1RE2oLCuUZqQCBwGOpiH5IhXu4vRXHUIQ--~A
Request Chain 342
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODYyMGFlYWE0ZjllYmExMDFmNzcyMjU3MGQ5ZDFkZGUxMjY4ZThhZA
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmjasshinjow952ulPc-FI&google_cver=1
Request Chain 344
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LS120EQR-R-BSOS&ex=d-rubiconproject.com&status=ok
Request Chain 345
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS120EQR-R-BSOS
Request Chain 346
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&gdpr=0&gdpr_consent=&expires=30
Request Chain 347
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEOW07LcysAABMb6VTUew&expires=30
Request Chain 348
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LS120EQR-R-BSOS
Request Chain 349
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LS120EQR-R-BSOS&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LS120EQR-R-BSOS&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1VRHV4azAxRTJ1RWw2TmxqYzllRUNWT0p6cXVGN21ldX5B&ovsid=LS120EQR-R-BSOS&dpid=58160
Request Chain 350
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3954684e-eacf-4092-98e4-dce92a6fc57b&expires=30
Request Chain 351
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS120EQR-R-BSOS
Request Chain 352
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LS120EQR-R-BSOS HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS120EQR-R-BSOS
Request Chain 353
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS120EQR-R-BSOS
Request Chain 354
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LS120EQR-R-BSOS HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LS120EQR-R-BSOS HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LS120EQR-R-BSOS&ts=1706661208&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 356
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&khaos=LS120EQR-R-BSOS HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LS120EQR-R-BSOS
Request Chain 403
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=129ff4b45d
Request Chain 404
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
Request Chain 405
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=2DD5465C06D943EC9AC22BC365CFFD62&ex=simpli.fi&status=ok
Request Chain 406
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e8a073e6a24j1ea00ls120rj3
Request Chain 407
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3496628135649197000V10
Request Chain 408
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0&s=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=pVBh4BsHBjZmBDRFltyN&gdpr=0
Request Chain 410
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4365668101828837717&gdpr=0&gdpr_consent=
Request Chain 411
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=444fcc63e70f05ea&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACU3YPjpxvYQNAJ9FaAAAAAAA&expiration=1706747612&is_secure=true&gdpr=0
Request Chain 412
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6245270470711808888&ex=appnexus.com&gdpr=0
Request Chain 413
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Request Chain 416
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&expiration=1709253212&gdpr=0&gdpr_consent=
Request Chain 417
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZbmVVprW8dtWEUcsNNASTgAAAIEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHaaNuijpBQdqadgp6JUMXE&google_cver=1
Request Chain 418
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZbmVVprW8dtWEUcsNNASTgAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZbmVVprW8dtWEUcsNNASTgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662067307651114
Request Chain 419
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=273938a2929506f8&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMvcXVnmw85wN5ElcIAAAAAAA&expiration=1706747612&is_secure=true
Request Chain 420
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=58e65b1c-bfd0-11ee-b8d0-b4c1bd5172af
Request Chain 442
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e9435ccd-289b-41d2-8f05-a8f0e060f4e3-65b9955e-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3De9435ccd-289b-41d2-8f05-a8f0e060f4e3-65b9955e-4341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253De9435ccd-289b-41d2-8f05-a8f0e060f4e3-65b9955e-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e9435ccd-289b-41d2-8f05-a8f0e060f4e3-65b9955e-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3De9435ccd-289b-41d2-8f05-a8f0e060f4e3-65b9955e-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=e9435ccd-289b-41d2-8f05-a8f0e060f4e3-65b9955e-4341&gdpr=0&gdpr_consent=
Request Chain 443
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=7b989c66-4663-4b04-8cf4-a7ded099b1f2
Request Chain 444
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969188724782911872&expires=30&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&gdpr=&gdpr_consent=&us_privacy=
Request Chain 445
  • https://ums.acuityplatform.com/tum?umid=27&uid=IFKBABZHk6Ofd0kUTf2UPf40&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=883364635622
Request Chain 446
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LS120EQR-R-BSOS&gdpr=0
Request Chain 532
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELsN_-q780SeVhLGRcvugog&google_cver=1&google_push=AXcoOmTP4jrWJh_dIly_OxScEmaDmjE1DP_QZ8PlDcSTfKGsNIeC2uYW16GtsmUiaMgz2KJCkNph_AwavJW7Lmu6XhOOPnWyBt3l HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=78f7e473c7406f8&is_secure=true&networkId=14000&version=1&google_gid=CAESELsN_-q780SeVhLGRcvugog&google_cver=1&google_push=AXcoOmTP4jrWJh_dIly_OxScEmaDmjE1DP_QZ8PlDcSTfKGsNIeC2uYW16GtsmUiaMgz2KJCkNph_AwavJW7Lmu6XhOOPnWyBt3l HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAANBHjHa4yixQNvj-wAAAAAAAA&expiration=1706747619&google_cver=1&is_secure=true&google_gid=CAESELsN_-q780SeVhLGRcvugog&google_push=AXcoOmTP4jrWJh_dIly_OxScEmaDmjE1DP_QZ8PlDcSTfKGsNIeC2uYW16GtsmUiaMgz2KJCkNph_AwavJW7Lmu6XhOOPnWyBt3l
Request Chain 534
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMGOrh9ON7mASXreDC6fFyk&google_cver=1&google_push=AXcoOmTWMD3K6NPxT1XCeFVIyLaur0ZFeuYWeR_ULCoZ0HzLJxlKhqK89zCH_1UhS8nrnGlbUemGm8gy0BiymTihmVcT7NiAAcPF HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMGOrh9ON7mASXreDC6fFyk&google_cver=1&google_push=AXcoOmTWMD3K6NPxT1XCeFVIyLaur0ZFeuYWeR_ULCoZ0HzLJxlKhqK89zCH_1UhS8nrnGlbUemGm8gy0BiymTihmVcT7NiAAcPF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI2NTA4NDA2OTQ1NjkwODcxOQ&google_push=AXcoOmTWMD3K6NPxT1XCeFVIyLaur0ZFeuYWeR_ULCoZ0HzLJxlKhqK89zCH_1UhS8nrnGlbUemGm8gy0BiymTihmVcT7NiAAcPF
Request Chain 535
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIovY4mUyeCzctffAMQtons&google_cver=1&google_push=AXcoOmQ7lpUq4tSy-6STIycmpTnvUVzWNsxrNz4awthSbSPPq6QoC2jTeme10R5ZbTpLa6A8b9AR3u39oGr8xBLtbswmJBezZIjt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxMjBFUVItUi1CU09T&google_push=AXcoOmQ7lpUq4tSy-6STIycmpTnvUVzWNsxrNz4awthSbSPPq6QoC2jTeme10R5ZbTpLa6A8b9AR3u39oGr8xBLtbswmJBezZIjt
Request Chain 537
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENQJmIlDTOor3Gorc-mrL6M&google_cver=1&google_push=AXcoOmQM53r9XS0ieeMST3bKtwkLEcYEyIxOzvyrfhshrb5BgZOYJqHGTp8Cd6hqifeXbU4A_JV4wXCnpyAsbEkiaMNr9bWDS5ukdQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjI0NTI3MDQ3MDcxMTgwODg4OA%3D%3D&google_gid=CAESENQJmIlDTOor3Gorc-mrL6M&google_cver=1&google_push=AXcoOmQM53r9XS0ieeMST3bKtwkLEcYEyIxOzvyrfhshrb5BgZOYJqHGTp8Cd6hqifeXbU4A_JV4wXCnpyAsbEkiaMNr9bWDS5ukdQ
Request Chain 538
  • https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEGRu9OQc9yuht28d6YuaGg0&google_cver=1&google_push=AXcoOmRVFz2I2-rlagfZXZmlOqbsMM2z-Jg3Y6TsOrBN5YIvOe3jvn0Fsw8GCGHrPmvgdsFfaCjn47ILImX2WeZW8FdkzeL1xA2zYA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmRVFz2I2-rlagfZXZmlOqbsMM2z-Jg3Y6TsOrBN5YIvOe3jvn0Fsw8GCGHrPmvgdsFfaCjn47ILImX2WeZW8FdkzeL1xA2zYA

576 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1103463313237606400
nordot.app/ 		36 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash
84825ad2be9c8f4b0988504b86e19c48206bc14fb9319a5a652b4b843bbf6507

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
11380
content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 00:33:15 GMT
server
Google Frontend
vary
Accept-Encoding User-Agent
x-cloud-trace-context
fa784a22ca3b72d1a75b512b2aea5e33
didna_config.js
storage.googleapis.com/didna_hb/nordot/nordot/ 		27 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f207.1e100.net
Software
UploadServer /
Resource Hash
13e921baff7dcf1c6112841437b95602bf4f445bf38054129a407003818a111d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:15 GMT
x-guploader-uploadid
ABPtcPofg6YFry02EtfeIPgumMd9m_Z_BGhVATmDbPV4j-lx6l-MAuv98_nTzKcjoPjbRxefDyQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27948
last-modified
Tue, 16 Jan 2024 18:09:30 GMT
server
UploadServer
etag
"485b1e468e15188b9c6288ff602a9880"
x-goog-generation
1705428570008936
content-type
text/javascript
x-goog-hash
crc32c=cdHyrw==, md5=SFseRo4VGIucYoj/YCqYgA==
cache-control
no-store
x-goog-stored-content-length
27948
accept-ranges
bytes
expires
Thu, 30 Jan 2025 00:33:15 GMT
posts_detail.css
nordot.app/images/newsnor/kiji/css/pc/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nordot.app/images/newsnor/kiji/css/pc/posts_detail.css?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash
98590349443ab5e895ccb7518448a454c451174f94670dcbaeb780ee88a24af0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:12:31 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
age
1244
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-cloud-trace-context
ed655df2c621e295c0ae426939073cef
cache-control
public, max-age=31536000
content-length
8457
delivery.js
assets.revcontent.com/master/ 		157 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.21.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-21-121.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d50e7cf0a20f44a45242aee3a67629cfc278e0575fcd2edf1fca03a686433f6f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 11:12:59 GMT
content-encoding
br
via
1.1 2d907912ff4747a90356584f2bd482f0.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jan 2024 20:18:25 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
age
48027
x-amz-server-side-encryption
AES256
etag
W/"b664356b632a881610b1fe6815fcdf14"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ePrb2MR9oYGTSVVq8SkEptrGRIGIA-1uyiVz8AktQ0ycGqj90Hd-bw==
yads-async.js
yads.c.yimg.jp/js/ 		134 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.c.yimg.jp/js/yads-async.js
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash
1fed7da86f9d9735ea1018a3ac1be1e3e6fc105b7c7dc2c809626d34b4ee85c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:11 GMT
content-encoding
gzip
last-modified
Tue, 30 Jan 2024 06:06:35 GMT
server
DragonStorage
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
dc1b0939-afa3-4440-8a9c-77c0cefb0a04
age
6
etag
"1f2eaa48b9ed0349c6569c054d9e518a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600, stale-while-revalidate=1200
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
40463
header_1.png
nordot-res.cloudinary.com/f_auto,q_auto:eco/ch/units/641577452118279265/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordot-res.cloudinary.com/f_auto,q_auto:eco/ch/units/641577452118279265/header_1.png
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
4761af700d2a30254d4709b617ba843907373af7d0fdcd7dc9069d067d4d87c8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:30 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="header_1.webp"
server-timing
cld-fastly;mitm=p;dur=3;cpu=1;start=2024-01-31T00:33:30.706Z;desc=hit,rtt;dur=5
content-length
3880
last-modified
Mon, 06 Jul 2020 20:18:50 GMT
server
Cloudinary
etag
"4f510c48beb9df51dcfff8e4f6b21dcf"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
origin_1.jpg
nordot-res.cloudinary.com/c_limit,w_800,f_auto,q_auto:eco/ch/images/1103463292326642033/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordot-res.cloudinary.com/c_limit,w_800,f_auto,q_auto:eco/ch/images/1103463292326642033/origin_1.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
5f6bb5d053b27ed6289fc56a621ab7879e1a0f30805246532a5dee5f1d859903
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:30 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="origin_1.webp"
server-timing
cld-fastly;mitm=p;dur=2;cpu=1;start=2024-01-31T00:33:30.706Z;desc=hit,rtt;dur=5,content-info;desc="width=650,height=650,bytes=12962,owidth=650,oheight=650,obytes=28072"
content-length
12962
last-modified
Sat, 02 Dec 2023 02:13:14 GMT
server
Cloudinary
etag
"248fd21b4e2b9a735cc44984f040a926"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
profile_3.png
nordot-res.cloudinary.com/c_limit,w_300,h_300,f_auto,q_auto:eco/ch/units/641577452118279265/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordot-res.cloudinary.com/c_limit,w_300,h_300,f_auto,q_auto:eco/ch/units/641577452118279265/profile_3.png
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
1781b696d0260b6fbaa8cee4557699ee6c23b51718c099b9949e36734ef98a1d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:30 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="profile_3.webp"
server-timing
cld-fastly;mitm=p;dur=3;cpu=2;start=2024-01-31T00:33:30.706Z;desc=hit,rtt;dur=5,content-info;desc="width=300,height=300"
content-length
5182
last-modified
Tue, 08 Jun 2021 01:37:01 GMT
server
Cloudinary
etag
"56e77024b3439077a23b10f27faf0131"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
widget_v3.js
cdn.whizzco.com/scripts/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.whizzco.com/scripts/widget/widget_v3.js
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d8562efd8364015edd8080e72d8bd98f0a92019058f15df14e03f9951e01876

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:15 GMT
via
1.1 cb0c6226aa19d81a39519501df383968.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
YTO50-P2
age
5785
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 05 Mar 2023 13:26:38 GMT
server
cloudflare
etag
W/"af75195749ffac29c536aae88fdbda39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBl1r5Jtp1GoByacwcIdD2V%2F5ZlOkRThH1rl%2FwlGxxyFP6PqcW6vk8YFYgQMs%2FhBfLC0XOsP%2F4e3SJe71T7WTEqZHDAHjZ%2BGtxRp7zf%2B2d2QXmzQied2o5c6jMxPRdwAPZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84dddcb68e327118-YYZ
x-amz-cf-id
8ZWE8xn4zS8Pgh7v-3kASGaKSTtS_AshZyQRFXjj4MvUzNFVoi01Mg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
457635
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:26:00 GMT
common.js
nordot.app/images/newsnor/kiji/js/pc/ 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/common.js?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash
ceb5f5e6bcb91fcc4c03c82b96002bea3a2627413e785c6de5db6e2b78a4a124

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:48:26 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
age
9889
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
514b55ba9a2f5fe28dc46046d1be43e4
cache-control
public, max-age=31536000
content-length
761
js
www.googletagmanager.com/gtag/ 		281 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BZMFTYNFDJ
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
26310f42535af96b780d8bee7733b66e54cd02d344d27c70d208d21cf7bf9350
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94793
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jan 2024 00:33:15 GMT
underscore-min.js
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5406195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5303
last-modified
Mon, 04 May 2020 16:17:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04015-4041"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjI8aWqqKYf9ndBSQHQhN8TbLoHDNOBY%2BbjfS3PXH%2F5TNawgHaPVA0C9%2B%2F28Rz5edPuJ4csb%2Bh5WFXV1mGlaW4qd5cminSCdV0UgKGe%2FvGD2wBXmMchsIyIPLrTmGojkw9qbZ1kl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84dddcb68fe9a23b-YYZ
expires
Mon, 20 Jan 2025 00:33:15 GMT
curatedBy.js
nordot.app/images/newsnor/kiji/js/pc/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/curatedBy.js?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash
8f06440dab8c5d5eb0c68fe3d53655ac8c99a1803009faa70ff02c29b1ced7c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:47:56 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
age
125119
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
beaaf884712f23fab2bff0716cb43b05
cache-control
public, max-age=31536000
content-length
1775
ready.js
nordot.app/images/newsnor/kiji/js/pc/ 		2 KB
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/ready.js?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash
4edab288d02a2436bd81bec6eb85bcf2bb52db55521173e01c28d334f4eabeac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 01:30:44 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
age
82951
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
50bb31bc4bc9641853684be944fcfa25
cache-control
public, max-age=31536000
content-length
630
plugin.js
nordot.app/images/newsnor/kiji/js/pc/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/plugin.js?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash
e7f8eed8f325395fb25c9643d823541a817d69d6238a51d88e3a3306d6ce333e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:28:58 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
age
257
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
85d2f66b338b8805c7820af9d6e53759
cache-control
public, max-age=31536000
content-length
3583
beacon-1.1.0.js
log.nordot.jp/js/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
dcc45c991696d726863fbd33b7c423cb24056d250b818b2fa735dc193718dbb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:30 GMT
content-encoding
gzip
server
Google Frontend
age
0
etag
"FceFEQ"
content-type
application/javascript
x-cloud-trace-context
4951d0a396044a1084828cf9fa21e56e
cache-control
public, max-age=1
content-length
10602
expires
Wed, 31 Jan 2024 00:33:31 GMT
ads.js
nordot.app/images/newsnor/kiji/js/pc/ 		65 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/ads.js?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash
4c9afca1f1a89595b15d84e7b3eb6e249494d42a57532950e2c89318a04d2fc5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:13:30 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
age
11985
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
0ddbe735981a437ce7519f79ec1b5fd8
cache-control
public, max-age=31536000
content-length
89
adSticky.js
nordot.app/images/newsnor/kiji/js/pc/ 		741 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nordot.app/images/newsnor/kiji/js/pc/adSticky.js?7696384637
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash
1f9e494521255366cfcbbddbc0c58d2d692616f197754a799bf4c9d84fa997dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:15 GMT
content-encoding
gzip
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
cb1059008f695ee9a556ca900930af04
cache-control
public, max-age=31536000
content-length
425
rtads
api.whizzco.com/demand/v1/ 		384 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.whizzco.com/demand/v1/rtads
Requested by
Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.15.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e17d453586f6fba79959e0231b9cc069460c04501d100ebad423ab2f2f50788

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Wed, 31 Jan 2024 00:33:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIxa0a93o0x%2FedZzHO8WK9z8BrDpF%2Bs0nQzK9nKwxqHiQHctw4htoSJYMcGBKi%2Flc6e86m7R8XZ3PJoRiBvMlolA1tQu2JuTFrgl8eL%2B30aXvu4R83%2BvvZj2EKBdGkU2VLs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
cf-ray
84dddcb7e8ef36da-YYZ
alt-svc
h3=":443"; ma=86400
priority
u=1,i
rtads
api.whizzco.com/demand/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.whizzco.com/demand/v1/rtads
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.15.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84dddcb72da536bf-YYZ
content-length
0
date
Wed, 31 Jan 2024 00:33:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0Oke2PNZ0zK7NA5KJ3M89RTqomUC40HXBbEAUDiOkfNt2f%2FuQcExU1yXSxhrhlBLWCp2KDDqBv7yFGM3thUpW3%2F6NrL2be897lEDwxJlU6cDGDGZnBquhPz4IdgDXu9L%2Bg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
aeb9abc35bc334d3e94e43e4b6a9c4bafbc5d632317732b5def224800db7f696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29998
x-xss-protection
0
server
cafe
etag
657 / 19753 / m202401250101 / config-hash: 8161858144323825894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:33:15 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		283 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.8.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-8-154.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:31:59 GMT
content-encoding
gzip
via
1.1 4db130e87be66fce9731567ae0669c56.cloudfront.net (CloudFront), 1.1 cd7813a109893bc5bd95f0672350e59c.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 20:58:13 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, YUL62-P2
age
93
x-amz-server-side-encryption
AES256
etag
W/"40d0d68b26a97aab8ab324d2c4d4ad42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
O0-GGlJbCDpHis-KasSgDa0UnbQ1qm_JO6pZne303RlwwF9a35kpQA==
hindsight-webclient.min.js
static.solutionshindsight.net/teju-webclient/ 		100 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-101.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8011f8702c24591e152399f1ab4ad3b11bb4f080dbd09c252caa565468065e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:23 GMT
content-encoding
gzip
via
1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 21:23:58 GMT
server
AmazonS3
x-amz-cf-pop
IAD12-P3
x-amz-server-side-encryption
AES256
etag
"e948714383ee3a6ce71fba0a9cce1448"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
30732
x-amz-cf-id
hbOsEZizhbPi_5wxRu9jn0W7bAAajf36jX7JbOPL78kPP-l7VnE-UA==
003781c7-94fb-481b-982b-c1b0a1858ca3
https://nordot.app/ 		594 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nordot.app/003781c7-94fb-481b-982b-c1b0a1858ca3
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
594
Content-Type
text/javascript
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ 		436 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 03:05:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
77241
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139565
x-xss-protection
0
server
cafe
etag
12534472742743793976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 29 Jan 2025 03:05:54 GMT
5ad98194-9b18-44e7-9c6e-1088556c5b2c
https://nordot.app/ 		154 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://nordot.app/5ad98194-9b18-44e7-9c6e-1088556c5b2c
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d2f0d368bf03561099df3cb58b8116ba09abd5695497a5b986e8e959d39d443

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
157528
Content-Type
text/javascript
b2d9c9b0-683c-430a-874a-2ef8c0eee33f
https://nordot.app/ 		699 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/nordot/nordot/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0f614339a69161df13a533add75a74dd1e349df73359e1f33f2a017009f5477

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
715340
Content-Type
text/javascript
126379976
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/126379976?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f100.1e100.net
Software
ESF /
Resource Hash
a7e337ed8d8f48cd2c88e93c598d3eabd67b153e0572dc16c10f09637a0ab9fe
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--Dv3QqOSBOaYZlL7FLRtnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--Dv3QqOSBOaYZlL7FLRtnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsKoxSXF4KchxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEw3Fm1bO1bAIv1j7sYgYAeK1Y4A"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
tshow
api.whizzco.com/dtracking/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.whizzco.com/dtracking/v1/tshow
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.15.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84dddcb929d036bf-YYZ
content-length
0
date
Wed, 31 Jan 2024 00:33:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=739mF2yz%2FjkXWd%2FIAQni165i0wZH1BTG1LeoHalFwvMc4b8q37gTTU020%2Fjk8s3SdchQDcgra8SGD2vXM0r8Eo1O%2B29EAZUT7dBH3o849O6hGG5%2BGgeEFKy1nWTTJsednF0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tshow
api.whizzco.com/dtracking/v1/ 		15 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.whizzco.com/dtracking/v1/tshow
Requested by
Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.15.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Wed, 31 Jan 2024 00:33:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJydtzunShtZYkewLKJ%2F57sM8Q41Gk3lrfQfaT%2FikxXzWEd0sRZgtwpZofmn5YfjirP%2FUMe4ZU1yUE4t6li4%2FPJhHwbiAvx3ASl0sZgd%2BeLSEMM3lpbJF8MXBLB1Y9N82Es%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
cf-ray
84dddcb9dc51a1e0-YYZ
alt-svc
h3=":443"; ma=86400
content-length
15
priority
u=1,i
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 31 Jan 2024 00:33:16 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 31 Jan 2024 00:33:16 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 31 Jan 2024 00:33:16 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240130
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49b0decbc87abc0c5fe97f8928eeff5f7bf1735e612edd1fbdfcff12839e5d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 Jan 2024 00:33:15 GMT
x-content-type-options
nosniff
content-encoding
br
age
30748
x-jsd-version
1.0.1951
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
836
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
etag
W/"637-/AnL0uW+hrzqMl9FIchA6lB7jS4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ 		483 B
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:16 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
235106
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2XoF0K3YR8efI0Qez6rXNry%2FAUwwv%2FPsup6%2FfPnjtKm8Qt47fk90gRHC%2Ft0yBLC9zUiFHs%2F0Wntoa37wzNrH%2BdRoT5u7PW%2Fpyio7jNzTfv1zJp2mQsX2pjJhSwpnuy4"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
84dddcbb5d2a5497-YYZ
prebid-request
onetag-sys.com/ 		0
0
bid
ap.lijit.com/rtb/ 		24 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.1.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-1-24.compute-1.amazonaws.com
Software
/
Resource Hash
47af9ee690634c7e3f48ba9a1149a81f860180feee94b2617a337a6251eb73fc

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:16 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
prebid
mp.4dex.io/ 		0
40 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:15 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84dddcb9decaa202-YYZ
expires
0
65686dbe623fb8a7bb1324d7
exchange.kueezrtb.com/prebid/multi/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
824 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
2f696b5dd6b357c564bfdf4a647fcbadfab9dac11e442c5f970315fe2fc28f38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
an-x-request-uuid
c4bc35de-8a3e-4163-a799-d06e7b211f83
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		403 B
900 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=445630&zone_id=2572862&size_id=57&rp_schain=1.0,1!didna.io,494n1p165,1,,,&eid_pubcid.org=3e07f463-6ade-42d7-98d6-fd85d3c5c3cc%5E1&rf=https%3A%2F%2Fnordot.app%2F1103463313237606400&kw=BANGShowbizEnglish%2Ckatemiddleton%2Ccatherineprincessofwales%2Cprincewilliam%2Cmegbellamy%2Cen&tg_i.domain=nordot.app&tg_i.page=https%3A%2F%2Fnordot.app%2F1103463313237606400&tg_i.name=nordot-app&tg_i.pbadslot=%2F126379976%2Fdesktop%2Fad_billboard_1%23ad_billboard_1&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=12200d4545d86c9&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F126379976%2Fdesktop%2Fad_billboard_1%23ad_billboard_1&slots=1&rand=0.6496822308513934
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c614223ab752caa3310e53482f994e60b7eb8c9c8b0f0d151b30c297dfef7f1a

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
403
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
s-rtb-pb.send.microad.jp/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
unruly_prebid
targeting.unrulymedia.com/ 		11 B
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nordot.app
pragma
no-cache
date
Wed, 31 Jan 2024 00:33:16 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
cdb
bidder.criteo.com/ 		0
0
prebid
s-rtb-pb.send.microad.jp/ 		0
0
prebid
s-rtb-pb.send.microad.jp/ 		0
0
bid
ap.lijit.com/rtb/ 		24 B
365 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.1.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-1-24.compute-1.amazonaws.com
Software
/
Resource Hash
bcdac781651836ec817fd5f11c5a5f2631eb831ebcedca3014a73d9e9d6adeb4

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:16 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ 		421 B
746 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=445630&zone_id=2572862&size_id=15&alt_size_ids=10&rp_schain=1.0,1!didna.io,494n1p165,1,,,&eid_pubcid.org=3e07f463-6ade-42d7-98d6-fd85d3c5c3cc%5E1&rf=https%3A%2F%2Fnordot.app%2F1103463313237606400&kw=BANGShowbizEnglish%2Ckatemiddleton%2Ccatherineprincessofwales%2Cprincewilliam%2Cmegbellamy%2Cen&tg_i.domain=nordot.app&tg_i.page=https%3A%2F%2Fnordot.app%2F1103463313237606400&tg_i.name=nordot-app&tg_i.pbadslot=%2F126379976%2Fdesktop%2Fad_halfpage_1%23ad_halfpage_1&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=294ac9a731d8f96&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F126379976%2Fdesktop%2Fad_halfpage_1%23ad_halfpage_1&slots=1&rand=0.3496516384602115
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ccfe71c865265c82740591f9ac7f2cdbba8414039976d942da18d4883b07de5d

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
421
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
65686dbe623fb8a7bb1324d7
exchange.kueezrtb.com/prebid/multi/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
cdb
bidder.criteo.com/ 		0
0
unruly_prebid
targeting.unrulymedia.com/ 		11 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nordot.app
pragma
no-cache
date
Wed, 31 Jan 2024 00:33:16 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
/
colossusssp.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
92090accd09a1d2c268b57c682aef78b4327f6c4873f62137cb2c67a66078ae8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
an-x-request-uuid
cb3f8db0-3442-4372-9a0e-4dab7598e06e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		0
0
auction
pbs.nextmillmedia.com/openrtb2/ 		5 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
cb0607ddd06d68b7d83cde36087159858a58bfe0a5d593eeeb58e27d0cabbc3c

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
x-prebid
pbs-go/42.17.0
vary
Origin
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		0
460 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:16 GMT
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
x-prebid
pbs-go/42.17.0
vary
Origin
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
prebid
mp.4dex.io/ 		0
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:15 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84dddcb9eecca202-YYZ
expires
0
v1
btlr.sharethrough.com/universal/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
48abe6f6bdb06a6f38d0a842e2c17af50ecbad8920267ce577fbbbcc01776125
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
an-x-request-uuid
fd9eddc1-3f4a-4399-b54d-0ef0395d975f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
auction
pbs.nextmillmedia.com/openrtb2/ 		0
459 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
x-prebid
pbs-go/42.17.0
vary
Origin
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
/
colossusssp.com/ 		0
0
cdb
bidder.criteo.com/ 		0
0
65686dbe623fb8a7bb1324d7
exchange.kueezrtb.com/prebid/multi/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		403 B
729 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=445630&zone_id=2572862&size_id=15&rp_schain=1.0,1!didna.io,494n1p165,1,,,&eid_pubcid.org=3e07f463-6ade-42d7-98d6-fd85d3c5c3cc%5E1&rf=https%3A%2F%2Fnordot.app%2F1103463313237606400&kw=BANGShowbizEnglish%2Ckatemiddleton%2Ccatherineprincessofwales%2Cprincewilliam%2Cmegbellamy%2Cen&tg_i.domain=nordot.app&tg_i.page=https%3A%2F%2Fnordot.app%2F1103463313237606400&tg_i.name=nordot-app&tg_i.pbadslot=%2F126379976%2Fdesktop%2Fad_rectangle_1%23ad_rectangle_1&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=72fd7de44023dbb&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F126379976%2Fdesktop%2Fad_rectangle_1%23ad_rectangle_1&slots=1&rand=0.2676158684499832
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f32ac60b367bd1bb9fc176456129ae82df647db6100b1b4ca0f96e73c4ed120a

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
403
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ 		11 B
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nordot.app
pragma
no-cache
date
Wed, 31 Jan 2024 00:33:16 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
bid
ap.lijit.com/rtb/ 		24 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.1.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-1-24.compute-1.amazonaws.com
Software
/
Resource Hash
1c898587bd3aa9de3c224f4e3d1426729bb1a9cb7825aacf09bf23fb6abee8ef

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:16 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
prebid
s-rtb-pb.send.microad.jp/ 		0
0
prebid
mp.4dex.io/ 		0
41 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:15 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84dddcb9feefa202-YYZ
expires
0
translator
hbopenbid.pubmatic.com/ 		0
0
prebid-request
onetag-sys.com/ 		0
0
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&placements=29917;29915
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:23 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&placements=29915
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:23 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		222 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.253.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-253-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:16 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=105303
accept-ranges
bytes
content-length
68444
expires
Thu, 01 Feb 2024 05:48:19 GMT
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:19 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
132444
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLJTFV%2FazJLqFkW%2F82PrPrmlC2YCvE2kTUBbOLCw7AeBr9euIpK0%2BxNJ%2FSDsWvZ6a9zs5hZFYy2i1HeZG8V1pYVnEMcC%2FE0fSb%2FBUfYw167T0%2FEdysNJw1esQH0nbpdo"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
84dddccebc0b36b0-YYZ
/
trends.revcontent.com/api/demand/ 		589 B
847 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=169267
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.1.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-1-116.compute-1.amazonaws.com
Software
envoy /
Resource Hash
62921b3ec5288a3afbc4291e3df141024b8f3cf3bdfbd959ad005ade511c19fc
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:33:16 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
589
sync
trends.revcontent.com/ 		62 B
558 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.1.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-1-116.compute-1.amazonaws.com
Software
envoy /
Resource Hash
b135d50c4310442851f754c5525614341f9dd2569472ee760743a948db6f2f6d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:33:16 GMT
server
envoy
etag
"e6ad18a1-ea1e-4154-91c7-d478b470d95a"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
https://nordot.app
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
cache-control
max-age=600, private, s-maxage=0, stale-while-revalidate=1800
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
content-length
62
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=08b0148c0c7641a9991ffcb505d53ed9&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D08b0148c0c7641a9991ffcb505d53ed9_2%26...
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3D08b0148c0c7641a9991ffcb505d53ed9_2%26bidder%3D3%26bidder_uid%3D__ZUID__%26c...
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=08b0148c0c7641a9991ffcb505d53ed9_2&bidder=3&bidder_uid=b0mVh_x1U4AbBMknLjlf&callback=dspCMCallback
72 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=08b0148c0c7641a9991ffcb505d53ed9_2&bidder=3&bidder_uid=b0mVh_x1U4AbBMknLjlf&callback=dspCMCallback
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
52.203.1.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-1-116.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:33:32 GMT
x-envoy-upstream-service-time
3
server
envoy
content-length
72
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=08b0148c0c7641a9991ffcb505d53ed9_2&bidder=3&bidder_uid=b0mVh_x1U4AbBMknLjlf&callback=dspCMCallback
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
190
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1706661196420
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1706661196420
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0c453536-e62c-4e6f-b398-48879847e99a&ssp=revcontent
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&callback=dspCMCallback
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
52.203.1.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-1-116.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:33:19 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

Location
//trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&callback=dspCMCallback
Date
Wed, 31 Jan 2024 00:33:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=08b0148c0c7641a9991ffcb505d53ed9&rev_dt=1706661196420
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=08b0148c0c7641a9991ffcb505d53ed9&rev_dt=1706661196420
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=08b0148c0c7641a9991ffcb505d53ed9&bidder=154&bidder_uid=7b989c66-4663-4b04-8cf4-a7ded099b1f2&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=08b0148c0c7641a9991ffcb505d53ed9&bidder=154&bidder_uid=7b989c66-4663-4b04-8cf4-a7ded099b1f2&callback=dspCMCallback
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
52.203.1.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-1-116.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:33:19 GMT
x-envoy-upstream-service-time
2
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=08b0148c0c7641a9991ffcb505d53ed9&bidder=154&bidder_uid=7b989c66-4663-4b04-8cf4-a7ded099b1f2&callback=dspCMCallback
date
Wed, 31 Jan 2024 00:33:19 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
trends.revcontent.com/api/delivery/ 		30 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=169267&width=1600&rev_allow_cookies=1&site_url=https%3A%2F%2Fnordot.app%2F1103463313237606400&icr_url=&va=0&user_uuid=e6ad18a1-ea1e-4154-91c7-d478b470d95a&time=1706661196423&up=pc&bn=chrome&bv=120&widget_width=640&style_id=0&an=false&mr=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.1.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-1-116.compute-1.amazonaws.com
Software
envoy /
Resource Hash
dcc52a554efbdb0baadd0c8939cca5e6616aeab8c22085858b9395e9f061fbab
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:33:16 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
x-envoy-upstream-service-time
89
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.1.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-1-116.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:33:19 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
brandWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.21.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-21-121.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
356c05c394aa1acd7ab323d2634e4ca319ed2fb602c787e0257172d92200e2bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 11:16:53 GMT
content-encoding
gzip
via
1.1 2d907912ff4747a90356584f2bd482f0.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jan 2024 20:18:25 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
age
48162
x-amz-server-side-encryption
AES256
etag
W/"6de9bc862bc6fdfaa31c9df1fd186fcf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
RtX-Lpx1yhzyUCbsGOjBp1dTAvblilnw11S-wfTWi449OLqCBHDelQ==
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.21.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-21-121.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca58cc84a778cb115e578190cfe200a49e15b722a5c8b5648679c6084f1f17a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:51:33 GMT
content-encoding
gzip
via
1.1 2d907912ff4747a90356584f2bd482f0.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jan 2024 20:18:25 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
age
49304
x-amz-server-side-encryption
AES256
etag
W/"dbdc08ee919b827209b33927a9118952"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
gWoXCDQGZU4fGKEG7bqN83RbQu4FGfLFOeHPjKseu8voMMKmN-NFaw==
feedWidget.delivery.js
assets.revcontent.com/master/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.21.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-21-121.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eddd922d29760850c3e11583838cb36abbeb7a2136c2bf22232d3c2d5b97c54a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 12:42:29 GMT
content-encoding
gzip
via
1.1 2d907912ff4747a90356584f2bd482f0.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jan 2024 20:18:25 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
age
42716
x-amz-server-side-encryption
AES256
etag
W/"1dade641a3b866e499b19367c52daaf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
nFIJ67tulT8DSSzmVsaLwdLtx3eXu_BfdZEEqbBFtAgS5VAQ2FK8dA==
/
img.revcontent.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.19.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-19-31.bos50.r.cloudfront.net
Software
envoy /
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 04 Oct 2023 06:35:00 GMT
via
1.1 5ce15dbc89c7affb5d3d695afd6d76c0.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 15:43:57 GMT
server
envoy
x-amz-cf-pop
BOS50-C3
age
10259898
etag
"a798d6ed9b193888fbc8a4a5bd7b51c236f8aa33"
x-cache
Hit from cloudfront
content-type
image/png
x-envoy-upstream-service-time
60
alt-svc
h3=":443"; ma=86400
content-length
1351
x-amz-cf-id
n84yqxyS09AQp86nm_hP9mu7ZD6RpO7_-M34NMeiS1HzjBdgwj4Lfg==
6557521578a378-35335404.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6557521578a378-35335404.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-125.bos50.r.cloudfront.net
Software
cloudflare /
Resource Hash
034122fa818a19732e0d9dca9c05edb3594e2ad642a1865fa03d709e19ef0140
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 10:01:53 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 685fd458a839bc725280d7e9380648c6.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
age
138685
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
24038
last-modified
Mon, 20 Nov 2023 19:36:15 GMT
server
cloudflare
etag
"44ad620fb50a3373e5b23e837189d2be"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
84d0a2ed0ca83afa-IAD
timing-allow-origin
*
x-amz-cf-id
A8viKMQxkFrAXoL9lz5MDBr62CKqbFJRfT8YRjRaaDT5K0JhzhjZMQ==
8e0f4917ef4c3e98fce4b01f686d224e.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/8e0f4917ef4c3e98fce4b01f686d224e.png
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-125.bos50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
b9a0b571f57eaf8592a65ee115132cc668621d895640bfb8e89945924ed370b7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 15:29:40 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 685fd458a839bc725280d7e9380648c6.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
age
119018
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
22431
last-modified
Sat, 17 Jun 2023 12:10:43 GMT
server
Cloudinary
etag
"b8341962516ab40d516f31821c5eede4"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Ey_xoMBmNkvVnS6Q0rrtIKzhv-3DXWfGgfvX3nyIcVg_7arBOtFATA==
https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2F77d114c6ba1da8d01913e8324ef6e585.webp
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2F77d114c6ba1da8d01913e8324ef6e585.webp
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-125.bos50.r.cloudfront.net
Software
cloudflare /
Resource Hash
1047bf2303165f70fb18f2e4ab0bb2baed7918de0243565d99a601feccbb7a25
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Wed, 31 Jan 2024 00:04:00 GMT
x-content-type-options
nosniff
via
1.1 685fd458a839bc725280d7e9380648c6.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
age
317170
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
8561
last-modified
Mon, 01 Jan 2024 12:21:22 GMT
server
cloudflare
etag
"eb5905ce8402dd93f488c3427831df44"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8467b978bb70392e-IAD
timing-allow-origin
*
x-amz-cf-id
DA_VPf0pGfpx66DAGrYB-pyh5tHkrTNXoInJUKu4MwXeLwG0K7uicA==
https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2Fdf5d40ced0ed9707b8e53902dce7a1fe.webp
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https%3A%2F%2Fde9a11s35xj3d.cloudfront.net%2Fdf5d40ced0ed9707b8e53902dce7a1fe.webp
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-125.bos50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
8303d2d8ad46da79400f9ff757e3a4ce7e74dff74bbf3c3df746181601824d4e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Fri, 26 Jan 2024 10:39:40 GMT
x-content-type-options
nosniff
via
1.1 685fd458a839bc725280d7e9380648c6.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
age
395618
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11060
last-modified
Thu, 11 Jan 2024 00:06:18 GMT
server
Cloudinary
etag
"c0c85dc0a3e97e23f11f221d8e4397a1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
z6G93edjcMqZJd7BL6klln8QxM6x5uyb477EZidMDNArf_Bn-zgV2w==
da216b8a67fda38dd85c6c6626508d81.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/da216b8a67fda38dd85c6c6626508d81.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-125.bos50.r.cloudfront.net
Software
cloudflare /
Resource Hash
5220389433c833cd9610617aed5305f2d416b2846ff6a4b32e36148976f9fafe
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Fri, 26 Jan 2024 15:08:25 GMT
x-content-type-options
nosniff
via
1.1 685fd458a839bc725280d7e9380648c6.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
age
379493
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11981
last-modified
Fri, 19 Jan 2024 05:14:51 GMT
server
cloudflare
etag
"1c03c172189d671a47c7e3e74058bbe5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
847ffd3e0a563b89-IAD
timing-allow-origin
*
x-amz-cf-id
oaaXrBzlfxO7R2Zwmh5wQQlc4tSZpDhmiaVCo5IbdxxdrCJcP20OYg==
a19801abd26da69b0404a527a72ed30b.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/a19801abd26da69b0404a527a72ed30b.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-125.bos50.r.cloudfront.net
Software
cloudflare /
Resource Hash
bcac64a1603be1dec3af184710a196369af1a5bbcdba2e6b0b27161f0bb96e90
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:52:08 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 685fd458a839bc725280d7e9380648c6.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
age
34870
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
20250
last-modified
Fri, 19 Jan 2024 05:23:03 GMT
server
cloudflare
etag
"751c4e9c6e6a47c5e2d3ac6dda17e1f9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
84da89768c665b29-IAD
timing-allow-origin
*
x-amz-cf-id
vwzlykOIKh0m_kbFUHpjIYJXRxPaGvqH5WFxAEkw8Ul9lfteQuGmRw==
91c27edba9590b7e06f675ab1fe6d468.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/91c27edba9590b7e06f675ab1fe6d468.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-125.bos50.r.cloudfront.net
Software
cloudflare /
Resource Hash
4ec53e9a0d8f74ac6954356d69b8cc1fd8b5ae1268a6be4713d7652ffb48c951
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sat, 27 Jan 2024 14:15:03 GMT
x-content-type-options
nosniff
via
1.1 685fd458a839bc725280d7e9380648c6.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
age
296295
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
14050
last-modified
Sat, 20 Jan 2024 05:10:05 GMT
server
cloudflare
etag
"58c4ccdeb75a44c734d4dacc77762c00"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8487e68e1cb70790-IAD
timing-allow-origin
*
x-amz-cf-id
0Cf_pAMSQzqic5gMZ0Fg0wxMCuylEJhr_0k0TwJWVstOoaN_Pnl0Bg==
895864bdb24804ac33572c890b986ace.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/895864bdb24804ac33572c890b986ace.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-125.bos50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
d13f91ab1a62e1359a5fafcb9f882298b95a0f735b60b97a01cbf99211adbc85
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:02:18 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 685fd458a839bc725280d7e9380648c6.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
age
37860
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13438
last-modified
Sat, 20 Jan 2024 05:31:34 GMT
server
Cloudinary
etag
"784a27c32d901cd3c9272bc6aee7f41a"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
u6gkN0PG-5KUA45jvPtO_XUPksrpjj2vJf8JYeKQmlt5Bxq-lpT5Cg==
fe3b7ed93600a4330843db4d3d0dbb1f.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/fe3b7ed93600a4330843db4d3d0dbb1f.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-125.bos50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
eafba26e24c80c1199a2da9c67547d2aca2c97276b684c861be6448ea35bf704
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sat, 27 Jan 2024 18:43:18 GMT
x-content-type-options
nosniff
via
1.1 685fd458a839bc725280d7e9380648c6.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
age
280200
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15498
x-request-id
5ccc0eeabb1333ff2d5a15cae65ca57f
last-modified
Sat, 20 Jan 2024 05:07:53 GMT
server
Cloudinary
etag
"562d90ee09418acead0b5b19bacf43c6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
yITHmrv6UATF5MJBZsvziG6KhJ-mUqk5uACwZCEj5PTZ2kgMfXIGeg==
0a148cf2545952be189705a9c4ce62b2.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/0a148cf2545952be189705a9c4ce62b2.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-125.bos50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
f55ec1a81d641a7b309ae4916fc82ca314edc9bcc97159b6e0a2aeedd2f782bf
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 05:23:08 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 685fd458a839bc725280d7e9380648c6.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
age
69010
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11009
x-request-id
903b2da26628b18fa943db777f603602
last-modified
Tue, 30 Jan 2024 05:10:44 GMT
server
Cloudinary
etag
"9a219b0aaa1daadb499882678f942ce6"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
QPq3GNbP0L9AlnrAiL5W7IOqHeL9woIFyyQuE3BcjLE-nYRtSVH0Jw==
e664b57b56ae632454f893301d5e0799.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/e664b57b56ae632454f893301d5e0799.jpeg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-125.bos50.r.cloudfront.net
Software
cloudflare /
Resource Hash
24814800066bb8325efc2781ac3ed3ff8a1b0f77048d40b2e02fc7304e79621d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 12:37:51 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 685fd458a839bc725280d7e9380648c6.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
age
42927
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
21704
last-modified
Tue, 30 Jan 2024 05:31:48 GMT
server
cloudflare
etag
"bc00816e651ca241ed176cfd44c77728"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
84d9c4c58d3405df-IAD
timing-allow-origin
*
x-amz-cf-id
E8spzURF9MUvkBbscPbEGHbgaKcU9LqcL0iXxOe02gTYa-ckR9erjw==
11059515.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto:eco,h_112,w_225,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/cr_videos/169831/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto:eco,h_112,w_225,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/cr_videos/169831/11059515.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-125.bos50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
bc4156e6bba79e792d217dca00a6bdc80f0cac60d0dff8ea495f8d01e6ac55b7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 12:49:03 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 685fd458a839bc725280d7e9380648c6.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-C2
age
215055
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2206
last-modified
Sat, 11 Nov 2023 01:13:18 GMT
server
Cloudinary
etag
"6b1f635d0ad9a8a0a59c2ee20df36f2c"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
KMLpyv2YR9UEK-YcgHBuUPKcFcXY3Mzokk_lDyFe0Mh5LSbPqqJ7ww==
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=42ac9060-0be5-4c4c-8619-7f34b8801c9c&initiator=me&us_privacy=1---&gdpr=0
  • https://rtb-use.mfadsrvr.com/ul_cb/sync?ssp=revcontent&seller_network=revcontent_&bid_id=42ac9060-0be5-4c4c-8619-7f34b8801c9c&initiator=me&us_privacy=1---&gdpr=0
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=0c453536-e62c-4e6f-b398-48879847e99a&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=0c453536-e62c-4e6f-b398-48879847e99a&callback=dspCMCallback
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
52.203.1.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-1-116.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:33:18 GMT
x-envoy-upstream-service-time
3
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=0c453536-e62c-4e6f-b398-48879847e99a&callback=dspCMCallback
date
Wed, 31 Jan 2024 00:33:18 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=42ac9060-0be5-4c4c-8619-7f34b8801c9c&initiator=me&us_privacy=1---&gdpr=0
  • https://rtb-use.mfadsrvr.com/ul_cb/sync?ssp=intentiq&seller_network=revcontent_&bid_id=42ac9060-0be5-4c4c-8619-7f34b8801c9c&initiator=me&us_privacy=1---&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=0c453536-e62c-4e6f-b398-48879847e99a
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=0c453536-e62c-4e6f-b398-48879847e99a&ckls=true&ci=HMaJUmuuSt&nc=false&trid=-1813594253
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=0c453536-e62c-4e6f-b398-48879847e99a&ckls=true&ci=HMaJUmuuSt&nc=false&trid=-1813594253
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
3.162.3.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-125.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:19 GMT
via
1.1 2080aae7ace369c71819923852e1b17e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
bmuwnFuYmt522eWeHw2PZDITXaD7dODM4LHFY98FzOKxQ8awvV5SRQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:19 GMT
via
1.1 2080aae7ace369c71819923852e1b17e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=0c453536-e62c-4e6f-b398-48879847e99a&ckls=true&ci=HMaJUmuuSt&nc=false&trid=-1813594253
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
toEwTvrpT28mqj0kH5h35zQSvzdyyYMOXHCvLZN0XThtVzs3R5i4hA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=revcontent&seller_network=revcontent_&bid_id=711f19be-fc50-4f00-9c50-34ebd2ed3414&initiator=me&us_privacy=1---&gdpr=0
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=0c453536-e62c-4e6f-b398-48879847e99a&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=0c453536-e62c-4e6f-b398-48879847e99a&callback=dspCMCallback
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
52.203.1.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-1-116.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 31 Jan 2024 00:33:18 GMT
x-envoy-upstream-service-time
3
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=&bidder=154&bidder_uid=0c453536-e62c-4e6f-b398-48879847e99a&callback=dspCMCallback
date
Wed, 31 Jan 2024 00:33:18 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=intentiq&seller_network=revcontent_&bid_id=711f19be-fc50-4f00-9c50-34ebd2ed3414&initiator=me&us_privacy=1---&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=0c453536-e62c-4e6f-b398-48879847e99a
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=0c453536-e62c-4e6f-b398-48879847e99a&ckls=true&ci=xyAaIFHpqp&nc=false&trid=-2024947773
43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=0c453536-e62c-4e6f-b398-48879847e99a&ckls=true&ci=xyAaIFHpqp&nc=false&trid=-2024947773
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
3.162.3.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-125.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:19 GMT
via
1.1 2080aae7ace369c71819923852e1b17e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
lif0GTEEvSSuzXbburZarr2TyTZyNI2PffTlLt4zB3QQw3U950F9_Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:19 GMT
via
1.1 2080aae7ace369c71819923852e1b17e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1980923529&pcid=0c453536-e62c-4e6f-b398-48879847e99a&ckls=true&ci=xyAaIFHpqp&nc=false&trid=-2024947773
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
IB--Vqp0ovldLreBh6Z7tqd6JwMIZdYoytJfe2rF-dXVIW3kM7QnhA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
11059515.mp4
media.revcontent.com/cr_videos/169831/ 		208 KB
208 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://media.revcontent.com/cr_videos/169831/11059515.mp4
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-2.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dde2e059710cec5179594241f0db5d75752cb13709f959d414476396730d2b11

Request headers

Referer
https://nordot.app/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 17 Jan 2024 11:37:37 GMT
x-amz-version-id
V1ydNXEhEpvAu3tzR3huRf1dkd.FXjB6
via
1.1 e4c06b6e6eb895470e2fd65bbc93b3b6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C3
age
1169746
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-212569/212570
alt-svc
h3=":443"; ma=86400
Content-Length
212570
last-modified
Fri, 10 Nov 2023 14:00:47 GMT
server
AmazonS3
etag
"72aefce23609320de14643b49e89fd48"
content-type
video/mp4
accept-ranges
bytes
x-amz-cf-id
UblStU5KQ_NlT0JBDP3xeb4bG3PxWyquC98d4VJXeFqSkbIHrqMluQ==
AGSKWxWaANBCBENKFFyMgTacMemriPdyHwYW7Q719I50tBXvp91Ttsxb_p_vXgO5WxYJxFYan_xHrWXT9jVBEtJuMxCkAlBrK0Xk4REdRHVstYQB0xxzrZ0giDIthkluDGfDuAMNMhSiWA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWaANBCBENKFFyMgTacMemriPdyHwYW7Q719I50tBXvp91Ttsxb_p_vXgO5WxYJxFYan_xHrWXT9jVBEtJuMxCkAlBrK0Xk4REdRHVstYQB0xxzrZ0giDIthkluDGfDuAMNMhSiWA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NjYxMTk2LDkxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ub3Jkb3QuYXBwLzExMDM0NjMzMTMyMzc2MDY0MDAiLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f100.1e100.net
Software
ESF /
Resource Hash
918a9543162474ed798c7221f51b127bb61016c95baa599dddfce3e9d1af9f02
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-29pDd6sJnV_ezS55xP48tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-29pDd6sJnV_ezS55xP48tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsGoxSXF4KQhxaAYtpPpvNMdputAfFHlKdNNIK5leMbUCsQPwp8xvQBiA43nTBZAXJD9nKkCiBn_vGDiBOJ3X14yCXx9ySQBxFpA_E7yFdM3IN7h48HyJnw6K1_EdNbTBdNZLwMxWwWQD8RxddNZC4CYb910VsP101m3nJnOugeIY55PZ00B4sWsM1hXA_GUwBmsc4C4JXoG6zQgdkqfwRoCxJ8zZ7D-BuKy2-dY64BYiIfjzKpna9kEJmyefJwZAGtaWac"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 23:28:31 GMT
content-encoding
gzip
age
1645491
x-guploader-uploadid
ABPtcPql9Y44WRrtRoL8agzBjx-j0hj4kkGX3gdpO8wWqtRdRebObNDqoRQh-ZCrgGaitbC7qNbenccfnteW75w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 10 Jan 2025 23:28:31 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 Jan 2024 07:12:05 GMT
server
nginx
etag
W/"65a8cf45-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 01 Feb 2024 00:33:23 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 Jan 2024 00:33:16 GMT
x-content-type-options
nosniff
content-encoding
br
age
17509
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4537-YYZ
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f71c68db8f50cecab42686d45c685b9fa2710dac74bd8eb50df4689575fc204
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 30 Jan 2024 10:08:32 GMT
server
cloudflare
x-amz-request-id
BNS3KM694BHVK491
age
745
etag
W/"b03d5064c95ecd01501cdae49ca9228b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
84dddd008a7b53e3-YYZ
x-amz-id-2
Gq9Bs6pZ66nu1ge1z6qxknTMtepSkFAPhSrsy9OkJwxk6H7U3VLxxdRnJCOgEIW9+Zx/2PprZ5gtXxpo3RY9eA==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:23 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
994595f3b7ec00318601fcc661c28756
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-33.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:09:02 GMT
content-encoding
gzip
via
1.1 275c32bc50366db37e8c3324dfc942a6.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
age
62661
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Ey8tHasFpzf0upndx3WsrAzln91q_J-mP1wLzYlwl4h_9edQInWEcQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.161.253.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-253-193.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Tue, 30 Jan 2024 10:04:26 GMT
Via
1.1 1bffd64b2a2fa20ecc97fd2f8e605ec4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
YUL62-P2
Age
52137
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
gpvxb7qUHP0CMhqQbuFhU0khTs_f89ja2HS48HW5XwMTFbLSdfJvPQ==
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-68.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:09:36 GMT
via
1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
YUL62-P1
age
1429
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
6x7f3yn44c3UCYJrxv4AZlo9mwVP2mK1GQE8PQKKsSVPeLW77Nic0g==
ob.js
cdn-ima.33across.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86036cbe1dd82dc84489e713501e2fb7e5e18d2f41b3668006f5657e3deb512a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 23 Jan 2024 20:10:49 GMT
server
cloudflare
age
539958
etag
W/"65b01d49-42c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84dddceeeabba1d8-YYZ
expires
Sat, 03 Feb 2024 00:33:24 GMT
AGSKWxUEEc81ZKylnLylFzcbtDnWb0GbUInbpTQnYoxL77lNaK6AezWJjoZPTta1CzmHVQ4qrTTDzfIbYGcD7cBAtQIJoJD7AIw69cXNtZcPNRYeGjuhg3maknsflzBVATKil68rsAnpRg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUEEc81ZKylnLylFzcbtDnWb0GbUInbpTQnYoxL77lNaK6AezWJjoZPTta1CzmHVQ4qrTTDzfIbYGcD7cBAtQIJoJD7AIw69cXNtZcPNRYeGjuhg3maknsflzBVATKil68rsAnpRg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NjYxMTk2LDk3OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbm9yZG90LmFwcC8xMTAzNDYzMzEzMjM3NjA2NDAwIixudWxsLFtbOCwibE1JemRBS0tERVkiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f100.1e100.net
Software
ESF /
Resource Hash
88bd4c21016bd5c895bc9a0d96fd043e3d314f9a6fc2129e9eb15a249336ec2a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ypH_Ot5rBxZwrUsj8nAwmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ypH_Ot5rBxZwrUsj8nAwmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXFEKQhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZBL6-ZJIAYi0gfif5iukbEO_w8WB5Ez6dlS9iOuvpgumsl4GYrQLIB-K4uumsBUDMt246q-H66axbzkxn3QPEMc-ns6YA8WLWGayrgXhK4AzWOUDcEj2DdRoQO6XPYA0B4s-ZM1h_A3HZ7XOsdUAsxM1xdtWztWwCG67t5QIAQrJdPg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&placements=29915
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:23 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
page-view
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.1.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-1-116.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nordot.app
content-length
0
date
Wed, 31 Jan 2024 00:33:18 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
4
x-rc-region
us-east-1a
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.1.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-1-116.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nordot.app
content-length
0
date
Wed, 31 Jan 2024 00:33:18 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
page-view
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.1.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-1-116.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:18 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.1.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-1-116.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:18 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidResponse&bidder=nextMillennium&source=pbjs&placements=29917
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:23 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
bbad3.
fundingchoicesmessages.google.com/f/AGSKWxUNg0q3N89lo2VKMCznFrlGCmMNUSSr15RR_LOUX7RsEgZDicqkRFv8o5mS5KALp9lR9AFCcHQJmDruGcisInp3VqKizFP3PB1vhmpTw8HwYy7tqPpddhNlKfrj2nZfT1_K0kR5YyuagFZrykJ1exfx181K2... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUNg0q3N89lo2VKMCznFrlGCmMNUSSr15RR_LOUX7RsEgZDicqkRFv8o5mS5KALp9lR9AFCcHQJmDruGcisInp3VqKizFP3PB1vhmpTw8HwYy7tqPpddhNlKfrj2nZfT1_K0kR5YyuagFZrykJ1exfx181K2PesFXaOyfua0g3taUTpDBklZSvPoUzj/_/burt/adv_/feedads./468x70-yourtango.com/bbad3.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwUwk8S3lvqCRjdd4FHf7_IJcArdw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f100.1e100.net
Software
ESF /
Resource Hash
fe336101f8c59e2205145584e95b3c523939c4feddd720745c108b9506103c08
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aPNdjD4me2MF0T2Q6IehRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aPNdjD4me2MF0T2Q6IehRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEw3F21bO1bAInTs08wQQAbodYxw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwUwk8S3lvqCRjdd4FHf7_IJcArdw/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:29:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 01:29:57 GMT
AGSKWxVvBy_2YgzI2rlTvIMtFmWuVEQj5V5OZCxhc7iWdXrFJLEDtIBEegnfsNdgk3dmI3JApht0wlVxVVNFZY4mHtM_uVfws6L8MWSTJwFUxD-Z0ziYJPl3chifzkeNNejBzko9heTJGA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvBy_2YgzI2rlTvIMtFmWuVEQj5V5OZCxhc7iWdXrFJLEDtIBEegnfsNdgk3dmI3JApht0wlVxVVNFZY4mHtM_uVfws6L8MWSTJwFUxD-Z0ziYJPl3chifzkeNNejBzko9heTJGA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G5vRtVaLcZE-OBaxYTBqAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G5vRtVaLcZE-OBaxYTBqAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4-yqZ2vZBE7MfPWKCQDsfSEM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVvBy_2YgzI2rlTvIMtFmWuVEQj5V5OZCxhc7iWdXrFJLEDtIBEegnfsNdgk3dmI3JApht0wlVxVVNFZY4mHtM_uVfws6L8MWSTJwFUxD-Z0ziYJPl3chifzkeNNejBzko9heTJGA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvBy_2YgzI2rlTvIMtFmWuVEQj5V5OZCxhc7iWdXrFJLEDtIBEegnfsNdgk3dmI3JApht0wlVxVVNFZY4mHtM_uVfws6L8MWSTJwFUxD-Z0ziYJPl3chifzkeNNejBzko9heTJGA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qKnztIj_qlr5Htzjxc5iHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qKnztIj_qlr5Htzjxc5iHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4-yqZ2vZBB68_fqKCQDyDiGP"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 31 Jan 2024 00:33:17 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
prebid
s-rtb-pb.send.microad.jp/ 		47 B
510 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=87e5c7e3e967c44&transaction_id=undefined&media_types=3&cbt=95e7728e12a82018d5cef37d1&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%223e07f463-6ade-42d7-98d6-fd85d3c5c3cc%22%7D%5D
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:18 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
fastlane.json
fastlane.rubiconproject.com/a/api/ 		409 B
466 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=445630&zone_id=2572862&size_id=15&rp_schain=1.0,1!didna.io,494n1p165,1,,,&eid_pubcid.org=3e07f463-6ade-42d7-98d6-fd85d3c5c3cc%5E1&rf=https%3A%2F%2Fnordot.app%2F1103463313237606400&kw=BANGShowbizEnglish%2Ckatemiddleton%2Ccatherineprincessofwales%2Cprincewilliam%2Cmegbellamy%2Cen&tg_i.domain=nordot.app&tg_i.page=https%3A%2F%2Fnordot.app%2F1103463313237606400&tg_i.name=nordot-app&tg_i.pbadslot=%2F126379976%2Fdesktop%2Fad_in_paragraph_1%23ad_in_paragraph_1&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=8912683478e6176&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F126379976%2Fdesktop%2Fad_in_paragraph_1%23ad_in_paragraph_1&slots=1&rand=0.8926250576804919
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1eee8c38e8802407d6dca550dfac248c80d8f3c0814d3e1f5903477dfc87e798

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
409
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ 		11 B
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nordot.app
pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
prebid-request
onetag-sys.com/ 		15 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://nordot.app
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
ib.adnxs.com/ut/v3/ 		139 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3d403b6244107dd484e1047e88177d8e709d854e598fd312f7db4a0ebe3bd138
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
an-x-request-uuid
0fb0dfe4-f3ab-404e-ba50-3977d74be799
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
colossusssp.com/ 		0
0
65686dbe623fb8a7bb1324d7
exchange.kueezrtb.com/prebid/multi/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
cdb
bidder.criteo.com/ 		0
188 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=35498722860&lsavail=1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:18 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ 		24 B
365 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.1.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-1-24.compute-1.amazonaws.com
Software
/
Resource Hash
adfa92bb37a71b1de6544805baa2fdc0565824cda30fd822013a6a0107f3d3fd

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:17 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
prebid
mp.4dex.io/ 		0
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84dddcc63d0ea202-YYZ
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		0
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
x-prebid
pbs-go/42.17.0
vary
Origin
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&placements=29915
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:23 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 01 Feb 2024 00:33:23 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 31 Jan 2024 00:33:17 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
/
colossusssp.com/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
0
prebid
s-rtb-pb.send.microad.jp/ 		47 B
509 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=11922363ff5a3a6c&transaction_id=undefined&media_types=3&cbt=b31433fb263310018d5cef37e9&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%223e07f463-6ade-42d7-98d6-fd85d3c5c3cc%22%7D%5D
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.2 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:18 GMT
strict-transport-security
max-age=86400
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin
https://nordot.app
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
x-xss-protection
1; mode=block
auction
pbs.nextmillmedia.com/openrtb2/ 		6 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
fb24b25bb91f7581e63efc45b67db32fa6ac3e0ca6551b2d8171f1b036bb728f

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
x-prebid
pbs-go/42.17.0
vary
Origin
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
prebid
ib.adnxs.com/ut/v3/ 		140 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
c4c6ca254af069397bbef06bc71aeff299af0baa5e02a8c20e40d29ec6ba9afc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
an-x-request-uuid
34efed1b-7ae1-43ea-9bb0-a92079b07aba
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		409 B
443 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=445630&zone_id=2572862&size_id=15&rp_schain=1.0,1!didna.io,494n1p165,1,,,&eid_pubcid.org=3e07f463-6ade-42d7-98d6-fd85d3c5c3cc%5E1&rf=https%3A%2F%2Fnordot.app%2F1103463313237606400&kw=BANGShowbizEnglish%2Ckatemiddleton%2Ccatherineprincessofwales%2Cprincewilliam%2Cmegbellamy%2Cen&tg_i.domain=nordot.app&tg_i.page=https%3A%2F%2Fnordot.app%2F1103463313237606400&tg_i.name=nordot-app&tg_i.pbadslot=%2F126379976%2Fdesktop%2Fad_in_paragraph_2%23ad_in_paragraph_2&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=1257d7bf4c0dae1b&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F126379976%2Fdesktop%2Fad_in_paragraph_2%23ad_in_paragraph_2&slots=1&rand=0.05342226106363346
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
26cde3b7eb15105f83935450eecf442c6838406d803fa8658114cf483906319c

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
409
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
407 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://nordot.app
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
unruly_prebid
targeting.unrulymedia.com/ 		11 B
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.11 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://nordot.app
pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
prebid
mp.4dex.io/ 		0
41 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:17 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84dddcc65d40a202-YYZ
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
65686dbe623fb8a7bb1324d7
exchange.kueezrtb.com/prebid/multi/ 		0
0
cdb
bidder.criteo.com/ 		0
189 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=86838795131&lsavail=1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:18 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ 		25 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.1.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-1-24.compute-1.amazonaws.com
Software
/
Resource Hash
bc22f49b8344f3009be5c0c22aaacb92a5459151feb3924e6a9497b9d84fed09

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:17 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
v1
btlr.sharethrough.com/universal/ 		0
0
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidResponse&bidder=nextMillennium&source=pbjs&placements=29915
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:23 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
didna_trackers.html
storage.didna.io/ Frame A28A 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.didna.io/didna_trackers.html
Requested by
Host: nordot.app
URL: blob:https://nordot.app/5ad98194-9b18-44e7-9c6e-1088556c5b2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.239.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.239.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1104
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
2867
content-type
text/html
date
Wed, 31 Jan 2024 00:14:54 GMT
etag
"13d9c4d6c276bc3cb0b5afd7ff642b8d"
expires
Wed, 31 Jan 2024 01:14:54 GMT
last-modified
Sun, 14 Jun 2020 19:10:59 GMT
server
UploadServer
x-goog-generation
1592161859249348
x-goog-hash
crc32c=+vRTlQ== md5=E9nE1sJ2vDywta/X/2QrjQ==
x-goog-metageneration
2
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2867
x-guploader-uploadid
ABPtcPrEOeYBGBSZ3kTqenYxCqfzq3ZXCS0l-bEV9CnYgsPFKC9LdsCMt7waBHtU5UZBMGrMBZharGmc
quant.js
secure.quantserve.com/ Frame A28A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.149 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:19 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 07 Feb 2024 00:33:19 GMT
beacon.js
sb.scorecardresearch.com/ Frame A28A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-51.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 23:21:43 GMT
content-encoding
gzip
via
1.1 99442e301c9543d48067e4e142e03290.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P2
age
57784
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
0L6NXAd5_Dl6t2Y9lZD6j8eE7UAzSyuu1nvs3WyhfMBRw7n2jhLLqw==
rules-p-WnvyhEGJaE9Xh.js
rules.quantcount.com/ Frame A28A 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-WnvyhEGJaE9Xh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-123.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7fd21b6e0980aada740143417f0af047b4c0e30d5e2d353ca62f14feb2c7459

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 23:33:39 GMT
via
1.1 4afe58622c53f3abab57af35bd692fb4.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
3583
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:48:13 GMT
server
AmazonS3
etag
"be75d26a2b1c32b2802b4df92f1949d9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
vT5IWkEetd2X_2rMZ3-M2EhwRkyPvL83feFPDgvtk6w2oAfI67BL0g==
ads
securepubads.g.doubleclick.net/gampad/ 		67 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1474800332291219&correlator=955073411385740&eid=31079956%2C31080335%2C44807747&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=126379976%2Cdesktop%2Cad_billboard_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&ifi=1&didk=3921174633&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706661199600&lmt=1706661199&adxs=316&adys=115&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&vis=1&psz=972x314&msz=970x250&fws=512&ohw=0&ga_vid=438721024.1706661200&ga_sid=1706661200&ga_hid=474348586&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYgOm859UxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNlMDdmNDYzLTZhZGUtNDJkNy05OGQ2LWZkODVkM2M1YzNjYxip6bzn1TFIABIdCg5lc3AuY3JpdGVvLmNvbRj_6Lzn1TFIAFICCGQSFwoIcnRiaG91c2UY_-i859UxSABSAghkEhQKBW9wZW54GP_ovOfVMUgAUgIIZBIZCgp1aWRhcGkuY29tGIDpvOfVMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_-i859UxSABSAghk&dlt=1706661195206&idt=457&prev_scp=auid%3Dad_billboard_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse%26refresh-iteration%3D0&cust_params=iab%3Diab17%26pub%3Dglobal%26path%3D%252F%26chunitid%3D641577452118279265%26cuunitid%3D0&adks=2439979591&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
1ea32e31fdb3bfe4c122b5b638d3002d1274477d0f67ba1d62512c57f91b7016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:20 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 676E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:33:20 GMT
expires
Thu, 30 Jan 2025 00:33:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		755 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1474800332291219&correlator=4225364074435072&eid=31079956%2C31080335%2C44807747&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=126379976%2Cdesktop%2Cad_halfpage_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=2&didk=3864841234&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706661199639&lmt=1706661199&adxs=986&adys=894&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&ga_vid=438721024.1706661200&ga_sid=1706661200&ga_hid=474348586&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYgOm859UxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNlMDdmNDYzLTZhZGUtNDJkNy05OGQ2LWZkODVkM2M1YzNjYxip6bzn1TFIABIdCg5lc3AuY3JpdGVvLmNvbRj_6Lzn1TFIAFICCGQSFwoIcnRiaG91c2UY_-i859UxSABSAghkEhQKBW9wZW54GP_ovOfVMUgAUgIIZBIZCgp1aWRhcGkuY29tGIDpvOfVMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_-i859UxSABSAghk&dlt=1706661195206&idt=457&prev_scp=auid%3Dad_halfpage_1%26adLocation%3Datf%26didna_vis%3Dtrue%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D8%26hb_adid%3D1425d67f0848a48e%26hb_bidder%3DnextMillennium%26didna_refr%3Dfalse%26refresh-iteration%3D0&cust_params=iab%3Diab17%26pub%3Dglobal%26path%3D%252F%26chunitid%3D641577452118279265%26cuunitid%3D0&adks=3196454924&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
1e9cc4a3d46ded64af434e1bf7be6f2983d8cc8e1b407298a8ee1b8439273576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		756 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1474800332291219&correlator=709788801185152&eid=31079956%2C31080335%2C44807747&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=126379976%2Cdesktop%2Cad_rectangle_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=3&didk=1024703862&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706661199651&lmt=1706661199&adxs=986&adys=894&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&ga_vid=438721024.1706661200&ga_sid=1706661200&ga_hid=474348586&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYgOm859UxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNlMDdmNDYzLTZhZGUtNDJkNy05OGQ2LWZkODVkM2M1YzNjYxip6bzn1TFIABIdCg5lc3AuY3JpdGVvLmNvbRj_6Lzn1TFIAFICCGQSFwoIcnRiaG91c2UY_-i859UxSABSAghkEhQKBW9wZW54GP_ovOfVMUgAUgIIZBIZCgp1aWRhcGkuY29tGIDpvOfVMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y_-i859UxSABSAghk&dlt=1706661195206&idt=457&prev_scp=auid%3Dad_rectangle_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse%26refresh-iteration%3D0&cust_params=iab%3Diab17%26pub%3Dglobal%26path%3D%252F%26chunitid%3D641577452118279265%26cuunitid%3D0&adks=4065996199&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
6debcf007daae7098aede21aa59b4bd3da1a0aac1b5baaed0041aca462e0d482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
340
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012401091919000/ Frame BE93 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Jan 2024 16:04:00 GMT
age
30560
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56104
x-xss-protection
0
server
sffe
etag
"cf7caf439f3410f8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 Jan 2025 16:04:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame BE93 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Jan 2024 21:49:19 GMT
age
9844
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5212
x-xss-protection
0
server
sffe
etag
"d5f0e0ea1e5219b8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 Jan 2025 21:49:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame BE93 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Jan 2024 19:51:43 GMT
age
16900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29119
x-xss-protection
0
server
sffe
etag
"7ed328db9ca95286"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 Jan 2025 19:51:43 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame BE93 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Jan 2024 13:37:47 GMT
age
384936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1910
x-xss-protection
0
server
sffe
etag
"b1b3f9c71858a21a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Jan 2025 13:37:47 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012401091919000/v0/ Frame BE93 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012401091919000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 28 Jan 2024 14:06:03 GMT
age
210440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12971
x-xss-protection
0
server
sffe
etag
"0e9793e292f94cd9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 27 Jan 2025 14:06:03 GMT
css
fonts.googleapis.com/ Frame BE93 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 00:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 23:49:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 00:33:20 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BE93 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 17:53:38 GMT
x-content-type-options
nosniff
server
cafe
age
23982
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Wed, 31 Jan 2024 17:53:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BE93 		344 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:29:31 GMT
x-content-type-options
nosniff
server
cafe
age
229
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 01 Feb 2024 00:29:31 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/8110202065179229502/ Frame BE93 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8110202065179229502/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
27338a4ccc83bcd831a4608e6d6ab5270ff706458758407e01f857f13e05049d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 19:03:59 GMT
date
Tue, 30 Jan 2024 19:03:59 GMT
x-content-type-options
nosniff
age
19761
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20760
x-xss-protection
0
last-modified
Sat, 07 Oct 2023 14:54:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame BE93 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BE93 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BE93 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6180189f97f183998256ce1d41dd6b6ebca562a9cc7b11a124dfc58bfd98d058

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
pixel;r=2134213171;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=https%3A%2F%2Fnordot.app%2F;uht=2;fpan=1;fpa=P0-1474832620-1706661199030;pbc=;ns=1;ce=1;qjs=1;...
pixel.quantserve.com/ Frame A28A 		35 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2134213171;rf=0;a=p-WnvyhEGJaE9Xh;url=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html;ref=https%3A%2F%2Fnordot.app%2F;uht=2;fpan=1;fpa=P0-1474832620-1706661199030;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=storage.didna.io;dst=1;et=1706661200138;tzo=480;ogl=locale.en_US%2Ctype.website%2Ctitle.diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield%2Cdescription.diDNA%20programmatic%20yield%20management%2Curl.https%3A%2F%2Fwww%252Edidna%252Eio%2F%2Csite_name.diDNA;ses=9816c9b0-d680-4f01-a51c-77cdbca2c326;mdl=
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.149 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:20 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
b2
sb.scorecardresearch.com/ Frame A28A
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=27875916&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706661200309&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20Pu...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=27875916&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706661200309&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20P...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=27875916&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706661200309&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c9=https%3A%2F%2Fnordot.app%2F
Requested by
Host: storage.didna.io
URL: https://storage.didna.io/didna_trackers.html
Protocol
H2
Server
3.162.3.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-51.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://storage.didna.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:20 GMT
via
1.1 99442e301c9543d48067e4e142e03290.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P2
x-amz-cf-id
f8IDv_HFLpHvPxZW4GLEcz8QEq-tQ-Eaf8sIGySd4zN8ZI0VbSSJ0g==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 31 Jan 2024 00:33:20 GMT
via
1.1 99442e301c9543d48067e4e142e03290.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=27875916&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1706661200309&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fstorage.didna.io%2Fdidna_trackers.html&c8=diDNA%20%7C%20Publisher%20Partner%20%7C%20Header%20Bidding%20%7C%20Programmatic%20Yield&c9=https%3A%2F%2Fnordot.app%2F
content-length
0
x-amz-cf-id
YolbZusmnuKkV-tZHHrLkShkSQX_RmvbBAlglRFdBe_uwwG3st4caQ==
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BE93 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nordot.app
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 11:15:04 GMT
x-content-type-options
nosniff
age
307096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Jan 2025 11:15:04 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 31 Jan 2024 00:33:20 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
374926
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0&b=1&g=ut4zOmF0Mpl%2FcmptUNGPrRfKmZPaSFdMbb5Ty0Abuho%3D
42 B
138 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0&b=1&g=ut4zOmF0Mpl%2FcmptUNGPrRfKmZPaSFdMbb5Ty0Abuho%3D
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:20 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 31 Jan 2024 00:33:20 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://nordot.app
location
https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0&b=1&g=ut4zOmF0Mpl%2FcmptUNGPrRfKmZPaSFdMbb5Ty0Abuho%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
json
gum.criteo.com/sid/ 		370 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&cw=1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a521ed8025803c6b8daa3d03dfec9682b1cc450981bc1d0e84a30285c9bed367
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
867100
expires
0
f
fid.agkn.com/ 		151 B
683 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2086764725&r=https%3A%2F%2Fnordot.app%2F1103463313237606400
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.93.122.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-122-201.compute-1.amazonaws.com
Software
AAWebServer /
Resource Hash
701d86c2142cb744f4ec1d73dd57f82cff04601f8e706c82d465d1c88645f32f

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:20 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
prebid
id5-sync.com/api/config/ 		0
0
envelope
api.rlcdn.com/api/identity/ 		0
0
sync
cookies.nextmillmedia.com/ Frame 5AE2 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.nextmillmedia.com/sync?type=iframe
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.172.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-172-228.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
cbb470390431a28455afefcded54718a12e0c0acfe31b79e1562f31d94d3cf1f

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
2981
content-type
text/html
date
Wed, 31 Jan 2024 00:33:24 GMT
server
fasthttp
iframe
sync.colossusssp.com/ Frame A4F8 		0
0
/
onetag-sys.com/usync/ Frame FAE4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1706661197765
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
1bb35275679fea6c43901369f47659bccaa8b61e18e1798bf5b4d04398a0224a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1534
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
/
sync.kueezrtb.com/api/sync/iframe/ Frame 8038 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9FE5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.253.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-253-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32550
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 31 Jan 2024 00:33:20 GMT
expires
Wed, 31 Jan 2024 09:35:50 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4FC2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.252.246 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-252-246.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 31 Jan 2024 00:33:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 01 Feb 2024 00:33:31 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame AC77 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jan 2024 00:33:26 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/match/ Frame FAE4
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=onetag&ssp_user_id=MsiWN7xI_BcnakTwlc3RbMx7fSk5pV_DotU8GxV4CQ0
  • https://onetag-sys.com/match/?int_id=160&uid=7b989c66-4663-4b04-8cf4-a7ded099b1f2
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=160&uid=7b989c66-4663-4b04-8cf4-a7ded099b1f2
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706661197765
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=160&uid=7b989c66-4663-4b04-8cf4-a7ded099b1f2
date
Wed, 31 Jan 2024 00:33:20 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
onetag-sys.com/match/ Frame FAE4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=c85765b9-9551-4700-82d0-3a50a75cd423&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=c85765b9-9551-4700-82d0-3a50a75cd423&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706661197765
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Wed, 31 Jan 2024 00:33:21 GMT
Server
MT3 1451 1934b03 master ord ord-pixel-x5 config_version:"1906"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=c85765b9-9551-4700-82d0-3a50a75cd423&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 31 Jan 2024 00:33:20 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame FAE4 		0
0
/
onetag-sys.com/match/ Frame FAE4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6245270470711808888
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6245270470711808888
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706661197765
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:20 GMT
an-x-request-uuid
444446c8-353c-4e39-b643-08bdebd821c7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6245270470711808888
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-matching
ads.stickyadstv.com/ Frame FAE4 		0
0
tap.php
pixel.rubiconproject.com/ Frame FAE4 		42 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=MsiWN7xI_BcnakTwlc3RbMx7fSk5pV_DotU8GxV4CQ0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706661197765
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
82a6cabd8b3f0d2d2ae6e86e2699f0ba
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
73c1e1bfc3bde354d60b80e601ae3914.gif
cs.admanmedia.com/ Frame FAE4 		0
0
sync
t.adx.opera.com/pub/ Frame FAE4 		0
0
pixel
cm.g.doubleclick.net/ Frame FAE4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjVzvRAl5mYp637RQJZSaA4FASVSTSO5Kdw
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjVzvRAl5mYp637RQJZSaA4FASVSTSO5Kdw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706661197765
Protocol
H2
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjVzvRAl5mYp637RQJZSaA4FASVSTSO5Kdw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame FAE4 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706661197765
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.94.213 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip213.ip-147-135-94.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:20 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame FAE4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=MsiWN7xI_BcnakTwlc3RbMx7fSk5pV_DotU8GxV4CQ0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=MsiWN7xI_BcnakTwlc3RbMx7fSk5pV_DotU8GxV4CQ0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706661197765
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EE9W3F16N256DAQW157E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=MsiWN7xI_BcnakTwlc3RbMx7fSk5pV_DotU8GxV4CQ0
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame FAE4 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706661197765
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:25 GMT
content-length
0
/
onetag-sys.com/match/ Frame FAE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIuYcHqi0oyeKVTqReLaYbM&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIuYcHqi0oyeKVTqReLaYbM&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706661197765
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEIuYcHqi0oyeKVTqReLaYbM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame FAE4 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706661197765
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame FAE4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706661197765
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 00:33:21 GMT
server
Kestrel
content-length
233
sync
x.bidswitch.net/ Frame FAE4 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1706661197765
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 9FE5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55622124&p=159745&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9938e1251dfeeaa89b45a270d448be6a910fa17a3081ea4a6487a0f8f7130c3f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 31 Jan 2024 00:33:22 GMT
content-length
1736
content-type
text/html; charset=UTF-8
dcm
s.amazon-adsystem.com/ Frame 6130
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 00:33:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NTQN2PGVBT2YBWVWXGKB

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 31 Jan 2024 00:33:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EJJJ04M84HZGNSJYAP75
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9FE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Nf3GrcGJTUitlLXDTUl_4g%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
23.221.253.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-253-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:22 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=32548
accept-ranges
bytes
content-length
5622
expires
Wed, 31 Jan 2024 09:35:50 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 9FE5
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=35FDC6AD-C189-4D48-AD94-B5C34D497FE2
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=35FDC6AD-C189-4D48-AD94-B5C34D497FE2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ae687f3c-51ce-4d5b-a7e1-53f58f462959%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&ttd_puid=ae687f3c-51ce-4d5b-a7e1-53f58f462959%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&ttd_puid=ae687f3c-51ce-4d5b-a7e1-53f58f462959%2C%2C
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:26 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&ttd_puid=ae687f3c-51ce-4d5b-a7e1-53f58f462959%2C%2C
date
Wed, 31 Jan 2024 00:33:26 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 9FE5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2035FDC6AD-C189-4D48-AD94-B5C34D497FE2&rnd=RND
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 9FE5
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 31 Jan 2024 00:33:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Wed, 31 Jan 2024 00:33:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 9FE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzVGREM2QUQtQzE4OS00RDQ4LUFEOTQtQjVDMzRENDk3RkUy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 12:49:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9FE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJgXZOjubBaAGxGIltffFbc&google_cver=1
42 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJgXZOjubBaAGxGIltffFbc&google_cver=1
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 12:48:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJgXZOjubBaAGxGIltffFbc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9FE5
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DD5465C06D943EC9AC22BC365CFFD62
42 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DD5465C06D943EC9AC22BC365CFFD62
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 00:33:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 31 Jan 2024 00:33:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2DD5465C06D943EC9AC22BC365CFFD62
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 30 Jan 2024 00:33:25 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9FE5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&gdpr=0&gdpr_consent=
42 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&gdpr=0&gdpr_consent=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 00:33:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 00:33:22 GMT
server
Kestrel
content-length
355
35FDC6AD-C189-4D48-AD94-B5C34D497FE2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9FE5 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/35FDC6AD-C189-4D48-AD94-B5C34D497FE2?gdpr=0&gdpr_consent=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.86.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-86-24.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
map
bcp.crwdcntrl.net/6/ 		156 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.39.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-39-178.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
7f6968c3fc0048fc45314d004c0a95deaca8e4788117b8c0b1833148cdc1163f

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nordot.app
cache-control
no-cache
x-server
10.40.12.236
access-control-allow-credentials
true
content-length
156
expires
0
bm9yZG90LmFwcA==
static.solutionshindsight.net/assets/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/assets/bm9yZG90LmFwcA==
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-101.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8065b40879ee291260084a91bef981607f9e66952a6cc4b1eb8828256e5e00c2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront)
date
Wed, 31 Jan 2024 00:33:24 GMT
x-amz-cf-pop
IAD12-P3
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Tue, 26 Sep 2023 19:23:32 GMT
server
AmazonS3
etag
W/"88b0d3b3160ce31b7e0fe95a588e6a29"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
2zlHIUgxS_SNIrQNSJyFJxBGfFCYSNzOC1xgVbL4bxKEDwzFUeldAw==
wp-banners.js
static.solutionshindsight.net/teju-webclient/ 		264 B
600 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/teju-webclient/wp-banners.js
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-101.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:24 GMT
content-encoding
gzip
via
1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 21:23:58 GMT
server
AmazonS3
x-amz-cf-pop
IAD12-P3
x-amz-server-side-encryption
AES256
etag
"bfd90e72f071d7e0a81d7e0bac6ce9a0"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
190
x-amz-cf-id
YXCp3KNns83wY1W2-0QiBYSs-O-EiWVm2swmZtYejKY41r8ss_IEeQ==
_bulk
funes.solutionshindsight.net/events/ 		496 B
634 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://funes.solutionshindsight.net/events/_bulk
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.63.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-63-57.compute-1.amazonaws.com
Software
uvicorn /
Resource Hash
139846ce435dc5f9649c909ef6cd0801b4ad0b61d92dee7f89e62ee014a7021c

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 00:33:23 GMT
access-control-allow-credentials
true
server
uvicorn
content-length
496
content-type
application/json
_bulk
funes.solutionshindsight.net/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://funes.solutionshindsight.net/events/_bulk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.63.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-63-57.compute-1.amazonaws.com
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://nordot.app
access-control-max-age
600
content-length
2
content-type
text/plain; charset=utf-8
date
Wed, 31 Jan 2024 00:33:23 GMT
server
uvicorn
vary
Origin
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B8B4 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
128cffe69bc6370cd531ab722f6f275d8d41e9f01c2b4c3e2659156404efcca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29998
x-xss-protection
0
server
cafe
etag
258 / 19753 / m202401250101 / config-hash: 8161858144323825894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:33:23 GMT
didna_config.js
storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/ Frame B8B4 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/didna_config.js
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f207.1e100.net
Software
UploadServer /
Resource Hash
00d38aba554491252d57c462a721f53b97c9dbc9286600e7d8fce2d334e8dc21

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:23 GMT
x-guploader-uploadid
ABPtcPqx5XyMhYrzcQYpNdoAY205cr9Lu-PSY5HcGKYfaUcWNcK6VNzexwGkmoT6VcolQZZ5qJeqIY5Cxw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10240
last-modified
Wed, 14 Jun 2023 14:54:52 GMT
server
UploadServer
etag
"ee19695c2173bc358d9f4cda83c944ef"
x-goog-generation
1686754492310461
content-type
text/javascript
x-goog-hash
crc32c=HjWiuQ==, md5=7hlpXCFzvDWNn0zag8lE7w==
cache-control
no-store
x-goog-stored-content-length
10240
accept-ranges
bytes
expires
Thu, 30 Jan 2025 00:33:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 19C7 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
33dbac17ba432802e8cb4a642513a257de63b15de3fe565247ec47fd891c20d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30001
x-xss-protection
0
server
cafe
etag
437 / 19753 / 31080756 / config-hash: 8161858144323825894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:33:23 GMT
didna_config.js
storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/ Frame 19C7 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/didna_config.js
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f207.1e100.net
Software
UploadServer /
Resource Hash
00d38aba554491252d57c462a721f53b97c9dbc9286600e7d8fce2d334e8dc21

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:23 GMT
x-guploader-uploadid
ABPtcPoMf_rFCkj-R_ybfbJpGxZtlnLypVX1cu3RMviUFJIatCWpQVrXD-RhdgROVhJZSljR2550H6czJg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10240
last-modified
Wed, 14 Jun 2023 14:54:52 GMT
server
UploadServer
etag
"ee19695c2173bc358d9f4cda83c944ef"
x-goog-generation
1686754492310461
content-type
text/javascript
x-goog-hash
crc32c=HjWiuQ==, md5=7hlpXCFzvDWNn0zag8lE7w==
cache-control
no-store
x-goog-stored-content-length
10240
accept-ranges
bytes
expires
Thu, 30 Jan 2025 00:33:23 GMT
encrypt
esp.rtbhouse.com/ 		221 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
909c929c8a40c985e894f290ea52e73b18027237bfbfcf7a28ef2425c23fdb31

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:23 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
d2cde4db31a4dcdc38cdefe024713fb1
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ Frame B8B4 		436 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 03:05:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
77249
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139565
x-xss-protection
0
server
cafe
etag
12534472742743793976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 29 Jan 2025 03:05:54 GMT
30b31ff2-e815-46cc-bd2d-3f3d0c61d872
https://nordot.app/ Frame B8B4 		154 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://nordot.app/30b31ff2-e815-46cc-bd2d-3f3d0c61d872
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d2f0d368bf03561099df3cb58b8116ba09abd5695497a5b986e8e959d39d443

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
157528
Content-Type
text/javascript
8cf54c6a-4842-461b-87d8-000835ec344b
https://nordot.app/ Frame B8B4 		699 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://nordot.app/8cf54c6a-4842-461b-87d8-000835ec344b
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0f614339a69161df13a533add75a74dd1e349df73359e1f33f2a017009f5477

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
715340
Content-Type
text/javascript
dfd7d64c-4adf-44bf-850e-581b3f3d5991
https://nordot.app/ Frame B8B4 		594 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nordot.app/dfd7d64c-4adf-44bf-850e-581b3f3d5991
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
594
Content-Type
text/javascript
didna-pix.gif
didna.b-cdn.net/ Frame B8B4 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://didna.b-cdn.net/didna-pix.gif?ref_id=2054
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
48c0c0652213b10729997c6c43dcbce4f18f36d011c0ed2dbfd4006808e80569

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:23 GMT
cdn-edgestorageid
925
cdn-storageserver
NY-267
cdn-cachedat
01/31/2024 00:33:23
cdn-pullzone
1025274
content-length
807
last-modified
Fri, 06 Jan 2023 17:03:05 GMT
server
BunnyCDN-ASB1-925
cdn-fileserver
427
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
image/gif
cdn-cache
BYPASS
cdn-uid
296f49c8-4088-4b56-b4a4-a6b6d3fc5d40
cache-control
public, max-age=0
cdn-requestid
18f6640c7d16cb87e27b5d2c3c6183af
accept-ranges
bytes
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
bb8b4701-8ccb-445c-a70b-559fd8f73ed7
https://nordot.app/ Frame 19C7 		154 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://nordot.app/bb8b4701-8ccb-445c-a70b-559fd8f73ed7
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d2f0d368bf03561099df3cb58b8116ba09abd5695497a5b986e8e959d39d443

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
157528
Content-Type
text/javascript
02a54696-34e3-4bf0-b120-260029791edf
https://nordot.app/ Frame 19C7 		699 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://nordot.app/02a54696-34e3-4bf0-b120-260029791edf
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/hindsight/hindsightthiskiji/didna_config.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0f614339a69161df13a533add75a74dd1e349df73359e1f33f2a017009f5477

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
715340
Content-Type
text/javascript
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/ Frame 19C7 		436 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js?cb=31080756
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 12:39:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
42845
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139485
x-xss-protection
0
server
cafe
etag
9760076492862216199
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 29 Jan 2025 12:39:19 GMT
186e2898-c35b-457b-a08c-a9d072f768b3
https://nordot.app/ Frame 19C7 		594 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nordot.app/186e2898-c35b-457b-a08c-a9d072f768b3
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
594
Content-Type
text/javascript
_bulk
funes.solutionshindsight.net/events/ 		521 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://funes.solutionshindsight.net/events/_bulk
Requested by
Host: static.solutionshindsight.net
URL: https://static.solutionshindsight.net/teju-webclient/hindsight-webclient.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.63.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-63-57.compute-1.amazonaws.com
Software
uvicorn /
Resource Hash
103aabbfb76356f57bcf765814ae77eca2d11c9f22cc74327a72db3fb13a0d93

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 00:33:24 GMT
access-control-allow-credentials
true
server
uvicorn
content-length
521
content-type
application/json
PugMaster
image6.pubmatic.com/AdServer/ Frame 9FE5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64501617&p=159745&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
704f0b97c077cd087d128e45a303b4ddb30bedb9a6b918bd34b05894d747a6e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 31 Jan 2024 00:33:23 GMT
content-length
1564
content-type
text/html; charset=UTF-8
_bulk
funes.solutionshindsight.net/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://funes.solutionshindsight.net/events/_bulk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.63.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-63-57.compute-1.amazonaws.com
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://nordot.app
access-control-max-age
600
content-length
2
content-type
text/plain; charset=utf-8
date
Wed, 31 Jan 2024 00:33:24 GMT
server
uvicorn
vary
Origin
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame B8B4 		2 KB
908 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240130
Requested by
Host: nordot.app
URL: blob:https://nordot.app/8cf54c6a-4842-461b-87d8-000835ec344b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49b0decbc87abc0c5fe97f8928eeff5f7bf1735e612edd1fbdfcff12839e5d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 Jan 2024 00:33:24 GMT
x-content-type-options
nosniff
content-encoding
br
age
30756
x-jsd-version
1.0.1951
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
836
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
etag
W/"637-/AnL0uW+hrzqMl9FIchA6lB7jS4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ Frame B8B4 		483 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: nordot.app
URL: blob:https://nordot.app/8cf54c6a-4842-461b-87d8-000835ec344b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:24 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
235114
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3unFWJ8OU%2BpNlhcCsHqrlFurpf%2FzHai0IDnqCYMP0Hb4V7T9sSyx%2Bvstx3xmzQKSqyBBJAazOnHIgy%2B6cCxldu1E%2FEH3%2FRyE811yfdBWEq%2BcmBFmqe5%2FZT%2BdjGaGYw8H"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
84dddcf09bef5497-YYZ
prebid
ib.adnxs.com/ut/v3/ Frame B8B4 		138 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/8cf54c6a-4842-461b-87d8-000835ec344b
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3ffbaf66f00650ea54330dce79f84272a57f69fcff0a52be0cbd64b32d849132
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:24 GMT
an-x-request-uuid
285b75db-1e47-4371-957f-2ae0d7854ff7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
didna-pix.gif
didna.b-cdn.net/ Frame 19C7 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://didna.b-cdn.net/didna-pix.gif?ref_id=2054
Requested by
Host: nordot.app
URL: blob:https://nordot.app/bb8b4701-8ccb-445c-a70b-559fd8f73ed7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
48c0c0652213b10729997c6c43dcbce4f18f36d011c0ed2dbfd4006808e80569

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:24 GMT
cdn-edgestorageid
925
cdn-storageserver
NY-268
cdn-cachedat
01/31/2024 00:33:24
cdn-pullzone
1025274
content-length
807
last-modified
Fri, 06 Jan 2023 17:03:05 GMT
server
BunnyCDN-ASB1-925
cdn-fileserver
427
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
image/gif
cdn-cache
BYPASS
cdn-uid
296f49c8-4088-4b56-b4a4-a6b6d3fc5d40
cache-control
public, max-age=0
cdn-requestid
2a1e21565693d127e4d8da62a1a0a7cd
accept-ranges
bytes
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 19C7 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240130
Requested by
Host: nordot.app
URL: blob:https://nordot.app/02a54696-34e3-4bf0-b120-260029791edf
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49b0decbc87abc0c5fe97f8928eeff5f7bf1735e612edd1fbdfcff12839e5d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 31 Jan 2024 00:33:24 GMT
x-content-type-options
nosniff
content-encoding
br
age
30757
x-jsd-version
1.0.1951
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
836
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4565-YYZ
x-jsd-version-type
version
etag
W/"637-/AnL0uW+hrzqMl9FIchA6lB7jS4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
SPug
simage4.pubmatic.com/AdServer/ Frame 9FE5 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159745&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 12:51:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
hde.tynt.com/deb/ Frame 6B9D
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_pr...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
037283765f853249f1407dc2c5ec21e055055ba2cc33c040f018b93bd706a5c8

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1656
content-type
text/html
date
Wed, 31 Jan 2024 00:33:26 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 31 Jan 2024 00:33:26 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
localstore.js
script.4dex.io/ Frame 19C7 		483 B
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: nordot.app
URL: blob:https://nordot.app/02a54696-34e3-4bf0-b120-260029791edf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:25 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
235115
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrxRh6DUtbIu%2BbX1PYhWXCZvsD0tWxXfvCifb0oiU6hZvMRh5MLY8YJLmgxCTbbJ4GnStDeNc415t%2BxNEhI5qhZHth%2Fge0oPVOrjMeyih%2FBW7IF0Yjs2%2BEcW7RwmXsRE"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
84dddcf478a55497-YYZ
prebid
ib.adnxs.com/ut/v3/ Frame 19C7 		138 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/02a54696-34e3-4bf0-b120-260029791edf
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d7f905c023500e45d51f38d367e40a9d92f99a60eaaff765bb1fa2c7253bf1a4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:25 GMT
an-x-request-uuid
ddd54152-14f5-4f74-b328-f830421c74b5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
0
prebid.a-mo.net/cchain/ Frame 1638 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
9d9d64b2b982e8dda8f9362efc4e2c0c454c6a7b0fd8759cf5d4218fc07874c2

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
673
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 00:33:25 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
setuid
pbs.nextmillmedia.com/ Frame 2EAE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dappnexus%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://cookies.nextmillmedia.com/setuid?bidder=appnexus&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=6245270470711808888
  • https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=6245270470711808888
86 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=6245270470711808888
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Wed, 31 Jan 2024 00:33:25 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:33:25 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=appnexus&uid=6245270470711808888
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame FEAA
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dgrid%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_conse...
  • https://cookies.nextmillmedia.com/setuid?bidder=grid&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
  • https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
86 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Wed, 31 Jan 2024 00:33:25 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:33:25 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=grid&uid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
server
fasthttp
Pug
simage2.pubmatic.com/AdServer/ Frame 8A90
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6245270470711808888&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6245270470711808888&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 12:50:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
fbfe9025-6585-47f5-a0e0-4d949baa41e3
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 00:33:25 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6245270470711808888&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame E6C6
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=58e65b1c-bfd0-11ee-b8d0-b4c1bd5172af
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=58e65b1c-bfd0-11ee-b8d0-b4c1bd5172af
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 30 Jan 2024 23:59:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Wed, 31 Jan 2024 00:33:26 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=58e65b1c-bfd0-11ee-b8d0-b4c1bd5172af
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
setuid
pbs.nextmillmedia.com/ Frame 5569
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFT1cwN0xjeXNBQUJNYjZWVFVldw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEOW07LcysAABMb6VTUew&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4365668101828837717&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AAEOW07LcysAABMb6VTUew&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4365668101828837717%26gdpr%3D0%26gdpr_cons...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D4DCB6B2FADFF46BCA882FC96EED78312%26att%3D1%26pid%3D82%26cb%3Dhttps%...
  • https://sync.technoratimedia.com/services?srv=cs&nuid=4DCB6B2FADFF46BCA882FC96EED78312&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4365668101828837717%26gdp...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4365668101828837717&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://bh.contextweb.com/bh/rtset?ev=AAEOW07LcysAABMb6VTUew&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4365668101828837717%26gdpr%3D0%26bee_sync_pa...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4365668101828837717&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAEOW07LcysAABMb6VTUe...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEOW07LcysAABMb6VTUew&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cookies.nextmillmedia.com/setuid?bidder=pubmatic&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2
  • https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2
0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Wed, 31 Jan 2024 00:33:29 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:33:29 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2
server
fasthttp
insync
thrtle.com/ Frame 9FE5
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=f9292f6c-e8ec-4926-942f-c63f56f756fd
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=f9292f6c-e8ec-4926-942f-c63f56f756fd
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
35.170.24.131 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Wed, 31 Jan 2024 00:33:41 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&vxii_pid=12&vxii_pid1=10067&vxii_rcid=f9292f6c-e8ec-4926-942f-c63f56f756fd
date
Wed, 31 Jan 2024 00:33:41 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 9FE5
Redirect Chain
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent=
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 00:33:26 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Martin
crb.kargo.com/api/v1/dsync/ Frame 9FE5 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.20.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-20-223.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:28 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 9FE5 		0
0
SPug
image4.pubmatic.com/AdServer/ Frame 9FE5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NkdxAkpE2uX6biqWz4kfA5hh5LrkB1k-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NkdxAkpE2uX6biqWz4kfA5hh5LrkB1k-~A&gdpr=0
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 12:50:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NkdxAkpE2uX6biqWz4kfA5hh5LrkB1k-~A&gdpr=0
date
Wed, 31 Jan 2024 00:33:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sn.ashx
pmp.mxptint.net/ Frame 9FE5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3954684e-eacf-4092-98e4-dce92a6fc57b&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_110201AC1_94329522&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Server
38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-389666007; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:26 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-389666007; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 31 Jan 2024 00:33:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 9FE5
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7cb7f12ad90305ea&is_secure=true&networkId=17100&version=1&nuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANBHjHa4yhMANOcohAAAAAAAA&expiration=1706747606&nuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&...
42 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANBHjHa4yhMANOcohAAAAAAAA&expiration=1706747606&nuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 31 Jan 2024 00:33:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:26 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANBHjHa4yhMANOcohAAAAAAAA&expiration=1706747606&nuid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
setuid
pbs.nextmillmedia.com/ Frame 8408
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gppsid={{.GPPSID}}&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26g...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fgpp%3D%257B%257B.GPP%257D%257D%26bidder%3Dix%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://cookies.nextmillmedia.com/setuid?gpp=%7B%7B.GPP%7D%7D&bidder=ix&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=ZbmVVprW8dtWEUcsNNASTgAA%26129
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZbmVVprW8dtWEUcsNNASTgAA&129
0
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZbmVVprW8dtWEUcsNNASTgAA&129
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Wed, 31 Jan 2024 00:33:26 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:33:26 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZbmVVprW8dtWEUcsNNASTgAA&129
server
fasthttp
setuid
pbs.nextmillmedia.com/ Frame EAB5
Redirect Chain
  • https://csync.loopme.me/?pubid=11364&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%...
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=52594fd4-3fc1-48ab-858e-15b5a5afdf80&gdpr_consent=null&gdpr=null
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=52594fd4-3fc1-48ab-858e-15b5a5afdf80
86 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=52594fd4-3fc1-48ab-858e-15b5a5afdf80
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Wed, 31 Jan 2024 00:33:27 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:33:27 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=52594fd4-3fc1-48ab-858e-15b5a5afdf80
server
fasthttp
adagio.js
script.4dex.io/ Frame B8B4 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:26 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
132451
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxPVt03Euu%2FrKhzi3xyNGsFIFqDNvVC%2BufmrkE%2Fi9zpzQwUrnW4NmyV%2B0TFm40z1yEvn9ibNEMpHCOegqEZOvt4qffEYH2T9E%2BJt9kuovBf32ebYaTCkP%2F%2FVpRpBlTqi"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
84dddcf9f8e936b0-YYZ
envelope
lexicon.33across.com/v1/ 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&src=esp&ver=1.4.0
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:25 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
AGSKWxVvBy_2YgzI2rlTvIMtFmWuVEQj5V5OZCxhc7iWdXrFJLEDtIBEegnfsNdgk3dmI3JApht0wlVxVVNFZY4mHtM_uVfws6L8MWSTJwFUxD-Z0ziYJPl3chifzkeNNejBzko9heTJGA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvBy_2YgzI2rlTvIMtFmWuVEQj5V5OZCxhc7iWdXrFJLEDtIBEegnfsNdgk3dmI3JApht0wlVxVVNFZY4mHtM_uVfws6L8MWSTJwFUxD-Z0ziYJPl3chifzkeNNejBzko9heTJGA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RSp_a6vG5TT1kFSBAP4AwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-RSp_a6vG5TT1kFSBAP4AwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib49qqZ2vZBB7MOOoCAMytIGM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://nordot.app
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVvBy_2YgzI2rlTvIMtFmWuVEQj5V5OZCxhc7iWdXrFJLEDtIBEegnfsNdgk3dmI3JApht0wlVxVVNFZY4mHtM_uVfws6L8MWSTJwFUxD-Z0ziYJPl3chifzkeNNejBzko9heTJGA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvBy_2YgzI2rlTvIMtFmWuVEQj5V5OZCxhc7iWdXrFJLEDtIBEegnfsNdgk3dmI3JApht0wlVxVVNFZY4mHtM_uVfws6L8MWSTJwFUxD-Z0ziYJPl3chifzkeNNejBzko9heTJGA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EITzyLDZ-f-KU7LB5C2l7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-EITzyLDZ-f-KU7LB5C2l7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib49qqZ2vZBCa0HXYFAM3pIAk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://nordot.app
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWbZIsE-NRl8dlK2cZfahSknxOjI49bZc1DzptGd0o6hlouxOCIDgGnjDrAarWRQr3IXTgzGhiL3qHoq5kam4FGfb4MySL8DuUuNMV-2ny6H58zNgFWLFbZ2h10MU6tgkSIRbJIig==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWbZIsE-NRl8dlK2cZfahSknxOjI49bZc1DzptGd0o6hlouxOCIDgGnjDrAarWRQr3IXTgzGhiL3qHoq5kam4FGfb4MySL8DuUuNMV-2ny6H58zNgFWLFbZ2h10MU6tgkSIRbJIig==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NjYxMjA2LDExMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ub3Jkb3QuYXBwLzExMDM0NjMzMTMyMzc2MDY0MDAiLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f100.1e100.net
Software
ESF /
Resource Hash
1ec00d2e95e656b87d9f899683f2d4882693662a3a759ec9907ca500e99d4348
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ync2v7duyUZO2Scgx_xzaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ync2v7duyUZO2Scgx_xzaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxzsIQWEYBuDjyyeXkkyYDTKxmU0GBqUoMinJciZZmNgN8v-DLDbCYjAYbURSJAaLc5AsLguDd3iGxzoz-K0eJeLzKKvwkXaw9p5pDxVFozqckhpdIODTKQRqUacyGH4XssDjdSXH-0ou8MPDfaMPTKIR4z0p2J4SPFcFb8BUxiFbFayCfSg4OBI8XgieQkYXnIMuS-5DMy65DbW05BaE85IT8CxI_kLpsOQqOG3mbU8bmByNTjf2BxkRV_4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
setuid
pbs.nextmillmedia.com/ Frame 0899
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D...
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=c0914260-4668-43ee-ae5d-85013b972f91
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=c0914260-4668-43ee-ae5d-85013b972f91
0
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=c0914260-4668-43ee-ae5d-85013b972f91
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Wed, 31 Jan 2024 00:33:26 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:33:26 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=c0914260-4668-43ee-ae5d-85013b972f91
server
fasthttp
Pug
simage2.pubmatic.com/AdServer/ Frame D9DF
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%...
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7948812739667623049&gdpr=&gdpr_consent=&us_privacy=
1 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7948812739667623049&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 00:33:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Wed, 31 Jan 2024 00:33:29 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7948812739667623049&gdpr=&gdpr_consent=&us_privacy=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 6C30
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east&nmuid=
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jan 2024 00:33:26 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 31 Jan 2024 00:33:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
server
AkamaiGHost
adagio.js
script.4dex.io/ Frame 19C7 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:26 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
132451
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pcy5OjXSkmtY1My%2F4aPTQbpgBQHHzTqBSMlhqVk4QgIBNH5lwTK4JqeL1IiNmV6a31R1gpdlrAzbDR5f6nJCqmWpVSZ8APkOOXbRezrV6WccN7DYxnhlhhqsICzHZ7fX"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
84dddcfb0a5036b0-YYZ
cframe.js
assets.a-mo.net/js/ Frame 1638 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.158.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a79e82fb537b0621dd3cad7ccff489e28d71450ae91ee4e27b85c5e0f0fd26d9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:26 GMT
via
1.1 3340b5a392e45fce453c4d978abfd6be.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
YTO50-P2
age
108
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 25 Jan 2024 17:28:00 GMT
server
cloudflare
etag
W/"d458c9c4d04e49d089648ee8a1473ba4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
84dddcfd7c74a222-YYZ
x-amz-cf-id
44vGwfuUW7c9osz2FCvBqoNvRE2FCsiFKkHWHAjQ7iOozG58NQRJKw==
expires
Wed, 31 Jan 2024 01:33:26 GMT
pixel
ap.lijit.com/ Frame 172E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dsovrn%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.1.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-1-24.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Wed, 31 Jan 2024 00:33:26 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame BE93 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxoqNT5W5ZY3aKeiho9kPqaCmqA7FmpHNddqCur6cEuSCu_uaAhABIICfvytg_YiUgegDoAHp_fXPA8gBCeACAKgDAcgDCqoErwJP0GM4ELmA7_1M93NJHUy5fG_-dQ_biex7N2dV5Cpefkj2oALLDmurqtQHTRmKNN_uRSMuRXis5YyWx-bwhSDBQakGyPPpbJ5YDqfOgCrYm_4Vto-JtPz936JaSpe2HtK8GCRuHg_AWTMjTRwVgJ3Ig2s_xjR5sUz6YOsKAZSbmS2Nm1WnoHEltf_dwMxygaMYqNjnMRVXkLFksJjwAUNkeFN5u6rakjRegmHto59d70CxEGyjluWJ57PMuMb8eUWmy2FDljX3qafFRGLJpnt31ByjYyHTH3y9CWnyt-zUWu6ImmAMVox45u5ftbfRv80Md34ps0MIXUB02GN84_MpNwGPkTwDzQGewDYywRvwpvMKCEba8ZhcWgYuYQI1Ktpp4SGXVuxx0OUzfV_dovnABLDwwbLYBOAEAYgFsqm76UySBQQIBBgBkgUECAUYBKAGLoAHzuiN6wOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCg9AvSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WJf4urSwhoQDmgk6aHR0cHM6Ly9jb21tb25zZWFyY2hlcy5uZXQvaW5kZXgucGhwP3JnaWQ9ODgzOTQ4JnN1Yj1nY2xpZIAKAcgLAdoMEQoLEIDK5_zZz6v90wESAgED4g0TCOuqu7SwhoQDFejQKAUdKZAJ5dgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi00MzA3NTM1ODU4MTEwMjgyGOCaIQ&sigh=jcvYBErHWlg&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_i4w-5wyzeU6EN8mvF4Icm4bo2SNz-lIq15dFi2v49pJ4uUQwysDR2oynxh_Uqh3UTTows9DEydWF0_PpIjR0bbp4DFqjHXWk-kEYAQ&template_id=5000&cbvp=2
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ Frame B8B4 		521 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=302381402557652&correlator=4262619455262361&eid=31079956%2C44807746&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=126379976%2Cdesktop%2Cad_inline_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=1&didk=3248443648&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D92894da90665411c%3AT%3D1706661199%3ART%3D1706661199%3AS%3DALNI_MZF0Dmg_X5WcwdluVFl0mSTM0h2XA&gpic=UID%3D00000dbc3c24cc40%3AT%3D1706661199%3ART%3D1706661199%3AS%3DALNI_MZFnXc9xiVWCEAINDdbGvv2L6GuRQ&abxe=1&dt=1706661206391&lmt=1706661206&adxs=484&adys=1049&biw=1600&bih=1200&isw=640&ish=300&scr_x=0&scr_y=0&btvi=0&ucis=wgytdb87vqcf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&ref=https%3A%2F%2Fnordot.app%2F1103463313237606400&top=https%3A%2F%2Fnordot.app%2F1103463313237606400&vis=1&psz=640x250&msz=300x-1&fws=260&ohw=640&ga_vid=1248644314.1706661206&ga_sid=1706661206&ga_hid=553721929&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYgOm859UxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNlMDdmNDYzLTZhZGUtNDJkNy05OGQ2LWZkODVkM2M1YzNjYxip6bzn1TFIABIdCg5lc3AuY3JpdGVvLmNvbRj_6Lzn1TFIAFICCGQSwgEKCHJ0YmhvdXNlEqwBOSsvMDVNSTlyY2czRXRIa21pU2ZwLzNRa3NQSkhQUTBTb1dhcGhXQ29rLzN3TGVzVjhQU2V6cEc4NkE4Z3dXaTdneWFzcTlUS1puUU9tZG9PRjZhUzB4QnhhK0ZYQ2VaVTlWTFRrdFkyeVJhMmQ3WUdlSDdYMFMwZmxrV3cvUTVmdVNzeFhoQkl2UWhXLzFORXBnc1g0MDBpUzZhb2krNG84Sm42WkJQVEpJPRjNp73n1TFIABIUCgVvcGVueBiolL3n1TFIAFICCG8SGQoKdWlkYXBpLmNvbRiA6bzn1TFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGP_ovOfVMUgAUgIIZA..&dlt=1706661203335&idt=1276&prev_scp=adLocation%3Datf%26didnaRef%3Drectangle_hs_1%26didna_vis%3Dtrue%26didna_refr%3Dfalse%26refresh-iteration%3D0&cust_params=pub%3Dglobal%26path%3D%252F%26expID%3D000001&adks=2564578357&frm=23&eo_id_str=ID%3D0cb9b18b8705afe1%3AT%3D1706661199%3ART%3D1706661199%3AS%3DAA-AfjbnzNfqmWrhS7NpHMZix5_m
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
ca4d1ee7717bf8e9b2c7254fd311e040350782a964c20db52f087f8282682ece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B8B4 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
a2af9b81597828d0fff527e26f6deb2f50db4a6d015f7fba9b4c286c83116561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12201
x-xss-protection
0
container.html
a121ff75dd5b77ef27f5c07ae6a4c23a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 03B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a121ff75dd5b77ef27f5c07ae6a4c23a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:33:26 GMT
expires
Thu, 30 Jan 2025 00:33:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
getuid
eb2.3lift.com/ Frame 6397 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
date
Wed, 31 Jan 2024 00:33:26 GMT
setuid
pbs.nextmillmedia.com/ Frame D14C
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dyieldmo%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://cookies.nextmillmedia.com/setuid?bidder=yieldmo&nmuid=&uid=VEDQE33vvQ3z7lCRlV8E&gdpr=&gdpr_consent=&us_privacy=
  • https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEDQE33vvQ3z7lCRlV8E
86 B
701 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEDQE33vvQ3z7lCRlV8E
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Wed, 31 Jan 2024 00:33:26 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:33:26 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=yieldmo&uid=VEDQE33vvQ3z7lCRlV8E
server
fasthttp
AGSKWxUsKkVyIN8KFyU9BbN64iDORDph_82tZupcGPRZbbVqA4Z3yL87SP91f7PqYIkT_dx0KV-jGwde8yxWXRFJgU82YjW2W1uucoyU1BJICqBhkjfHrd-wFZoCuYKNdy1yXmSj9XVa3Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUsKkVyIN8KFyU9BbN64iDORDph_82tZupcGPRZbbVqA4Z3yL87SP91f7PqYIkT_dx0KV-jGwde8yxWXRFJgU82YjW2W1uucoyU1BJICqBhkjfHrd-wFZoCuYKNdy1yXmSj9XVa3Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ApETPIKls0ilIv5NHnxx_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-ApETPIKls0ilIv5NHnxx_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH49qqZ2vZBD5sPNzLBADurSDX"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame AC77 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
508ec1418d9498ff28d313b9972402037e837ceca5c372c672099a23dbdb764d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 17:22:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60522
Connection
keep-alive
Content-Length
10919
Expires
Wed, 31 Jan 2024 17:22:08 GMT
usync.js
eus.rubiconproject.com/ Frame 6C30 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
508ec1418d9498ff28d313b9972402037e837ceca5c372c672099a23dbdb764d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east&nmuid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 17:22:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60522
Connection
keep-alive
Content-Length
10919
Expires
Wed, 31 Jan 2024 17:22:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B8B4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Jan 2024 00:33:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8D9F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
77032
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 03:09:34 GMT
expires
Wed, 29 Jan 2025 03:09:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FF24 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f99.1e100.net
Software
GSE /
Resource Hash
051a084c42fd7a14a0a2a3ed385ba18f8c4b05007b46ba4be54e0a5d92b8d64e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cl8C6pb0v63Hyu_gsvA3Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-cl8C6pb0v63Hyu_gsvA3Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:33:26 GMT
expires
Wed, 31 Jan 2024 00:33:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.html
eus.rubiconproject.com/ Frame F0E5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jan 2024 00:33:27 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 31 Jan 2024 00:33:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
setuid
pbs.nextmillmedia.com/ Frame 6B9D
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1706661206997.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%...
  • https://cookies.nextmillmedia.com/setuid?bidder=33across&nmuid=&gdpr=&gdpr_consent=&us_privacy=&uid=212336988706950
  • https://pbs.nextmillmedia.com/setuid?bidder=33across&uid=212336988706950
0
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=33across&uid=212336988706950
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Wed, 31 Jan 2024 00:33:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://pbs.nextmillmedia.com/setuid?bidder=33across&uid=212336988706950
date
Wed, 31 Jan 2024 00:33:27 GMT
server
fasthttp
content-length
0
match
events-ssc.33across.com/ Frame 6B9D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=the33across&bsw_param=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&google_hm=ZWJmMmIyN2QtYTEwMi00ZDY4LWJkNzMtYmJkMmMyMDM2...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEB9_TcrEaagP3XfkMGBpoSY&google_cver=1&ssp=the33across&bsw_param=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&gdpr_consent=
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:26 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 6B9D
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1706661206997.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=c85765b9-9551-4700-82d0-3a50a75cd423
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=c85765b9-9551-4700-82d0-3a50a75cd423
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 31 Jan 2024 00:33:27 GMT
Server
MT3 1451 1934b03 master ord ord-pixel-x50 config_version:"1906"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=c85765b9-9551-4700-82d0-3a50a75cd423
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 31 Jan 2024 00:33:26 GMT
match
events-ssc.33across.com/ Frame 6B9D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-hUmjuORE2uGXMaigGpwwZtKjWuN4ZV3i~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-hUmjuORE2uGXMaigGpwwZtKjWuN4ZV3i%7EA&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-hUmjuORE2uGXMaigGpwwZtKjWuN4ZV3i%7EA&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:26 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-hUmjuORE2uGXMaigGpwwZtKjWuN4ZV3i%7EA&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 6B9D
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=328c4ad34d2923dd&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMvcXVnmw8LwNOs6_AAAAAAAA&expiration=1706747607&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMvcXVnmw8LwNOs6_AAAAAAAA&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMvcXVnmw8LwNOs6_AAAAAAAA&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:27 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMvcXVnmw8LwNOs6_AAAAAAAA&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 6B9D
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=1334555656355575701643
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1334555656355575701643&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1334555656355575701643&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:26 GMT
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1334555656355575701643&ts=1706661207&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FF24 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401250101&jk=302381402557652&rc=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
getuid
prebid.a-mo.net/ Frame 1638 		51 B
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/getuid
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
500a62fe6da2bd1699283b0b3fff6e642249bffef5bb2ef9d8cbea3ddf51df39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:26 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
content-encoding
gzip
server
envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 8D9F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 11:56:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
304622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Jan 2025 11:56:25 GMT
increment
id5-sync.com/api/esp/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
idl.js
assets.a-mo.net/js/ Frame 1638 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=nordot.app&e=27&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.158.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
via
1.1 7293b56f3a0eb541aadcbcaa0146d528.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
YTO50-P2
age
374
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 02 Nov 2023 21:08:31 GMT
server
cloudflare
etag
W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
84dddd015938a222-YYZ
x-amz-cf-id
GWFhqBBURBEsY4_tzL5TjdOyRZYudB3PZf9jCJhkmBzujkK1V2xZDA==
expires
Wed, 31 Jan 2024 01:33:27 GMT
sync
id.a-mx.com/ Frame 1638 		66 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync?tao=1&&gdpr=0&gpp=%7B%7B.GPP%7D%7D&gpp_sid=%7B%7B.GPPSID%7D%7D&do=nordot.app
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.242.59 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
/
Resource Hash
c0bbc4391cda92fca886c44524c83f63a82c79c3ed057316149de123ec5b7b88

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://prebid.a-mo.net
date
Wed, 31 Jan 2024 00:33:27 GMT
access-control-allow-credentials
true
Timing-Allow-Origin
https://prebid.a-mo.net
content-length
66
content-type
application/json
usync.html
eus.rubiconproject.com/ Frame BC52
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://prebid.a-mo.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jan 2024 00:33:27 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 31 Jan 2024 00:33:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
server
AkamaiGHost
setuid
pbs.nextmillmedia.com/ Frame 1638
Redirect Chain
  • https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&gdpr=0&gpp=%7B%7B.GPP%7D%7D&gpp_sid=%7B%7B.GPPSID%7D%7D&do=nordot.app
  • https://pbs.nextmillmedia.com/setuid?bidder=amx&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c
0
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=amx&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Wed, 31 Jan 2024 00:33:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://pbs.nextmillmedia.com/setuid?bidder=amx&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c
date
Wed, 31 Jan 2024 00:33:27 GMT
server
fasthttp
content-length
0
bidswitch
sync-dmp.mobtrakk.com/match/ Frame 1638
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=%7B%7B.GPPSID%7D%7D
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=adaptmx&bsw=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
0
0
yahoo
prebid.a-mo.net/setuid/ Frame 1638
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-26_gTNZE2uFbSJY.Qihuj88VqxztdFEwwSTGqZQ-~A
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-26_gTNZE2uFbSJY.Qihuj88VqxztdFEwwSTGqZQ-~A
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-26_gTNZE2uFbSJY.Qihuj88VqxztdFEwwSTGqZQ-~A
date
Wed, 31 Jan 2024 00:33:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.a-mo.net/ Frame 1638
Redirect Chain
  • https://id.a-mx.com/u?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=%7B%7B.GPPSID%7D%7D&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dd7d3ec20-4010-4ed0-89ff-d56e7813b25c%26bidder%3Damx_com%26uid%3D
  • https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=amx_com&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=amx_com&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:26 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=amx_com&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c
date
Wed, 31 Jan 2024 00:33:27 GMT
content-length
0
setuid
sync.a-mo.net/ Frame 1638
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dd7d3ec20-4010-4ed0-89ff-d56e7813b25c%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=openx&uid=c0914260-4668-43ee-ae5d-85013b972f91
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=openx&uid=c0914260-4668-43ee-ae5d-85013b972f91
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:27 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=openx&uid=c0914260-4668-43ee-ae5d-85013b972f91
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152
cookie
cm.adform.net/ Frame 1638 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=%7B%7B.GPPSID%7D%7D&redirect_url=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dd7d3ec20-4010-4ed0-89ff-d56e7813b25c%26bidder%3Dadform%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
sync.a-mo.net/ Frame 1638
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252F...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dd7d3ec20-4010-4ed0-89ff-d56e7813b25c%26bidder%3Dpubmatic%26uid%3D35FDC6AD-C189-4D48-AD9...
  • https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=pubmatic&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=pubmatic&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=pubmatic&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2
date
Tue, 30 Jan 2024 12:51:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
sync.a-mo.net/ Frame 1638
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dd7d3ec20-4010-4ed0-89ff-d56e7813b25c%26bidder%3Dindex_rtb%26uid%3D
  • https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=index_rtb&uid=ZbmVVprW8dtWEUcsNNASTgAA%26129
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=index_rtb&uid=ZbmVVprW8dtWEUcsNNASTgAA%26129
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:26 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUTBJFMzrSNFUDioDC4ERbNHAXP1d1SJFzPezuhXbB9AVWseWeKyLoMIQWXIBanrXHtgdvFuu07JxxEZ3TDiRb84g3U79y4cUEf9iX0cnECuu0l%2B4VckGcLnAuf9%2FiDlz23yFoSI"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=index_rtb&uid=ZbmVVprW8dtWEUcsNNASTgAA%26129
cache-control
no-cache
cf-ray
84dddd016c5136b3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
ap.lijit.com/ Frame 1638 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=%7B%7B.GPPSID%7D%7D&redir=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dd7d3ec20-4010-4ed0-89ff-d56e7813b25c%26bidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.1.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-1-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 00:33:27 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
setuid
sync.a-mo.net/ Frame 1638
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dd7d3ec20-4010-4ed0-89ff-d56e7813b25c%26bidder%3Dappnexus%26uid%3D%24UID
  • https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=appnexus&uid=6245270470711808888
0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=appnexus&uid=6245270470711808888
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:27 GMT
an-x-request-uuid
c7998fbb-dddd-4d5b-981d-07f6711ff8a2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.a-mo.net/setuid?A=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&bidder=appnexus&uid=6245270470711808888
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 1638 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&gdpr=0&gpp=&gpp_sid=&do=nordot.app
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.105 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:28 GMT
content-length
0
content-type
text/html
setuid
ib.adnxs.com/prebid/ Frame 1638 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c&gdpr=0&gpp=&gpp_sid=&do=nordot.app
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:27 GMT
an-x-request-uuid
fd6fcc8c-e804-48bd-9d4b-c9508780f6ca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame F0E5 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
508ec1418d9498ff28d313b9972402037e837ceca5c372c672099a23dbdb764d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 17:22:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60521
Connection
keep-alive
Content-Length
10919
Expires
Wed, 31 Jan 2024 17:22:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BE93 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNApxWXmBLGF67KmaxpUDoeSwrl2kNrD_EpoxAJYlBsT3j1utQ9-blR_wscqiRW1gQtPJllM80ZyQ0-PRL8XD5Zav9EHT3-AGcLnrJdomJaJk_Rq7IWBsO9_5pQtzir_DUiSWsJLRnQxf6N5LIKhOi8HA5&sai=AMfl-YQnmzw5CrOOHKIBuDYRu2A63Mfcb7o2YgPmxgI7MY9pk3vCGVbg0nxXO2S5MGu3MrZu4KD2pJihj3auKg9hIPPoFd2gJg5lglQ4ivywZrwf-ZFjfwHxw2h_sAZwtzAa4b799HXJ4r28Z_lMfWoa1A&sig=Cg0ArKJSzKJ1tpee7OP7EAE&cid=CAQSTwAvHhf_i4w-5wyzeU6EN8mvF4Icm4bo2SNz-lIq15dFi2v49pJ4uUQwysDR2oynxh_Uqh3UTTows9DEydWF0_PpIjR0bbp4DFqjHXWk-kEYAQ&id=ampim&o=316,115&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1041&mtos=0,0,0,1041,1041&tos=0,0,0,1041,0&tfs=6201&tls=7242&g=100&h=100&tt=7242&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame BC52 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-177-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
508ec1418d9498ff28d313b9972402037e837ceca5c372c672099a23dbdb764d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jan 2024 17:22:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60521
Connection
keep-alive
Content-Length
10919
Expires
Wed, 31 Jan 2024 17:22:08 GMT
df5e0b1b-9cd4-4bd6-8a47-0d87bb3e1b47
https://prebid.a-mo.net/ Frame 1638 		171 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://prebid.a-mo.net/df5e0b1b-9cd4-4bd6-8a47-0d87bb3e1b47
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff94340efca752d7021f668b54338b193df6f425ba6f914b786bf4b3018750c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
171
Content-Type
rum
id.rtb.mx/ Frame 1638 		0
158 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://id.rtb.mx/rum?uid=273d39e2-9b1d-4360-a13c-3a5744d12064&gdpr=0&gpp=%7B%7B.GPP%7D%7D&gpp_sid=%7B%7B.GPPSID%7D%7D&do=nordot.app
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.242.59 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prebid.a-mo.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://prebid.a-mo.net
date
Wed, 31 Jan 2024 00:33:28 GMT
access-control-allow-credentials
true
khaos.json
token.rubiconproject.com/ Frame AC77 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
Expires
0
khaos.json
token.rubiconproject.com/ Frame 6C30 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
fed
ups.analytics.yahoo.com/ups/58771/ Frame 1638 		316 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=nordot.app&e=27&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
ae8f033ec543c8821c3918fc4d65de5ca9124ac9f3ffb3bde767a049ba8ee67d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://prebid.a-mo.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://prebid.a-mo.net
content-type
application/json
access-control-allow-credentials
true
SPug
simage4.pubmatic.com/AdServer/ Frame 9FE5 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159745&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generate_204
tpc.googlesyndication.com/ Frame 8D9F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?GXCcnQ
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
pbs.nextmillmedia.com/ Frame 6C30
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17888&nmuid=&khaos=LS120EQR-R-BSOS
  • https://cookies.nextmillmedia.com/setuid?bidder=rubicon&uid=LS120EQR-R-BSOS&nmuid=
  • https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LS120EQR-R-BSOS
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LS120EQR-R-BSOS
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 31 Jan 2024 00:33:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LS120EQR-R-BSOS
date
Wed, 31 Jan 2024 00:33:28 GMT
server
fasthttp
content-length
0
khaos.json
token.rubiconproject.com/ Frame F0E5 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LS120EQR-R-BSOS
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f84b118a3f01dd6ffa744f6af941f4e8
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame AC77 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6JXJM2BR2Y5NYJ48M69Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AC77
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFMxMjBFUVItUi1CU09T
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIovY4mUyeCzctffAMQtons&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxMjBFUVItUi1CU09T&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxMjBFUVItUi1CU09T&google_push=
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxMjBFUVItUi1CU09T&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
ecm3
s.amazon-adsystem.com/ Frame AC77
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=L39gKNaiTqK5MHkulYvOwA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=L39gKNaiTqK5MHkulYvOwA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=L39gKNaiTqK5MHkulYvOwA
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3YP0GCSWWGEF7FRX5TAG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=L39gKNaiTqK5MHkulYvOwA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AC77
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/R8A3mWR-Mf50F_h_Q3qu2A?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FvCCY1RE2oLCuUZqQCBwGOpiH5IhXu4vRXHUIQ--~A
42 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FvCCY1RE2oLCuUZqQCBwGOpiH5IhXu4vRXHUIQ--~A
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 31 Jan 2024 00:33:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FvCCY1RE2oLCuUZqQCBwGOpiH5IhXu4vRXHUIQ--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame AC77
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODYyMGFlYWE0ZjllYmExMDFmNzcyMjU3MGQ5ZDFkZGUxMjY4ZThhZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODYyMGFlYWE0ZjllYmExMDFmNzcyMjU3MGQ5ZDFkZGUxMjY4ZThhZA
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODYyMGFlYWE0ZjllYmExMDFmNzcyMjU3MGQ5ZDFkZGUxMjY4ZThhZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AC77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmjasshinjow952ulPc-FI&google_cver=1
42 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmjasshinjow952ulPc-FI&google_cver=1
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKmjasshinjow952ulPc-FI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame AC77
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LS120EQR-R-BSOS&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LS120EQR-R-BSOS&ex=d-rubiconproject.com&status=ok
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P4K4J75EYYF78ZANPPZA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LS120EQR-R-BSOS&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
Expires
0
setuid
px.ads.linkedin.com/ Frame AC77
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS120EQR-R-BSOS
0
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS120EQR-R-BSOS
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9E215C4A864047B39A6591F3641C0AB1 Ref B: YTO01EDGE0814 Ref C: 2024-01-31T00:33:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYQMwcSLaIOuHGtvaz28g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LS120EQR-R-BSOS
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AC77
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&gdpr=0&gdpr_consent=&expires=30
42 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&gdpr=0&gdpr_consent=&expires=30
date
Wed, 31 Jan 2024 00:33:28 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame AC77
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEOW07LcysAABMb6VTUew&expires=30
42 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEOW07LcysAABMb6VTUew&expires=30
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEOW07LcysAABMb6VTUew&expires=30
Date
Wed, 31 Jan 2024 00:33:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/ Frame AC77
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LS120EQR-R-BSOS
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LS120EQR-R-BSOS
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LS120EQR-R-BSOS
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Expires
0
cksync
hb.yahoo.net/ Frame AC77
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LS120EQR-R-BSOS&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LS120EQR-R-BSOS&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1VRHV4azAxRTJ1RWw2TmxqYzllRUNWT0p6cXVGN21ldX5B&ovsid=LS120EQR-R-BSOS&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1VRHV4azAxRTJ1RWw2TmxqYzllRUNWT0p6cXVGN21ldX5B&ovsid=LS120EQR-R-BSOS&dpid=58160
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
23.55.60.16 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-60-16.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 31 Jan 2024 00:33:29 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Wed, 31 Jan 2024 00:33:29 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1VRHV4azAxRTJ1RWw2TmxqYzllRUNWT0p6cXVGN21ldX5B&ovsid=LS120EQR-R-BSOS&dpid=58160
date
Wed, 31 Jan 2024 00:33:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame AC77
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3954684e-eacf-4092-98e4-dce92a6fc57b&expires=30
42 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3954684e-eacf-4092-98e4-dce92a6fc57b&expires=30
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3954684e-eacf-4092-98e4-dce92a6fc57b&expires=30
Date
Wed, 31 Jan 2024 00:33:28 GMT
Connection
keep-alive
X-CI-RTID
cc302926-d53b-4ade-871a-7d87568eeb26
Content-Length
144
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame AC77
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS120EQR-R-BSOS
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS120EQR-R-BSOS
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:28 GMT
an-x-request-uuid
e271c6b5-9763-4280-b485-18d4ca713367
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LS120EQR-R-BSOS
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame AC77
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LS120EQR-R-BSOS
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS120EQR-R-BSOS
43 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS120EQR-R-BSOS
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
3.162.3.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-125.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:29 GMT
via
1.1 2080aae7ace369c71819923852e1b17e.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
dj6D8ZnouB9Y9m2_qVAb_bs317iBayc4viwu1EjmSJzEl5Fkewi4SQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:28 GMT
via
1.1 905aa3bc80ce385e5945d99189fc1eac.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
YUL62-P1
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LS120EQR-R-BSOS
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
y_zbJEsf8WS-cYZbnShLnE_Lt5zkDeTVCo9Eo6KFUgKgsLRjNi1O7Q==
v1
match.sharethrough.com/sync/ Frame AC77
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS120EQR-R-BSOS
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS120EQR-R-BSOS
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Server
34.230.167.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-167-23.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:30 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LS120EQR-R-BSOS
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
match
events-ssc.33across.com/ Frame F0E5
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LS120EQR-R-BSOS
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LS120EQR-R-BSOS
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LS120EQR-R-BSOS&ts=1706661208&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LS120EQR-R-BSOS&ts=1706661208&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:28 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:27 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LS120EQR-R-BSOS&ts=1706661208&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
khaos.json
token.rubiconproject.com/ Frame BC52 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LS120EQR-R-BSOS
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame BC52
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&khaos=LS120EQR-R-BSOS
  • https://prebid.a-mo.net/setuid/magnite?uid=LS120EQR-R-BSOS
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LS120EQR-R-BSOS
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?type=iframe
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:28 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LS120EQR-R-BSOS
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B8B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401250101&jk=302381402557652&bg=!cHOlczzNAAa8BdJLnAU7ADQBe5WfOPU9Tpudpf0Z6h0dDLer4fQmxZVRWrW_iAiyG-9c3qW4ASoEn9O5G_frGh8wU4IUAgAAApJSAAAAEmgBBwoALcdmYnUH4UqN8EXRVM6NeRgiUF_wB37hXMPcwKE8e6DBiBRYoxUDUkhcdfTyBJkCpatQsmohDddzpliKfxJxHCuhWMKVoVXBBWg-P3mCLRO8IuJh9_PrJ1rkPWXJe_pChg8AABdDlsKWL1c8cTrOw3vUJ1EzDHO9hA1R5Qumq6xw8Wt5T0fJP73eTF2p04yY409t6U0rGW67EWhKvY2naYDiMbVM7Dr6fPw8m8cv-EivsyU4_7GtoV1v30ZTjq3fZWUe-tmxm1bBpoitb02BoiN87-kVlkK1AvwLxONyyCjqAJIZO7jeU-ZcrVMpWoeXPfE6Kg3IqnyrmZBqeKBiMAOlSDL4A0fOeG0HWWTGD-P-_bsBMBtnPeXCgDMMWPCUKH_H2SkaZD_hskb6Dr5CnKmXOsZ_bUX_xqeY6rrZbm9a1-01KR1aq2YVMcECYbzaGh_ZjjfnDkUTmKlPq4g1Rybp3Kn1YOtyk1IwyvDuffVVa9UpST_tXQy_DAkZKfzeDWXsZ75eXRBncTJTJjLQovN_wu_s_nd9hPIjUkRiMJd82WzWiSWrsRoIcVkBcp7LpIyQJrbJ0IkkQ_wkVkF9tPesy_DK8aQPu56ZQ0rHCVK-mp7wU3PGppKwqykaEWS13_fsrtwMIhMJvPNJNhTbFYsIcmgwheNHiuI9rLM01OXgQjCwEeVq8wD3fcBtcTnO5n86rXl8CSoG4Gb7StUTG_v8jQa3TwI3Ipu8t37p1CYY_oQNZTho7xCanD9bbXX7r50pClIBTCFraB6JCyAi9drdLF9HgWM51yeNsPKLoVznp1x2xKxuml86499Vbmp4BwjHOoBg6-DHA_8bP7F9tfdyd4qhnJvRscFONchJwNOYBHLuMFQqnGHJwCMiNwkXCQE9hr8T4WNqyQLkYMuwOTi1w3UrFQW_9yjoxBzyiZn1xsk92np3VzPJswoLAPxhOURrBnXQ
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&bundle=P5pW_F9EblIlMkZTazNaU0hEa1J5d0lHVHElMkZCaTdwN0FBSyUyRnVwTGhYQjc4N1ElMkJjSlZ5NlcwRUxzVWtHSHRxZ3J0T3JQSmhKRkUlMkZyeGJyallhazNlQyUyQnVUU0FJQ0E4TzJqUHI0ODlHa0RWWVpUVzVUZEt5VEMlMkZQcWNWbFhmbTAxU3VNd2x0&cw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 31 Jan 2024 00:33:28 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
228749
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame B8B4 		42 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/8cf54c6a-4842-461b-87d8-000835ec344b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:29 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
json
gum.criteo.com/sid/ Frame B8B4 		365 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&bundle=P5pW_F9EblIlMkZTazNaU0hEa1J5d0lHVHElMkZCaTdwN0FBSyUyRnVwTGhYQjc4N1ElMkJjSlZ5NlcwRUxzVWtHSHRxZ3J0T3JQSmhKRkUlMkZyeGJyallhazNlQyUyQnVUU0FJQ0E4TzJqUHI0ODlHa0RWWVpUVzVUZEt5VEMlMkZQcWNWbFhmbTAxU3VNd2x0&cw=1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/8cf54c6a-4842-461b-87d8-000835ec344b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5414a3616f7620f3a2c3fe5748630b77b654096e78d4b7e8d998bd15b63f448b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
873662
expires
0
prebid
id5-sync.com/api/config/ Frame B8B4 		135 B
410 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/8cf54c6a-4842-461b-87d8-000835ec344b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f509537a941a4046b1f076ab2441d1ea6bf21b3d2a0122faea116e1d609fbfaa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame CAA7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: nordot.app
URL: blob:https://nordot.app/8cf54c6a-4842-461b-87d8-000835ec344b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.252.246 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-252-246.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 31 Jan 2024 00:33:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 01 Feb 2024 00:33:31 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ Frame B8B4 		33 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/8cf54c6a-4842-461b-87d8-000835ec344b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
62930f88e12fa8085ce4bb62144a756767b2c9f817d4fcd40181b6c9bca29fbf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
lexicon.33across.com/v1/ Frame 19C7 		42 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=8.21.0&coppa=0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/02a54696-34e3-4bf0-b120-260029791edf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:29 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
json
gum.criteo.com/sid/ Frame 19C7 		362 B
663 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&bundle=P5pW_F9EblIlMkZTazNaU0hEa1J5d0lHVHElMkZCaTdwN0FBSyUyRnVwTGhYQjc4N1ElMkJjSlZ5NlcwRUxzVWtHSHRxZ3J0T3JQSmhKRkUlMkZyeGJyallhazNlQyUyQnVUU0FJQ0E4TzJqUHI0ODlHa0RWWVpUVzVUZEt5VEMlMkZQcWNWbFhmbTAxU3VNd2x0&cw=1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/02a54696-34e3-4bf0-b120-260029791edf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
43ca2ad362daac70294e80333e8c6c0f118f03e58a24e82d0a85a11c46a44fcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
761927
expires
0
prebid
id5-sync.com/api/config/ Frame 19C7 		135 B
410 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/02a54696-34e3-4bf0-b120-260029791edf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f509537a941a4046b1f076ab2441d1ea6bf21b3d2a0122faea116e1d609fbfaa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnordot.app%2F&domain=nordot.app&bundle=P5pW_F9EblIlMkZTazNaU0hEa1J5d0lHVHElMkZCaTdwN0FBSyUyRnVwTGhYQjc4N1ElMkJjSlZ5NlcwRUxzVWtHSHRxZ3J0T3JQSmhKRkUlMkZyeGJyallhazNlQyUyQnVUU0FJQ0E4TzJqUHI0ODlHa0RWWVpUVzVUZEt5VEMlMkZQcWNWbFhmbTAxU3VNd2x0&cw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 31 Jan 2024 00:33:29 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
403897
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame B14D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: nordot.app
URL: blob:https://nordot.app/02a54696-34e3-4bf0-b120-260029791edf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.252.246 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-252-246.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 31 Jan 2024 00:33:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 01 Feb 2024 00:33:31 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ Frame 19C7 		33 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: nordot.app
URL: blob:https://nordot.app/02a54696-34e3-4bf0-b120-260029791edf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
d249c2a4085538a252c982913fa9a2140b5e4431748fb580e1e2f95a62fd196e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 4FC2 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:29 GMT
an-x-request-uuid
d277e242-fd2b-420c-afa0-55f06492f06a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CAA7 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:29 GMT
an-x-request-uuid
7b48c10c-4218-496f-b81a-27ce94019d3f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B14D 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:29 GMT
an-x-request-uuid
f01b19f6-36ba-44b7-995e-5c0b467f4662
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
725.json
id5-sync.com/g/v2/ Frame B8B4 		630 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/725.json
Requested by
Host: nordot.app
URL: blob:https://nordot.app/8cf54c6a-4842-461b-87d8-000835ec344b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f00279b4bafdaf1ea153927873f7644205fd393e4731b0d18b06f651baf517a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
725.json
id5-sync.com/g/v2/ Frame 19C7 		630 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/725.json
Requested by
Host: nordot.app
URL: blob:https://nordot.app/02a54696-34e3-4bf0-b120-260029791edf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
9b09e8282c00fbed8f6103f0acf0a5bbe48efa5ade88efed989a57a14ce998be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
yads_vimps3.js
yads.c.yimg.jp/uadf/ 		85 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.c.yimg.jp/uadf/yads_vimps3.js
Requested by
Host: yads.c.yimg.jp
URL: https://yads.c.yimg.jp/js/yads-async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash
26b74084193a7882fc9988b59107a58c455555d4fdea0b79f3360b7e97b178df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 31 Jan 2024 00:32:27 GMT
content-encoding
gzip
last-modified
Tue, 30 Jan 2024 02:25:25 GMT
server
DragonStorage
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
272648cd-0b78-4e6a-89cc-7ee1f99233ba
age
64
etag
"085f21ff5cf665b29da1fa99997c9f52"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600, stale-while-revalidate=1200
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
26920
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		222 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.253.11 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-253-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=105288
accept-ranges
bytes
content-length
68444
expires
Thu, 01 Feb 2024 05:48:19 GMT
pageview
log.nordot.jp/ 		0
366 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/pageview
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
d8a6df78ea4b5318a1305f4d52d4e229
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:33:31 GMT
event
log.nordot.jp/ 		0
315 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
db7bbf485885bbfd65dce8be55a039c1
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:33:31 GMT
event
log.nordot.jp/ 		0
315 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
6f5d0c70e73f669a365cd26f54fef934
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:33:31 GMT
event
log.nordot.jp/ 		0
313 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
5e08dc100d20740057839ac44c1a2f5a
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:33:31 GMT
event
log.nordot.jp/ 		0
316 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
bb2e5cf5437a9bc953dbcf33e548ad42
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:33:31 GMT
event
log.nordot.jp/ 		0
314 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
46f0dcc14039ca6c4ec2321d910a3319
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:33:31 GMT
event
log.nordot.jp/ 		0
314 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
d1585ca4ca860f843217341e0e9b23db
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:33:31 GMT
event
log.nordot.jp/ 		0
305 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
defab062304a1991b65be7e62d386589
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:33:31 GMT
event
log.nordot.jp/ 		0
314 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
7c59d99492e10ffc2029dc765f6f0565
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:33:31 GMT
event
log.nordot.jp/ 		0
313 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
fc69fa6b0bc2534f7e33aff4e72d0af4
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:33:31 GMT
event
log.nordot.jp/ 		0
314 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
735be4296ec3defe8ebb5afc4cee393b
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:33:31 GMT
event
log.nordot.jp/ 		0
312 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
305c9b1f2a65c502bcc7b414fe9a92e2
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:33:31 GMT
event
log.nordot.jp/ 		0
316 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
server
Google Frontend
p3p
CP="Nordot does not have a P3P policy."
content-type
text/html
x-cloud-trace-context
631539a7cd0f5679beb674fb832b6d39
cache-control
private
content-length
0
expires
Wed, 31 Jan 2024 00:33:31 GMT
didna-pix.gif
didna.b-cdn.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://didna.b-cdn.net/didna-pix.gif?ref_id=150
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
48c0c0652213b10729997c6c43dcbce4f18f36d011c0ed2dbfd4006808e80569

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
cdn-edgestorageid
925
cdn-storageserver
NY-346
cdn-cachedat
01/31/2024 00:33:31
cdn-pullzone
1025274
content-length
807
last-modified
Fri, 06 Jan 2023 17:03:05 GMT
server
BunnyCDN-ASB1-925
cdn-fileserver
427
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
image/gif
cdn-cache
BYPASS
cdn-uid
296f49c8-4088-4b56-b4a4-a6b6d3fc5d40
cache-control
public, max-age=0
cdn-requestid
35fddad87dba0ebe6ff2eef231b54070
accept-ranges
bytes
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
064ec1b7-1a66-4612-9d6d-24aff6801950
config.aps.amazon-adsystem.com/configs/ 		564 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/064ec1b7-1a66-4612-9d6d-24aff6801950
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-124.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
405e43cd3a1d6144f42375bbf65312766341fae117f8809b9faa4d023a279068

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:32:04 GMT
via
1.1 f7a96eacae195ce7e3982601464ebc84.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
87
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
JDHgmtW7tZOmY_3sITC3irZwE424VaJk5B9JBhRaLofJ9F11xefKUA==
config
c.amazon-adsystem.com/cdn/prod/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnordot.app&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.8.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-8-154.yul62.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 23:24:47 GMT
via
1.1 cd7813a109893bc5bd95f0672350e59c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P2
age
4124
x-cache
Hit from cloudfront
access-control-allow-origin
https://nordot.app
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
loyj_nDxE1drZ1uMkD9mTW2o1ltoXQGGqtJ9b7YOYUhF6v7HSeJ85A==
bid
aax.amazon-adsystem.com/e/dtb/ 		194 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&pid=tiXJ3qNJAbuQ7&cb=0&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22ad_billboard_1%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F126379976%2Fdesktop%2Fad_billboard_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.199.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-199-75.yul62.r.cloudfront.net
Software
Server /
Resource Hash
bdafaa1a09e41629d6f5d558d498a4a72b5ec0528f88dcdf1451082361db364f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
via
1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
194
x-amz-cf-id
fICMJDFRkRmQ0ZOP06mSyBJhAxPxtRYLtgZkO1DhKRDTHyw5jCShcQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		194 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&pid=tiXJ3qNJAbuQ7&cb=1&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22ad_halfpage_1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F126379976%2Fdesktop%2Fad_halfpage_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.199.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-199-75.yul62.r.cloudfront.net
Software
Server /
Resource Hash
65bbe8d939600776ec47ff5e3b8779050611ca64b96deaa71d547fca9b307d3c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
via
1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
194
x-amz-cf-id
qgoMm37s0ZGqQXVWIq6d7dF8uRQpyaeGQtpAg50j4qjLI39sfj-0tQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		194 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&pid=tiXJ3qNJAbuQ7&cb=2&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22ad_rectangle_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F126379976%2Fdesktop%2Fad_rectangle_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.199.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-199-75.yul62.r.cloudfront.net
Software
Server /
Resource Hash
fa38a81d24ad46a7f907dcb1208a2776c2afa8129f8342f60cb40ee0fc7d6f0a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
via
1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
194
x-amz-cf-id
9rHtMRaKTnTlypNbzqKK7vYL_tVtWpoH8euJs_StJNbayF71j_JvCA==
bid
aax.amazon-adsystem.com/e/dtb/ 		194 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&pid=tiXJ3qNJAbuQ7&cb=3&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22ad_in_paragraph_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F126379976%2Fdesktop%2Fad_in_paragraph_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.199.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-199-75.yul62.r.cloudfront.net
Software
Server /
Resource Hash
f78914ef8e8101e4277027815acd04f954570bc0e639a72f815a8f82a39f303f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
via
1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
194
x-amz-cf-id
mZ_NJT6n4KVlI12LBf6UZhileLF7OwaL5YquTjOi7YNTPqh8_hoyGQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		194 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&pid=tiXJ3qNJAbuQ7&cb=4&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22ad_in_paragraph_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F126379976%2Fdesktop%2Fad_in_paragraph_2%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.199.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-199-75.yul62.r.cloudfront.net
Software
Server /
Resource Hash
dbfdfc90f3fd3c26808f03cea1d8290f65f29b9de6ec5fafeabd1be95f1f6ebb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:31 GMT
via
1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
194
x-amz-cf-id
wDGGih35dea06KMriUoWsQ46JjwZcUAVeGKrCRnM5vYAq88nn-h-NA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.8.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-8-154.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 16:30:17 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 10f978be0e76903f65b35bee6581c310.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
28995
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
GciGBMiBhy7VJZeX-v1G5y_LY8Dm9O97yYpKd_2vpjy2hC0MOGK3FQ==
yads_vimps.js
yads.c.yimg.jp/uadf/ 		85 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.c.yimg.jp/uadf/yads_vimps.js
Requested by
Host: yads.c.yimg.jp
URL: https://yads.c.yimg.jp/js/yads-async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash
a96d7f93ec302f75880f5780c285651419d8f44b4899ff66a6bf2d7e44c25458

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 31 Jan 2024 00:30:33 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 05:36:23 GMT
server
DragonStorage
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
be21c132-33b7-4c39-8429-8d4d88766e57
age
178
etag
"a1d09f7f9077f212fb451c1223c8ebc1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600, stale-while-revalidate=1200
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
26915
iicon.min.js
s.yimg.jp/images/advertising/common/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/advertising/common/js/iicon.min.js
Requested by
Host: yads.c.yimg.jp
URL: https://yads.c.yimg.jp/js/yads-async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
95e6145c4e44910a27b2063d14cb4554246e99a04a9a6502d97689e4f53f43da

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 31 Jan 2024 00:30:59 GMT
content-encoding
gzip
last-modified
Thu, 18 Jan 2024 05:09:10 GMT
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
153
vary
Accept-Encoding
content-type
application/javascript
x-ntap-sg-trace-id
129ae5ba54e3905f
cache-control
public, max-age=600
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
4931
iu3
s.amazon-adsystem.com/ Frame 3DE4 		364 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
0a02a11b0c51c1164f6f0b086bacdb92eb3275b293aa6d6abb045416530c1837
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
364
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 31 Jan 2024 00:33:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
4KP6XE76BG7EHTSHM8AC
pr
s.amazon-adsystem.com/v3/ Frame FF4A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
69d01bc765cac28d86d6011b8cbbaee112febae3c4597c1b84a819d091cf5062
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2415
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 31 Jan 2024 00:33:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
3V184JJK8114RW212ZHH
ecm3
s.amazon-adsystem.com/ Frame FF4A
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=129ff4b45d
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=129ff4b45d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QK07S42QA06VAZKDZ1H8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 31 Jan 2024 00:32:58 GMT
via
1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
34
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=129ff4b45d
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Fj8rCbjhIKXTpDEJbFWerWglQ8jvLPyBGcU3uHIyWPWFLI9Kt3XuAg==
ecm3
s.amazon-adsystem.com/ Frame FF4A
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PWF1T846TZVZCHVHBBPV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
Date
Wed, 31 Jan 2024 00:33:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame FF4A
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=2DD5465C06D943EC9AC22BC365CFFD62&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=2DD5465C06D943EC9AC22BC365CFFD62&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V9EDV45B78Q0950GEVAH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 31 Jan 2024 00:33:32 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=2DD5465C06D943EC9AC22BC365CFFD62&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 30 Jan 2024 00:33:32 GMT
ecm3
s.amazon-adsystem.com/ Frame FF4A
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e8a073e6a24j1ea00ls120rj3
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e8a073e6a24j1ea00ls120rj3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K8PK2CJKD1TFCRYGPPC4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 31 Jan 2024 00:33:32 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=09dd4f7e8a073e6a24j1ea00ls120rj3
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame FF4A
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3496628135649197000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3496628135649197000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
50CD85W5GMZBE7D1JT87
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:33 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3496628135649197000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 31 Jan 2024 00:33:33 GMT
ecm3
s.amazon-adsystem.com/ Frame FF4A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0&s=2
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=pVBh4BsHBjZmBDRFltyN&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=pVBh4BsHBjZmBDRFltyN&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6HGR3WBWRV9VR7RRFQAN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=pVBh4BsHBjZmBDRFltyN&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F0E6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c3ebd767f813b0f4614aaf4ff52ada0f8c0f7715d034ee46cd4a2357ee0ee15

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84dddd1fdb5136b3-YYZ
content-encoding
br
content-type
text/html
date
Wed, 31 Jan 2024 00:33:32 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCAlXmgzbBf%2Foa24K%2FG0H%2BQLIKCkmhe1xUNffnXcgCw%2FPyKldM8w09PdqPPVM56IUfF9aRpFLi%2BFLpB%2F%2F5pup15Al9TtHtE7MLKqaldlWy%2BrkxYC6SP5Ja7zIZGVacDQD1DgWyTbFK%2BUng%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 540C
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4365668101828837717&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4365668101828837717&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 00:33:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
306T4A2PNKBPNV945C18

Redirect headers

content-length
0
date
Wed, 31 Jan 2024 00:33:31 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4365668101828837717&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame B249
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=444fcc63e70f05ea&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&...
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACU3YPjpxvYQNAJ9FaAAAAAAA&expiration=1706747612&is_secure=true&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACU3YPjpxvYQNAJ9FaAAAAAAA&expiration=1706747612&is_secure=true&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 00:33:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
4Z9Y213S4T2A27GSX19Z

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Wed, 31 Jan 2024 00:33:32 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAACU3YPjpxvYQNAJ9FaAAAAAAA&expiration=1706747612&is_secure=true&gdpr=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 9A7C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=6245270470711808888&ex=appnexus.com&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6245270470711808888&ex=appnexus.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 00:33:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CFZGSX0205QS3B0KXYG3

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
5c6eeffd-a063-4758-962c-f788813f3376
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 00:33:32 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=6245270470711808888&ex=appnexus.com&gdpr=0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame CFFF
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
1 KB
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-simpli.fi_n-baidu_n-MediaNet_smrt_cnv_an-db5_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.20.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-20-78.compute-1.amazonaws.com
Software
/
Resource Hash
79aaa9404326294b7ae8cb5f1a3244fd08921ae93141eee0bf557881e6aa0a21

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-encoding
gzip
content-length
444
content-type
text/html
date
Wed, 31 Jan 2024 00:33:34 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept-Encoding, User-Agent

Redirect headers

content-length
110
content-type
text/html
date
Wed, 31 Jan 2024 00:33:32 GMT
location
https://ce.lijit.com:443/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
server
awselb/2.0
dcm
s.amazon-adsystem.com/ Frame F0E6 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZbmVVprW8dtWEUcsNNASTgAAAIEAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1V99AF721GVBWQ65QMRK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
31327
i.liadm.com/s/ Frame F0E6 		0
0
rum
dsum-sec.casalemedia.com/ Frame F0E6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&expiration=1709253212&gdpr=0&gdpr_consent=
43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&expiration=1709253212&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDrHNg5LCN9808PlY2wi1ofIsRWlcc%2BGTAqoaffJN0SuOJITh%2F%2Bp1%2FW4NJsmGL1wml4Cn87cViaT6%2B9gB0vJASf6cax0xBWzEjuqmvH%2F0%2B7B0ZvTL4kL%2FXatGxtSgDVatYaAKplKvhF4%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84dddd216f773a00-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=2252e6ea-1e69-4d02-aa70-27b4ea294b3b&expiration=1709253212&gdpr=0&gdpr_consent=
date
Wed, 31 Jan 2024 00:33:32 GMT
server
Kestrel
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame F0E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZbmVVprW8dtWEUcsNNASTgAAAIEAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHaaNuijpBQdqadgp6JUMXE&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHaaNuijpBQdqadgp6JUMXE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWwcQb2g%2F1RDfPNOfb0LZDYt11wbsfguR0vhgxN3wYwZ9gkoE5ju8E66tDgnVvV8xvTbMuJhr7xR9WwtWChvxF%2Bx%2BN6PWjvmeyXgVSuFTe%2F7dS4oJs6xE3fChkc%2By5ppiY1e7rWR50oIZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84dddd20ecff36b3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHaaNuijpBQdqadgp6JUMXE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F0E6
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662067307651114
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662067307651114
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbGnVIMP0J1vVVUX8Olb8PGua27QR7p4eCD3X4stBvSm1jIGsErNLtyI9142f95dfT%2BD%2Bo0bpjVwiCL607Di5gfbQWdsBCL9Pmf2732Q951S9f4tZG%2FshDg%2FgLn7w4lNVSRXLdxJfPydbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84dddd4f5ecf36b3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:39 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
44
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662067307651114
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84dddd4eb845a1e6-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame F0E6
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=273938a2929506f8&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMvcXVnmw85wN5ElcIAAAAAAA&expiration=1706747612&is_secure=true
43 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMvcXVnmw85wN5ElcIAAAAAAA&expiration=1706747612&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsE7CE2ouDdsQ%2Bl9TD30gD09HBwOeWfPWcwLMC9qtMjJ13u3qBLqCFMoLkuBGUOKgmya654u%2BJYjeeyM%2Fc6p7h%2Bw5r6lIuCf2hL29gjv%2B%2Bksh2jPtoLH8G4PBaK01GVfsCU26A4E"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84dddd217f873a00-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMvcXVnmw85wN5ElcIAAAAAAA&expiration=1706747612&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame F0E6
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=58e65b1c-bfd0-11ee-b8d0-b4c1bd5172af
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=58e65b1c-bfd0-11ee-b8d0-b4c1bd5172af
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHv8qpPjeBXB6hwVrqNH8TESxcL5Hw0SPLxPj9YKAxn0%2BZxcFXHPTUF3VKrvMigSWmYdmVf9caV7sE%2Fj0rcHjslByAyIcYLsqrNcd2yTrcOjuXrygiVaQqe6olxLtvNQnZ9gtZpQsr6oTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84dddd2298a636b3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:32 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=58e65b1c-bfd0-11ee-b8d0-b4c1bd5172af
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
index
dmp.brand-display.com/cm/api/ Frame F0E6 		0
0
ecm3
s.amazon-adsystem.com/ Frame F0E6 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZbmVVprW8dtWEUcsNNASTgAAAIEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G73GMK1RVCVWMRT8XZJ9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag
yads.yjtag.yahoo.co.jp/v2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yads.yjtag.yahoo.co.jp/v2/tag?s=88847_661431&fr_id=yads_4120644-1&p_elem=yads2&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Requested by
Host: yads.c.yimg.jp
URL: https://yads.c.yimg.jp/js/yads-async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
aa183ad43effa43190060992c26ea1074e25f5e324bc4dd6233a7ee46af7e03d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
0
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
private, max-age=10
access-control-allow-credentials
true
permissions-policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
975
x-xss-protection
1;mode=block
tag
yads.yjtag.yahoo.co.jp/v2/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yads.yjtag.yahoo.co.jp/v2/tag?s=88847_661385&fr_id=yads_6432882-0&p_elem=yads1&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Requested by
Host: yads.c.yimg.jp
URL: https://yads.c.yimg.jp/js/yads-async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
403d832105280f1d276cec4c18b85af00bc66b845d83c7da33118e47403a7c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
0
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
private, max-age=10
access-control-allow-credentials
true
permissions-policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
970
x-xss-protection
1;mode=block
yads-iframe.html
s.yimg.jp/images/listing/tool/yads/ Frame 1289 		1 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661431&fr_id=yads_4120644-1&p_elem=yads2&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
be70cedebacd96dce28b985d65c52839d99611ea2cba820ef151c52fb8be8096

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
363
ats-carp-promotion
1
cache-control
public, max-age=600
content-encoding
gzip
content-length
677
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 00:27:29 GMT
last-modified
Wed, 11 May 2022 07:49:33 GMT
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
server
nghttpx
vary
Accept-Encoding
x-ntap-sg-trace-id
60a5d9c6af1995b4
yads-iframe.html
s.yimg.jp/images/listing/tool/yads/ Frame E60D 		1 KB
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661385&fr_id=yads_6432882-0&p_elem=yads1&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
be70cedebacd96dce28b985d65c52839d99611ea2cba820ef151c52fb8be8096

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
363
ats-carp-promotion
1
cache-control
public, max-age=600
content-encoding
gzip
content-length
677
content-type
text/html; charset=utf-8
date
Wed, 31 Jan 2024 00:27:29 GMT
last-modified
Wed, 11 May 2022 07:49:33 GMT
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
server
nghttpx
vary
Accept-Encoding
x-ntap-sg-trace-id
60a5d9c6af1995b4
yads-async.js
yads.c.yimg.jp/js/ Frame 1289 		134 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.c.yimg.jp/js/yads-async.js
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661431&fr_id=yads_4120644-1&p_elem=yads2&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash
1fed7da86f9d9735ea1018a3ac1be1e3e6fc105b7c7dc2c809626d34b4ee85c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:11 GMT
content-encoding
gzip
last-modified
Tue, 30 Jan 2024 06:06:35 GMT
server
DragonStorage
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
dc1b0939-afa3-4440-8a9c-77c0cefb0a04
age
21
etag
"1f2eaa48b9ed0349c6569c054d9e518a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600, stale-while-revalidate=1200
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
40463
yads_vimps.js
yads.c.yimg.jp/uadf/ Frame 1289 		85 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.c.yimg.jp/uadf/yads_vimps.js
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661431&fr_id=yads_4120644-1&p_elem=yads2&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash
a96d7f93ec302f75880f5780c285651419d8f44b4899ff66a6bf2d7e44c25458

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 31 Jan 2024 00:30:33 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 05:36:23 GMT
server
DragonStorage
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
be21c132-33b7-4c39-8429-8d4d88766e57
age
179
etag
"a1d09f7f9077f212fb451c1223c8ebc1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600, stale-while-revalidate=1200
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
26915
iicon.min.js
s.yimg.jp/images/advertising/common/js/ Frame 1289 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/advertising/common/js/iicon.min.js
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661431&fr_id=yads_4120644-1&p_elem=yads2&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
95e6145c4e44910a27b2063d14cb4554246e99a04a9a6502d97689e4f53f43da

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661431&fr_id=yads_4120644-1&p_elem=yads2&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 31 Jan 2024 00:30:59 GMT
content-encoding
gzip
last-modified
Thu, 18 Jan 2024 05:09:10 GMT
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
153
vary
Accept-Encoding
content-type
application/javascript
x-ntap-sg-trace-id
129ae5ba54e3905f
cache-control
public, max-age=600
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
4931
yads-async.js
yads.c.yimg.jp/js/ Frame E60D 		134 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.c.yimg.jp/js/yads-async.js
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661385&fr_id=yads_6432882-0&p_elem=yads1&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash
1fed7da86f9d9735ea1018a3ac1be1e3e6fc105b7c7dc2c809626d34b4ee85c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:11 GMT
content-encoding
gzip
last-modified
Tue, 30 Jan 2024 06:06:35 GMT
server
DragonStorage
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
dc1b0939-afa3-4440-8a9c-77c0cefb0a04
age
22
etag
"1f2eaa48b9ed0349c6569c054d9e518a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600, stale-while-revalidate=1200
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
40463
yads_vimps.js
yads.c.yimg.jp/uadf/ Frame E60D 		85 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.c.yimg.jp/uadf/yads_vimps.js
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661385&fr_id=yads_6432882-0&p_elem=yads1&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash
a96d7f93ec302f75880f5780c285651419d8f44b4899ff66a6bf2d7e44c25458

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 31 Jan 2024 00:30:33 GMT
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 05:36:23 GMT
server
DragonStorage
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
be21c132-33b7-4c39-8429-8d4d88766e57
age
180
etag
"a1d09f7f9077f212fb451c1223c8ebc1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600, stale-while-revalidate=1200
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
26915
iicon.min.js
s.yimg.jp/images/advertising/common/js/ Frame E60D 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/advertising/common/js/iicon.min.js
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661385&fr_id=yads_6432882-0&p_elem=yads1&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
95e6145c4e44910a27b2063d14cb4554246e99a04a9a6502d97689e4f53f43da

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661385&fr_id=yads_6432882-0&p_elem=yads1&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 31 Jan 2024 00:30:59 GMT
content-encoding
gzip
last-modified
Thu, 18 Jan 2024 05:09:10 GMT
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
154
vary
Accept-Encoding
content-type
application/javascript
x-ntap-sg-trace-id
129ae5ba54e3905f
cache-control
public, max-age=600
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
4931
tag
yads.yjtag.yahoo.co.jp/ Frame 1289 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.yjtag.yahoo.co.jp/tag?s=88847_661431&fr_id=yads_4120644-1&p_elem=yads2&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661431&fr_id=yads_4120644-1&p_elem=yads2&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
39ed21a082e04ad54d3d3da85091586228016d9cf22d72fb01ddd9b82dd7d65d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=10
permissions-policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
970
x-xss-protection
1;mode=block
tag
yads.yjtag.yahoo.co.jp/ Frame E60D 		2 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.yjtag.yahoo.co.jp/tag?s=88847_661385&fr_id=yads_6432882-0&p_elem=yads1&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661385&fr_id=yads_6432882-0&p_elem=yads1&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
3d0fdf0fc1191ba4b7a57a9677ce5c7eda1c2a1f687a0802e7fb6176a016131b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=10
permissions-policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
968
x-xss-protection
1;mode=block
ttj
yj-a.p.adnxs.com/ Frame 1289 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yj-a.p.adnxs.com/ttj?external_uid=&id=29486533&position=below&rla=&rlb=&size=300x250
Requested by
Host: yads.c.yimg.jp
URL: https://yads.c.yimg.jp/js/yads-async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
6e74b9e8c320b1a1d7379d6037667fe4121312418c1fdb680bafc7ea3a8176dd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:33 GMT
content-encoding
gzip
an-x-request-uuid
411a6776-66e6-4341-b4ce-82f9cc7ac831
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; *.p.adnxs.com; 68.67.179.142:80
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ttj
yj-a.p.adnxs.com/ Frame E60D 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yj-a.p.adnxs.com/ttj?external_uid=&id=29486532&position=below&rla=&rlb=&size=300x250
Requested by
Host: yads.c.yimg.jp
URL: https://yads.c.yimg.jp/js/yads-async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ff98dfc1b60c8acebfada367211130e1fe8a73d3ba06deb5720b55bf8fc8e3e1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:33 GMT
content-encoding
gzip
an-x-request-uuid
59714269-101b-4052-bcc1-e4b90e1f6243
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; *.p.adnxs.com; 68.67.160.168:80
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
gum.criteo.com/ Frame 1289 		51 B
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
Requested by
Host: yj-a.p.adnxs.com
URL: https://yj-a.p.adnxs.com/ttj?external_uid=&id=29486533&position=below&rla=&rlb=&size=300x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
270526
expires
60
ttj
yj-a.p.adnxs.com/ Frame 1289 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yj-a.p.adnxs.com/ttj?ttjb=1&bdc=1706661213&bdh=0aoHUvAR40VNUtzCZRif-Cvwe6Q.&&bdref=https%3A%2F%2Fnordot.app%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fnordot.app%2F,https%3A%2F%2Fs.yimg.jp%2Fimages%2Flisting%2Ftool%2Fyads%2Fyads-iframe.html%3Fstart_prod_num%3D0%26s%3D88847_661431%26fr_id%3Dyads_4120644-1%26p_elem%3Dyads2%26u%3Dhttps%253A%252F%252Fnordot.app%252F1103463313237606400%26mb%3D1%26pv_ts%3D1706661198179%26cu%3Dhttps%253A%252F%252Fnordot.app%252F1103463313237606400&&external_uid=&id=29486533&position=below&rla=&rlb=&size=300x250
Requested by
Host: yj-a.p.adnxs.com
URL: https://yj-a.p.adnxs.com/ttj?external_uid=&id=29486533&position=below&rla=&rlb=&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d19055ff365d6545e7c2fa7724a2ac524079ce3a0a4784d853f6f244b2ac9a08
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:34 GMT
content-encoding
gzip
x-creative-id
40898157
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-proxy-origin
37.19.212.43; 37.19.212.43; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; *.p.adnxs.com; 68.67.180.169:80
x-xss-protection
0
pragma
no-cache
an-x-request-uuid
65c40d14-6df0-4982-8336-769594980ac1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
gum.criteo.com/ Frame E60D 		51 B
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
Requested by
Host: yj-a.p.adnxs.com
URL: https://yj-a.p.adnxs.com/ttj?external_uid=&id=29486532&position=below&rla=&rlb=&size=300x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
603780
expires
60
ttj
yj-a.p.adnxs.com/ Frame E60D 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yj-a.p.adnxs.com/ttj?ttjb=1&bdc=1706661213&bdh=0aoHUvAR40VNUtzCZRif-Cvwe6Q.&&bdref=https%3A%2F%2Fnordot.app%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fnordot.app%2F,https%3A%2F%2Fs.yimg.jp%2Fimages%2Flisting%2Ftool%2Fyads%2Fyads-iframe.html%3Fstart_prod_num%3D0%26s%3D88847_661385%26fr_id%3Dyads_6432882-0%26p_elem%3Dyads1%26u%3Dhttps%253A%252F%252Fnordot.app%252F1103463313237606400%26mb%3D1%26pv_ts%3D1706661198179%26cu%3Dhttps%253A%252F%252Fnordot.app%252F1103463313237606400&&external_uid=&id=29486532&position=below&rla=&rlb=&size=300x250
Requested by
Host: yj-a.p.adnxs.com
URL: https://yj-a.p.adnxs.com/ttj?external_uid=&id=29486532&position=below&rla=&rlb=&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
019a1cc4825ee7c7b9261da016e662cea837b6b725d63bbc96306bad4db93be4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:34 GMT
content-encoding
gzip
x-creative-id
40898157
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-proxy-origin
37.19.212.43; 37.19.212.43; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; *.p.adnxs.com; 68.67.160.239:80
x-xss-protection
0
pragma
no-cache
an-x-request-uuid
285e695b-f0f4-418a-acc4-abfd20afb76b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame CFFF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=IFKBABZHk6Ofd0kUTf2UPf40&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:33:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
492CHB50VEAKT4GBP3RC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame CFFF
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e9435ccd-289b-41d2-8f05-a8f0e060f4e3-65b9955e-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e9435ccd-289b-41d2-8f05-a8f0e060f4e3-65b9955e-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3De9435c...
  • https://ce.lijit.com/merge?pid=16&3pid=e9435ccd-289b-41d2-8f05-a8f0e060f4e3-65b9955e-4341&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=e9435ccd-289b-41d2-8f05-a8f0e060f4e3-65b9955e-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
H2
Server
44.194.20.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-20-78.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 00:33:35 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

date
Wed, 31 Jan 2024 00:33:35 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=e9435ccd-289b-41d2-8f05-a8f0e060f4e3-65b9955e-4341&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame CFFF
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=7b989c66-4663-4b04-8cf4-a7ded099b1f2
43 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=7b989c66-4663-4b04-8cf4-a7ded099b1f2
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
H2
Server
44.194.20.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-20-78.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 00:33:34 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=7b989c66-4663-4b04-8cf4-a7ded099b1f2
date
Wed, 31 Jan 2024 00:33:34 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame CFFF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969188724782911872&expires=30&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&gdpr=&gdpr_consent=&us_privacy=
43 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
H2
Server
44.194.20.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-20-78.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 00:33:34 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=ebf2b27d-a102-4d68-bd73-bbd2c20367ba&gdpr=&gdpr_consent=&us_privacy=
Date
Wed, 31 Jan 2024 00:33:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame CFFF
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=IFKBABZHk6Ofd0kUTf2UPf40&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=883364635622
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=883364635622
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
H2
Server
44.194.20.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-20-78.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 00:33:37 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=66&3pid=883364635622
Content-Length
0
merge
ce.lijit.com/ Frame CFFF
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LS120EQR-R-BSOS&gdpr=0
43 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LS120EQR-R-BSOS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
H2
Server
44.194.20.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-20-78.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
date
Wed, 31 Jan 2024 00:33:34 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LS120EQR-R-BSOS&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
961e708718863ce5d2a91761d33d869a
Expires
0
yda
yads.yjtag.yahoo.co.jp/ Frame 1289 		144 B
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.yjtag.yahoo.co.jp/yda?adprodset=88847_661431-697910-736952&cb=1706661213876&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400&measurable=1&p_elem=yads2&pv_id=55e6ebd9fb2e6def2aa09c54c2313713&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&vimps_mode=1
Requested by
Host: yads.c.yimg.jp
URL: https://yads.c.yimg.jp/js/yads-async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
8f2f59431f6d915b5c83b674f6d2fdc140b5ebf80a14cbb55ffe4f2b99155828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
permissions-policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
143
x-xss-protection
1;mode=block
it
nym1-ib.adnxs.com/ Frame 1289 		0
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fnordot.app%2F&e=wqT_3QLtA6DtAQAAAwDWAAUBCN2q5q0GEJON6sCojJftNRj4po7o94zq1VYqNgkAAAkCABEJBywAABkAAACAPQrvPyEREgApEQnw9TEzcnNoV6XlPzDF24cOOM8cQM8cSAJQ7ZzAE1jQ_IoBYABo8K7JAXjnxAWAAQGKAQCSAQNKUFmYAawCoAH6AagBAbABALgBAsABAsgBANABANgBAOABAPABANgC_EPgAsbSXeoCE2h0dHBzOi8vbm9yZG90LmFwcC-AAwCIAwGQAwCYAxmgAwGqAwDAA9gEyAMA2AOGmcoB4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIEDDM3LjE5LjIxMi40M6gEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggA4AQA8ATtnMATiAUBmAUAoAUAwAUAyQUAAAH-FPA_0gUJCQEKAQEs2AUB4AUA8AUA-gUEAVEokAYAmAYAuAYAwQYBHwEBENoGFgoQAQkuAQBwEAAYAOAGAPIGAggAgAcBiAcAoAcAyAfnxAXSBw0VXgEmCNoHBgFZoBgA4AcA6gcCCADwB-exCYoIAhAAlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=f79fad2f4e95b6d9529ded9690cca9d54f8e41c1
Requested by
Host: yj-a.p.adnxs.com
URL: https://yj-a.p.adnxs.com/ttj?ttjb=1&bdc=1706661213&bdh=0aoHUvAR40VNUtzCZRif-Cvwe6Q.&&bdref=https%3A%2F%2Fnordot.app%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fnordot.app%2F,https%3A%2F%2Fs.yimg.jp%2Fimages%2Flisting%2Ftool%2Fyads%2Fyads-iframe.html%3Fstart_prod_num%3D0%26s%3D88847_661431%26fr_id%3Dyads_4120644-1%26p_elem%3Dyads2%26u%3Dhttps%253A%252F%252Fnordot.app%252F1103463313237606400%26mb%3D1%26pv_ts%3D1706661198179%26cu%3Dhttps%253A%252F%252Fnordot.app%252F1103463313237606400&&external_uid=&id=29486533&position=below&rla=&rlb=&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:34 GMT
an-x-request-uuid
306d275a-8f0f-436f-a734-2cc415542124
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
yda
yads.yjtag.yahoo.co.jp/ Frame E60D 		144 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.yjtag.yahoo.co.jp/yda?adprodset=88847_661385-697775-736816&cb=170666121370&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400&measurable=1&p_elem=yads1&pv_id=4adc792d344f2d332779c834a089cf75&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&vimps_mode=1
Requested by
Host: yads.c.yimg.jp
URL: https://yads.c.yimg.jp/js/yads-async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
874f6b264fbf887ede170202307ef4b83f6100f8618ebf70b9a1e9aa04e63aa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
permissions-policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
142
x-xss-protection
1;mode=block
it
nym1-ib.adnxs.com/ Frame E60D 		0
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fnordot.app%2F&e=wqT_3QLtA6DtAQAAAwDWAAUBCN6q5q0GEN-G2oGP3u6JbBj4po7o94zq1VYqNgkAAAkCABEJBywAABkAAACAFK7vPyEREgApEQnw9TEzcnNoV6XlPzDE24cOOM8cQM8cSAJQ7ZzAE1jQ_IoBYABo767JAXiq6gWAAQGKAQCSAQNKUFmYAawCoAH6AagBAbABALgBAsABAsgBANABANgBAOABAPABANgC_EPgAsXSXeoCE2h0dHBzOi8vbm9yZG90LmFwcC-AAwCIAwGQAwCYAxmgAwGqAwDAA9gEyAMA2AOGmcoB4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIEDDM3LjE5LjIxMi40M6gEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggA4AQA8ATtnMATiAUBmAUAoAUAwAUAyQUAAAH-FPA_0gUJCQEKAQEs2AUB4AUA8AUA-gUEAVEokAYAmAYAuAYAwQYBHwEBENoGFgoQAQkuAQBwEAAYAOAGAPIGAggAgAcBiAcAoAcAyAeq6gXSBw0VXgEmDNoHBggFCZjgBwDqBwIIAPAH57EJiggCEACVCAAAgD-YCAHACADSCAYIABAAGAA.&s=41d0e3bcf4c380937cf214362ac095aeacc16509
Requested by
Host: yj-a.p.adnxs.com
URL: https://yj-a.p.adnxs.com/ttj?ttjb=1&bdc=1706661213&bdh=0aoHUvAR40VNUtzCZRif-Cvwe6Q.&&bdref=https%3A%2F%2Fnordot.app%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fnordot.app%2F,https%3A%2F%2Fs.yimg.jp%2Fimages%2Flisting%2Ftool%2Fyads%2Fyads-iframe.html%3Fstart_prod_num%3D0%26s%3D88847_661385%26fr_id%3Dyads_6432882-0%26p_elem%3Dyads1%26u%3Dhttps%253A%252F%252Fnordot.app%252F1103463313237606400%26mb%3D1%26pv_ts%3D1706661198179%26cu%3Dhttps%253A%252F%252Fnordot.app%252F1103463313237606400&&external_uid=&id=29486532&position=below&rla=&rlb=&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:34 GMT
an-x-request-uuid
c554c549-92f0-414d-a22a-f2b6ba3db047
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
QC_300_250.jpg
s.yimg.jp/images/im/innerad/ Frame 1289 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.jp/images/im/innerad/QC_300_250.jpg
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661431&fr_id=yads_4120644-1&p_elem=yads2&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
8e49d9b1504acd5d895a91fae1ebf7895d7c2ebff3aa1a4c484171a38d033d65

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661431&fr_id=yads_4120644-1&p_elem=yads2&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 31 Jan 2024 00:24:54 GMT
last-modified
Tue, 25 Jan 2022 15:57:56 GMT
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
520
content-type
image/jpeg
x-ntap-sg-trace-id
6bdd33f62ecf4a96
cache-control
public, max-age=600
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
16446
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0A5C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3663&pub_id=1814365
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661431&fr_id=yads_4120644-1&p_elem=yads2&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.252.246 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-252-246.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://s.yimg.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 31 Jan 2024 00:33:35 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 01 Feb 2024 00:33:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
QC_300_250.jpg
s.yimg.jp/images/im/innerad/ Frame E60D 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.jp/images/im/innerad/QC_300_250.jpg
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
8e49d9b1504acd5d895a91fae1ebf7895d7c2ebff3aa1a4c484171a38d033d65

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661385&fr_id=yads_6432882-0&p_elem=yads1&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 31 Jan 2024 00:24:54 GMT
last-modified
Tue, 25 Jan 2022 15:57:56 GMT
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
520
content-type
image/jpeg
x-ntap-sg-trace-id
6bdd33f62ecf4a96
cache-control
public, max-age=600
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
16446
async_usersync.html
acdn.adnxs.com/dmp/ Frame CE8B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3663&pub_id=1814365
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/yads/yads-iframe.html?start_prod_num=0&s=88847_661385&fr_id=yads_6432882-0&p_elem=yads1&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&mb=1&pv_ts=1706661198179&cu=https%3A%2F%2Fnordot.app%2F1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.252.246 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-252-246.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://s.yimg.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 31 Jan 2024 00:33:35 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 01 Feb 2024 00:33:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 0A5C 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3663&pub_id=1814365&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3663&pub_id=1814365
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:35 GMT
an-x-request-uuid
1a1070b7-f8c5-4433-9d97-18fe210e7e4a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CE8B 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3663&pub_id=1814365&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3663&pub_id=1814365
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:35 GMT
an-x-request-uuid
553b1e96-f838-45ec-ae6d-6ba638e03a0b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
event
log.nordot.jp/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-cloud-trace-context
ac171d4f569a39b276b3892925313750
date
Wed, 31 Jan 2024 00:33:36 GMT
server
Google Frontend
content-length
0
content-type
text/html
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
600
age
0
content-length
0
date
Wed, 31 Jan 2024 00:33:36 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
600
age
0
content-length
0
date
Wed, 31 Jan 2024 00:33:36 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://nordot.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://nordot.app
access-control-max-age
600
age
0
content-length
0
date
Wed, 31 Jan 2024 00:33:36 GMT
server
ATS/9.1.10.94
bid
aax.amazon-adsystem.com/e/dtb/ 		539 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&pid=tiXJ3qNJAbuQ7&cb=5&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22ad_billboard_1%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F126379976%2Fdesktop%2Fad_billboard_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.199.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-199-75.yul62.r.cloudfront.net
Software
Server /
Resource Hash
175cd526064cfc4706642010bd18c66d570b0cd4145f52f453a8a01373d0df1f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:36 GMT
via
1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
539
x-amz-cf-id
qLeACDXFG_d2M_31aRAVSwkx0YlxfJcQBI7FOsV904ZjSSCq7u5byQ==
v1
btlr.sharethrough.com/universal/ 		0
0
unruly_prebid
targeting.unrulymedia.com/ 		0
0
bid
ap.lijit.com/rtb/ 		25 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.1.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-1-24.compute-1.amazonaws.com
Software
/
Resource Hash
7bbbcbd087cf998167c840ac1a9ac6531dee41a1de9dabb8604fa5aa45288692

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:36 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
prebid
ib.adnxs.com/ut/v3/ 		140 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
91ac8223c94474d8f361532ab4d70c812009953802cadba310a2cb9f2600e300
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:36 GMT
an-x-request-uuid
a91058e7-986b-48f7-9c11-bd0c4441d263
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
s-rtb-pb.send.microad.jp/ 		0
0
cdb
bidder.criteo.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=139&profileId=185&av=36&wv=8.21.0&cb=67691583281
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
18da2618d901784810589aa02204a0476971430219b89261498ae9be29376a6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		403 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=445630&zone_id=2572862&size_id=57&rp_schain=1.0,1!didna.io,494n1p165,1,,,&eid_criteo.com=oXE0sl85dHFkUWJYTGxxSCUyQjlJMlIxcTElMkIwa1R2MmNLaGxwOHZIM0VEVk04bmRxUFM3RlExYjJwSVNOYU9rZTBSUWM5OHQlMkZSUlc0OHFHeENicUNtaXgzbXlLdyUzRCUzRA%5E1&eid_neustar.biz=E1%3A5KmPQ0fHNfOa5zoLPq46Jo2arKKd2f8N9fEaRinFksn-whfkCkuVXHrNKt9wTwd3WDIS4jLdZiMiZaP76k5iLjvn3Oehh9fRnPPg9T234PEvjIvtcTEoP8LhA1njWy--%5E1&eid_pubcid.org=3e07f463-6ade-42d7-98d6-fd85d3c5c3cc%5E1&rf=https%3A%2F%2Fnordot.app%2F1103463313237606400&kw=BANGShowbizEnglish%2Ckatemiddleton%2Ccatherineprincessofwales%2Cprincewilliam%2Cmegbellamy%2Cen&tg_i.domain=nordot.app&tg_i.page=https%3A%2F%2Fnordot.app%2F1103463313237606400&tg_i.name=nordot-app&tg_i.pbadslot=%2F126379976%2Fdesktop%2Fad_billboard_1%23ad_billboard_1&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=1662b11989825bbc&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F126379976%2Fdesktop%2Fad_billboard_1%23ad_billboard_1&slots=1&rand=0.031166841495328335
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
487dc6ed472ca5634e4ba3411cdf5e0dd5093d4404d793464ac915f6fbe280ae

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
403
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://nordot.app
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
65686dbe623fb8a7bb1324d7
exchange.kueezrtb.com/prebid/multi/ 		0
0
prebid
mp.4dex.io/ 		0
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:36 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84dddd3cff3ba202-YYZ
expires
0
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&pid=tiXJ3qNJAbuQ7&cb=6&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22ad_halfpage_1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F126379976%2Fdesktop%2Fad_halfpage_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.199.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-199-75.yul62.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:36 GMT
via
1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
VYq9KHUSzk8pseal5Pj50nhKB_GHzfCIbDYGTuHhorfTABLeh4k0Cw==
prebid
s-rtb-pb.send.microad.jp/ 		0
0
prebid
s-rtb-pb.send.microad.jp/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
auction
pbs.nextmillmedia.com/openrtb2/ 		0
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:36 GMT
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
x-prebid
pbs-go/42.17.0
vary
Origin
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
auction
pbs.nextmillmedia.com/openrtb2/ 		0
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:36 GMT
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
x-prebid
pbs-go/42.17.0
vary
Origin
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		421 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=445630&zone_id=2572862&size_id=15&alt_size_ids=10&rp_schain=1.0,1!didna.io,494n1p165,1,,,&eid_criteo.com=oXE0sl85dHFkUWJYTGxxSCUyQjlJMlIxcTElMkIwa1R2MmNLaGxwOHZIM0VEVk04bmRxUFM3RlExYjJwSVNOYU9rZTBSUWM5OHQlMkZSUlc0OHFHeENicUNtaXgzbXlLdyUzRCUzRA%5E1&eid_neustar.biz=E1%3A5KmPQ0fHNfOa5zoLPq46Jo2arKKd2f8N9fEaRinFksn-whfkCkuVXHrNKt9wTwd3WDIS4jLdZiMiZaP76k5iLjvn3Oehh9fRnPPg9T234PEvjIvtcTEoP8LhA1njWy--%5E1&eid_pubcid.org=3e07f463-6ade-42d7-98d6-fd85d3c5c3cc%5E1&rf=https%3A%2F%2Fnordot.app%2F1103463313237606400&kw=BANGShowbizEnglish%2Ckatemiddleton%2Ccatherineprincessofwales%2Cprincewilliam%2Cmegbellamy%2Cen&tg_i.domain=nordot.app&tg_i.page=https%3A%2F%2Fnordot.app%2F1103463313237606400&tg_i.name=nordot-app&tg_i.pbadslot=%2F126379976%2Fdesktop%2Fad_halfpage_1%23ad_halfpage_1&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=184bd3142a9b5dfb&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F126379976%2Fdesktop%2Fad_halfpage_1%23ad_halfpage_1&slots=1&rand=0.441108919765663
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
026e74a7997fc6f1891b5f3ab6fab7add554fd1be583bb8d08f45d2279bed528

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
421
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=139&profileId=185&av=36&wv=8.21.0&cb=77163137939
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
d45769dabcf08dcb986b60e8b136dcb14e78b6a930e3f08ba84c4e527cb15436
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
prebid
ib.adnxs.com/ut/v3/ 		140 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
35f026090d9b1c7613e932c9b04aa1cbed33608343bb95326f08c63d14a55b59
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:36 GMT
an-x-request-uuid
114d0571-49f9-470c-8112-6d742a0aaa08
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
colossusssp.com/ 		2 B
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.69.132 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:37 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
prebid
mp.4dex.io/ 		0
41 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:36 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84dddd3d8802a202-YYZ
expires
0
prebid-request
onetag-sys.com/ 		15 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://nordot.app
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
translator
hbopenbid.pubmatic.com/ 		0
56 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.94 /
Resource Hash
46823c9150ac78a5b9c8db644a98bb860c999b4a77bfd8fc5c0d83f41cec5be9

Request headers

Referer
https://nordot.app/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Wed, 31 Jan 2024 00:33:37 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.94 /
Resource Hash
585860218f8ab1e2f9e44acaece51990bc7a9bd161e98ef8e1dbfb13577ea866

Request headers

Referer
https://nordot.app/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Wed, 31 Jan 2024 00:33:37 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
84
65686dbe623fb8a7bb1324d7
exchange.kueezrtb.com/prebid/multi/ 		0
0
bid
ap.lijit.com/rtb/ 		25 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.1.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-1-24.compute-1.amazonaws.com
Software
/
Resource Hash
94a892acac25ca6118f3ee3345ffa580ce38142282343eb43af3581bcc12a72b

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:36 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnordot.app%2F1103463313237606400&pid=tiXJ3qNJAbuQ7&cb=7&ws=1600x1200&v=24.117.1925&t=2000&slots=%5B%7B%22sd%22%3A%22ad_rectangle_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F126379976%2Fdesktop%2Fad_rectangle_1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=064ec1b7-1a66-4612-9d6d-24aff6801950&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.199.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-199-75.yul62.r.cloudfront.net
Software
Server /
Resource Hash
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:37 GMT
via
1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
fmyb-hZolq5fdOA343RDqOjOxCFafIMJAM6dItbqT2sGWiA-P1UomQ==
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
506 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.94 /
Resource Hash
bdaa567881b615e42ebb65389980fcb30db05494938ad83092a7cca70e18dc00

Request headers

Referer
https://nordot.app/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Wed, 31 Jan 2024 00:33:37 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
content-length
84
prebid
ib.adnxs.com/ut/v3/ 		140 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
288e3d972d4c5053af91f1c8d8eb04252f3fa1de9345643d7057d39259240188
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:36 GMT
an-x-request-uuid
b9f028af-43af-4925-8032-ca69bfe63bad
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
s-rtb-pb.send.microad.jp/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		403 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=445630&zone_id=2572862&size_id=15&rp_schain=1.0,1!didna.io,494n1p165,1,,,&eid_criteo.com=oXE0sl85dHFkUWJYTGxxSCUyQjlJMlIxcTElMkIwa1R2MmNLaGxwOHZIM0VEVk04bmRxUFM3RlExYjJwSVNOYU9rZTBSUWM5OHQlMkZSUlc0OHFHeENicUNtaXgzbXlLdyUzRCUzRA%5E1&eid_neustar.biz=E1%3A5KmPQ0fHNfOa5zoLPq46Jo2arKKd2f8N9fEaRinFksn-whfkCkuVXHrNKt9wTwd3WDIS4jLdZiMiZaP76k5iLjvn3Oehh9fRnPPg9T234PEvjIvtcTEoP8LhA1njWy--%5E1&eid_pubcid.org=3e07f463-6ade-42d7-98d6-fd85d3c5c3cc%5E1&rf=https%3A%2F%2Fnordot.app%2F1103463313237606400&kw=BANGShowbizEnglish%2Ckatemiddleton%2Ccatherineprincessofwales%2Cprincewilliam%2Cmegbellamy%2Cen&tg_i.domain=nordot.app&tg_i.page=https%3A%2F%2Fnordot.app%2F1103463313237606400&tg_i.name=nordot-app&tg_i.pbadslot=%2F126379976%2Fdesktop%2Fad_rectangle_1%23ad_rectangle_1&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=216c955db131c9be&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F126379976%2Fdesktop%2Fad_rectangle_1%23ad_rectangle_1&slots=1&rand=0.804211287987354
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7af9077acb7394c2dd8f17beb7247f50e4c9ab42d1c4b184c125fb57f1453c2d

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
403
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/ 		0
0
prebid-request
onetag-sys.com/ 		15 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://nordot.app
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
auction
pbs.nextmillmedia.com/openrtb2/ 		5 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/openrtb2/auction
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.15.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-15-249.compute-1.amazonaws.com
Software
/
Resource Hash
ca692845f7ef7dc5350cfe9bc3e6a21d445e891249fdf76737fa644182d25800

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:37 GMT
accept-ch
Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
x-prebid
pbs-go/42.17.0
vary
Origin
content-type
application/json
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
65686dbe623fb8a7bb1324d7
exchange.kueezrtb.com/prebid/multi/ 		0
0
prebid
mp.4dex.io/ 		0
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:37 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://nordot.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84dddd3e2962a202-YYZ
expires
0
unruly_prebid
targeting.unrulymedia.com/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
colossusssp.com/ 		2 B
134 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.69.132 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:37 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
cdb
bidder.criteo.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=139&profileId=185&av=36&wv=8.21.0&cb=37768540197
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
52682033ea6af1bc75522a845aef7578f4dec6f198da595518939d8bd5f2d535
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
bid
ap.lijit.com/rtb/ 		25 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by
Host: nordot.app
URL: blob:https://nordot.app/b2d9c9b0-683c-430a-874a-2ef8c0eee33f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.1.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-1-24.compute-1.amazonaws.com
Software
/
Resource Hash
ec8db144347791e7556dc8789a83360f4ec075961e060b35863a43fc12fdf3ff

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 31 Jan 2024 00:33:37 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
25
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&placements=29917;29915
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:36 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidRequested&bidder=nextMillennium&source=pbjs&placements=29915
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:37 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&placements=29917
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:37 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=noBid&bidder=nextMillennium&source=pbjs&placements=29915
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:37 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
metric
report2.hb.brainlyads.com/statistics/ 		463 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report2.hb.brainlyads.com/statistics/metric?event=bidResponse&bidder=nextMillennium&source=pbjs&placements=29915
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-92-154.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:33:37 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1cf-XHssOe1+WUPy43P3Ckt9sJ3fhf4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
463
events
bidder.criteo.com/csm/ 		0
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:36 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
events
bidder.criteo.com/csm/ 		0
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:36 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
events
bidder.criteo.com/csm/ 		0
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://nordot.app
date
Wed, 31 Jan 2024 00:33:36 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nordot.app
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
ads
securepubads.g.doubleclick.net/gampad/ 		39 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1474800332291219&correlator=3472982899900311&eid=31079956%2C31080335%2C44807747&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=126379976%2Cdesktop%2Cad_billboard_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&ifi=4&didk=3921174633&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D92894da90665411c%3AT%3D1706661199%3ART%3D1706661199%3AS%3DALNI_MZF0Dmg_X5WcwdluVFl0mSTM0h2XA&gpic=UID%3D00000dbc3c24cc40%3AT%3D1706661199%3ART%3D1706661199%3AS%3DALNI_MZFnXc9xiVWCEAINDdbGvv2L6GuRQ&abxe=1&dt=1706661218708&lmt=1706661218&adxs=316&adys=115&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&vis=1&psz=972x314&msz=970x250&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=438721024.1706661200&ga_sid=1706661200&ga_hid=474348586&ga_fc=false&a3p=EhkKCnVpZGFwaS5jb20YgOm859UxSABSAghkEhsKDGlkNS1zeW5jLmNvbRimxL3n1TFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGLKyvefVMUgAEjsKCnB1YmNpZC5vcmcSJDNlMDdmNDYzLTZhZGUtNDJkNy05OGQ2LWZkODVkM2M1YzNjYxip6bzn1TFIABIdCg5lc3AuY3JpdGVvLmNvbRj_6Lzn1TFIAFICCGQSwgEKCHJ0YmhvdXNlEqwBOSsvMDVNSTlyY2czRXRIa21pU2ZwLzNRa3NQSkhQUTBTb1dhcGhXQ29rLzN3TGVzVjhQU2V6cEc4NkE4Z3dXaTdneWFzcTlUS1puUU9tZG9PRjZhUzB4QnhhK0ZYQ2VaVTlWTFRrdFkyeVJhMmQ3WUdlSDdYMFMwZmxrV3cvUTVmdVNzeFhoQkl2UWhXLzFORXBnc1g0MDBpUzZhb2krNG84Sm42WkJQVEpJPRjNp73n1TFIABIUCgVvcGVueBiolL3n1TFIAFICCG8.&dlt=1706661195206&idt=457&prev_scp=auid%3Dad_billboard_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dtrue%26refresh-iteration%3D1%26amznbid%3Dvkun0g%26amznp%3D1wtu4n4%26amzniid%3DJGb59oDB4S60PVWyYKdAJIsAAAGNXO-C5gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICBRJfw0%26amznsz%3D970x250%26amznactt%3DOPEN&cust_params=iab%3Diab17%26pub%3Dglobal%26path%3D%252F%26chunitid%3D641577452118279265%26cuunitid%3D0&adks=2439979591&frm=20&eo_id_str=ID%3D0cb9b18b8705afe1%3AT%3D1706661199%3ART%3D1706661199%3AS%3DAA-AfjbnzNfqmWrhS7NpHMZix5_m
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
51c8cb746d4f228b4e000de4ddb990cc1caf285086dc66053093bdd679d8da52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16630
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		414 B
173 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1474800332291219&correlator=4230808271483001&eid=31079956%2C31080335%2C44807747&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=126379976%2Cdesktop%2Cad_halfpage_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=5&didk=3864841234&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D92894da90665411c%3AT%3D1706661199%3ART%3D1706661199%3AS%3DALNI_MZF0Dmg_X5WcwdluVFl0mSTM0h2XA&gpic=UID%3D00000dbc3c24cc40%3AT%3D1706661199%3ART%3D1706661199%3AS%3DALNI_MZFnXc9xiVWCEAINDdbGvv2L6GuRQ&abxe=1&dt=1706661218830&lmt=1706661218&adxs=986&adys=894&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=438721024.1706661200&ga_sid=1706661200&ga_hid=474348586&ga_fc=false&a3p=EhkKCnVpZGFwaS5jb20YgOm859UxSABSAghkEhsKDGlkNS1zeW5jLmNvbRimxL3n1TFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGLKyvefVMUgAEjsKCnB1YmNpZC5vcmcSJDNlMDdmNDYzLTZhZGUtNDJkNy05OGQ2LWZkODVkM2M1YzNjYxip6bzn1TFIABIdCg5lc3AuY3JpdGVvLmNvbRj_6Lzn1TFIAFICCGQSwgEKCHJ0YmhvdXNlEqwBOSsvMDVNSTlyY2czRXRIa21pU2ZwLzNRa3NQSkhQUTBTb1dhcGhXQ29rLzN3TGVzVjhQU2V6cEc4NkE4Z3dXaTdneWFzcTlUS1puUU9tZG9PRjZhUzB4QnhhK0ZYQ2VaVTlWTFRrdFkyeVJhMmQ3WUdlSDdYMFMwZmxrV3cvUTVmdVNzeFhoQkl2UWhXLzFORXBnc1g0MDBpUzZhb2krNG84Sm42WkJQVEpJPRjNp73n1TFIABIUCgVvcGVueBiolL3n1TFIAFICCG8.&dlt=1706661195206&idt=457&prev_scp=auid%3Dad_halfpage_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dtrue%26refresh-iteration%3D1%26amznbid%3D2%26amznp%3D2&cust_params=iab%3Diab17%26pub%3Dglobal%26path%3D%252F%26chunitid%3D641577452118279265%26cuunitid%3D0&adks=3196454924&frm=20&eo_id_str=ID%3D0cb9b18b8705afe1%3AT%3D1706661199%3ART%3D1706661199%3AS%3DAA-AfjbnzNfqmWrhS7NpHMZix5_m
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
0723ed2c0369c9d2aabbabc19f5476494c8b9413d3c95a0670e5e11d06a4b6e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		415 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1474800332291219&correlator=8180054490602&eid=31079956%2C31080335%2C44807747&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=126379976%2Cdesktop%2Cad_rectangle_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=6&didk=1024703862&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D92894da90665411c%3AT%3D1706661199%3ART%3D1706661199%3AS%3DALNI_MZF0Dmg_X5WcwdluVFl0mSTM0h2XA&gpic=UID%3D00000dbc3c24cc40%3AT%3D1706661199%3ART%3D1706661199%3AS%3DALNI_MZFnXc9xiVWCEAINDdbGvv2L6GuRQ&abxe=1&dt=1706661218930&lmt=1706661218&adxs=986&adys=894&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=438721024.1706661200&ga_sid=1706661200&ga_hid=474348586&ga_fc=false&a3p=EhkKCnVpZGFwaS5jb20YgOm859UxSABSAghkEhsKDGlkNS1zeW5jLmNvbRimxL3n1TFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGLKyvefVMUgAEjsKCnB1YmNpZC5vcmcSJDNlMDdmNDYzLTZhZGUtNDJkNy05OGQ2LWZkODVkM2M1YzNjYxip6bzn1TFIABIdCg5lc3AuY3JpdGVvLmNvbRj_6Lzn1TFIAFICCGQSwgEKCHJ0YmhvdXNlEqwBOSsvMDVNSTlyY2czRXRIa21pU2ZwLzNRa3NQSkhQUTBTb1dhcGhXQ29rLzN3TGVzVjhQU2V6cEc4NkE4Z3dXaTdneWFzcTlUS1puUU9tZG9PRjZhUzB4QnhhK0ZYQ2VaVTlWTFRrdFkyeVJhMmQ3WUdlSDdYMFMwZmxrV3cvUTVmdVNzeFhoQkl2UWhXLzFORXBnc1g0MDBpUzZhb2krNG84Sm42WkJQVEpJPRjNp73n1TFIABIUCgVvcGVueBiolL3n1TFIAFICCG8.&dlt=1706661195206&idt=457&prev_scp=auid%3Dad_rectangle_1%26adLocation%3Datf%26didna_vis%3Dtrue%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D9%26hb_adid%3D23800fb9d7c9e3ae%26hb_bidder%3DnextMillennium%26didna_refr%3Dtrue%26refresh-iteration%3D1%26amznbid%3D2%26amznp%3D2&cust_params=iab%3Diab17%26pub%3Dglobal%26path%3D%252F%26chunitid%3D641577452118279265%26cuunitid%3D0&adks=4065996199&frm=20&eo_id_str=ID%3D0cb9b18b8705afe1%3AT%3D1706661199%3ART%3D1706661199%3AS%3DAA-AfjbnzNfqmWrhS7NpHMZix5_m
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
96ac32cb0fa23aec421d39cab3fe9dba1ed57944577b0903660ed6c4966d566d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nordot.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9822 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nordot.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:33:39 GMT
expires
Thu, 30 Jan 2025 00:33:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.us.criteo.com/delivery/r/ Frame F98C 		205 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.65 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
cee393b224f2d24ee4edd7a965ee9c12a9c822c46836fbd526082ed10fa905d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:33:38 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=jidrbIdZE_Ax8bGC-I-v8S0m0dkkX5eMg782nW8uBV0g79o-FHV1Ap7ytYPYa_usnSxBcQLcZU497UVCvFFCmj97a_4ZNxXBHpZI_ZGdfOVzI41hjbzf2lKyh9jG_iho08PhMOeQLGJM4NprqU2TMs3gWwOIzZS36AnNR5dXJj8GCtMBaornqnwF0YgjSuRWFsX9r4BU5SvTqOdf2VgtlfX_rJSt1QAvLM1cP-WUzD5osC5t02DSiFjlQYBntMTI-u0zIA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
74639285
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9822 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 17:38:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
24887
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 17:38:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C79E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
44573
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 12:10:46 GMT
etag
48472445140208031
expires
Wed, 31 Jan 2024 12:10:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9822 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
24455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 17:46:04 GMT
l
www.google.com/ads/measurement/ Frame 9822 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDF3v9o5AIhbBLMmfOGfuAlxk9F5CeVvgH6BrKkUFjzXCTTXfnXGg9wtvuQuzw2XPaMn1S-jGcEZazKSoJrItuzQo3uw
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9822 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 09:27:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
140776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Jan 2025 09:27:23 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9822 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:33:39 GMT
truncated
/ Frame 9822 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d9438473df6837d2beb62526ed451d900736f60122b2cf9ad44072dc8d8d637

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame C79E
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELsN_-q780SeVhLGRcvugog&google_cver=1&google_push=AXcoOmTP4jrWJh_dIly_OxScEmaDmjE1DP_QZ8PlDcSTfKGsNIeC2uY...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=78f7e473c7406f8&is_secure=true&networkId=14000&version=1&google_gid=CAESELsN_-q780SeVhLGRcvugog&google_cver=1&google_push=AXcoOmTP4jrWJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAANBHjHa4yixQNvj-wAAAAAAAA&expiration=1706747619&google_cver=1&is_secure=true&google_gid=CAESELsN_-q780SeVhLGRcvug...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAANBHjHa4yixQNvj-wAAAAAAAA&expiration=1706747619&google_cver=1&is_secure=true&google_gid=CAESELsN_-q780SeVhLGRcvugog&google_push=AXcoOmTP4jrWJh_dIly_OxScEmaDmjE1DP_QZ8PlDcSTfKGsNIeC2uYW16GtsmUiaMgz2KJCkNph_AwavJW7Lmu6XhOOPnWyBt3l
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:39 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAANBHjHa4yixQNvj-wAAAAAAAA&expiration=1706747619&google_cver=1&is_secure=true&google_gid=CAESELsN_-q780SeVhLGRcvugog&google_push=AXcoOmTP4jrWJh_dIly_OxScEmaDmjE1DP_QZ8PlDcSTfKGsNIeC2uYW16GtsmUiaMgz2KJCkNph_AwavJW7Lmu6XhOOPnWyBt3l
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame C79E 		0
0
pixel
cm.g.doubleclick.net/ Frame C79E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMGOrh9ON7mASXreDC6fFyk&google_cver=1&google_push=AXcoOmTWMD3K6NPxT1XCeFVIyLaur0ZFeuYWeR_ULCoZ0HzLJxlKhqK89zCH_1UhS8nrnGlbUemGm8gy...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMGOrh9ON7mASXreDC6fFyk&google_cver=1&google_push=AXcoOmTWMD3K6NPxT1XCeFVIyLaur0ZFeuYWeR_ULCoZ0HzLJxlKhqK89zCH_1UhS8nrnGlbUem...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI2NTA4NDA2OTQ1NjkwODcxOQ&google_push=AXcoOmTWMD3K6NPxT1XCeFVIyLaur0ZFeuYWeR_ULCoZ0HzLJxlKhqK89zCH_1UhS8nrnGlbUemGm8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI2NTA4NDA2OTQ1NjkwODcxOQ&google_push=AXcoOmTWMD3K6NPxT1XCeFVIyLaur0ZFeuYWeR_ULCoZ0HzLJxlKhqK89zCH_1UhS8nrnGlbUemGm8gy0BiymTihmVcT7NiAAcPF
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjI2NTA4NDA2OTQ1NjkwODcxOQ&google_push=AXcoOmTWMD3K6NPxT1XCeFVIyLaur0ZFeuYWeR_ULCoZ0HzLJxlKhqK89zCH_1UhS8nrnGlbUemGm8gy0BiymTihmVcT7NiAAcPF
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame C79E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIovY4mUyeCzctffAMQtons&google_cver=1&google_push=AXcoOmQ7lpUq4tSy-6STIycmpTnvUVzWNsxrNz4awthSbSPPq6QoC2jTeme10R5ZbTpLa6A8b9A...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxMjBFUVItUi1CU09T&google_push=AXcoOmQ7lpUq4tSy-6STIycmpTnvUVzWNsxrNz4awthSbSPPq6QoC2jTeme10R5ZbTpLa6A8b9AR3u39oGr8xBLtbswmJBezZIjt
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxMjBFUVItUi1CU09T&google_push=AXcoOmQ7lpUq4tSy-6STIycmpTnvUVzWNsxrNz4awthSbSPPq6QoC2jTeme10R5ZbTpLa6A8b9AR3u39oGr8xBLtbswmJBezZIjt
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFMxMjBFUVItUi1CU09T&google_push=AXcoOmQ7lpUq4tSy-6STIycmpTnvUVzWNsxrNz4awthSbSPPq6QoC2jTeme10R5ZbTpLa6A8b9AR3u39oGr8xBLtbswmJBezZIjt
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
Expires
0
ggl
ads.avads.net/sync/ Frame C79E 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.avads.net/sync/ggl?google_gid=CAESEJpwqz4pQPELvDB5JuQo0Bk&google_cver=1&google_push=AXcoOmSuc-x0X8FwVx4ZMIJ-dZN7_zBNBlTkTMmhXAZ6u-a2gxNBXZANd8PTsXUouDG0Tj6J0SUxoLM0BkZMOvUI08NaO5R5X5Z3cA
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.207.25 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

location
date
Wed, 31 Jan 2024 00:33:39 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
content-length
0
pixel
cm.g.doubleclick.net/ Frame C79E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENQJmIlDTOor3Gorc-mrL6M&google_cver=1&google_push=AXcoOmQM53r9XS0ie...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjI0NTI3MDQ3MDcxMTgwODg4OA%3D%3D&google_gid=CAESENQJmIlDTOor3Gorc-mrL6M&google_cver=1&google_push=AXcoOmQM53r9XS0ieeMST3bKtwkLEcYEyI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjI0NTI3MDQ3MDcxMTgwODg4OA%3D%3D&google_gid=CAESENQJmIlDTOor3Gorc-mrL6M&google_cver=1&google_push=AXcoOmQM53r9XS0ieeMST3bKtwkLEcYEyIxOzvyrfhshrb5BgZOYJqHGTp8Cd6hqifeXbU4A_JV4wXCnpyAsbEkiaMNr9bWDS5ukdQ
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:39 GMT
an-x-request-uuid
c6a88ca5-49c5-4124-9311-672bdcc6a46a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjI0NTI3MDQ3MDcxMTgwODg4OA%3D%3D&google_gid=CAESENQJmIlDTOor3Gorc-mrL6M&google_cver=1&google_push=AXcoOmQM53r9XS0ieeMST3bKtwkLEcYEyIxOzvyrfhshrb5BgZOYJqHGTp8Cd6hqifeXbU4A_JV4wXCnpyAsbEkiaMNr9bWDS5ukdQ
x-proxy-origin
37.19.212.43; 37.19.212.43; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C79E
Redirect Chain
  • https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEGRu9OQc9yuht28d6YuaGg0&google_cver=1&google_push=AXcoOmRVFz2I2-rlagfZXZmlOqbsMM2z-Jg3Y6TsOrBN5YIvOe3jvn0Fsw8GCGHrPmvgdsFfaCjn47ILImX2WeZW8Fdkze...
  • https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmRVFz2I2-rlagfZXZmlOqbsMM2z-Jg3Y6TsOrBN5YIvOe3jvn0Fsw8GCGHrPmvgdsFfaCjn47ILImX2WeZW8FdkzeL1xA2zYA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmRVFz2I2-rlagfZXZmlOqbsMM2z-Jg3Y6TsOrBN5YIvOe3jvn0Fsw8GCGHrPmvgdsFfaCjn47ILImX2WeZW8FdkzeL1xA2zYA
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=2592000
server
nginx
content-security-policy-report-only
default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
content-language
en-CA
location
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmRVFz2I2-rlagfZXZmlOqbsMM2z-Jg3Y6TsOrBN5YIvOe3jvn0Fsw8GCGHrPmvgdsFfaCjn47ILImX2WeZW8FdkzeL1xA2zYA
x-yak-request-id
1706661220284-79d9d0d880914bde11b8431bc639bb3b
yak-timeinfo
1706661220284|3
cip
37.19.212.43
alt-svc
h3=":443"; ma=604800
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame C79E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_Nx8LBacgUZJT88vdQcMVCKGUS_QPsSkRPrJk2AW1g-E9pdJ5gRhMlVagmh6hjmxOIX4yFe8t
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame F98C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:33:39 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame F98C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:33:39 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame F98C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 25 Jan 2025 00:33:39 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame F98C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 25 Jan 2025 00:33:39 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame F98C 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=Pk3BvtGsmfUz-o0fbsfgEX4rGuY517Tcrpy53LdBexapmVXkUOEcFb9knWGZ_9lowEHqgBtP8w9EsEDYncjC9HhKJAOJHSFdc6uJyU46giq2LWYHX38SPXIaw0pmAFDzvEEGu1tr1fGSLfVuFxiqQJqHJDmUKhFO6dTll4WMf2Cqw9s2WjObLHvZaGqBwuwwP0gZXIXudAstvpplJu801NpY4F_wgUofVkQM1T56V-3AGhY7lGvOkbAKPFfWqdK_YhrPkELEphcyzxD66M1HFppf2Jmkphu7sLOLpxaN9iMGZ6WACcRtpj3J0uEOPfq5L4HkRBRko6DhLATEkT9aWUvGx2WrqlaGe1wIwO5LgetWbrTwGpeQAMbEbZswxhTgFfgON5NUf9xZXNfRPem1ieA4q_N-2-WWeKaXN-10sqRAkfWG4a4ZK6ltv3FYOoVc6ik_Sw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2668504
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F98C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7835766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BGPUoAwCNMdKZDGqKMJQzXRKu8%2BsI9uEtdDgrOLnNZ3AQ2o6zd1%2BvVhVKOIuAkkLBasCL3exn73QAN68V2uDZ5eZuZCoWk%2F8hc%2FsmYg4SA6%2BetNWVjphBT3p5zezogcbaAU3XGd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84dddd4d8c63a23b-YYZ
expires
Mon, 20 Jan 2025 00:33:39 GMT
animejs.js
static.criteo.net/animejs/ Frame F98C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:33:39 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?h=496&m=0&partner=96594&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F96594%2F220812%2F14f98d06f6be4e3f924b906acbc2a64a_logo_moores_logotype_eng-fr_rgb_blk.png&v=3&w=356&rid=4&s=vd2pIw38gfBU2MOZpFT9xaGB
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
704856bd548c203f7ed684bfff8c025b3e8d904b7a01167f52ae7055ec8035e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
4541
expires
Fri, 03 Jan 2025 03:09:56 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F40FX_02_NUNN_BUSH_BOOTS_BROWN_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=5ovAGQgfNMLDEzcSk_AHkGUE&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ce6562305ef8b622be0575cc1136a87f4a2a6be8ee307854e70a670362d08b67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
29444
expires
Wed, 31 Jan 2024 00:45:57 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F40FY_01_NUNN_BUSH_BOOTS_BLACK_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=mo2ujwCkrnNbS10gQSWPGhUj&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
f934a2861322881ef8660fc0c849379fd8722eb0eca55abbaec1b3a2c7829ae1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
21076
expires
Wed, 31 Jan 2024 00:33:56 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F83K1_01_CALVIN_KLEIN_UNDERWEAR_WHITE_SOLID_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=uxbn_COlOAqhESdDLrJijCC9&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
fdf3f101547881f9f4a3a40bce5c2cc9c0b977893c473b4e6e7653a0fa29eaf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
14974
expires
Wed, 31 Jan 2024 00:34:05 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F37K6_31_LAUREN_BY_RALPH_LAUREN_SUIT_SEPARATE_PANTS_NAVY_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=FzPc0JClsj4xoICxY6K-KZy3&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ed1fb51802ae35cf63c5670e375135e8b68a8200c6ae2ef79a5748549435061a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
5232
expires
Wed, 31 Jan 2024 00:35:09 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F37X2_11_EGARA_SUIT_SEPARATE_PANTS_CHARCOAL_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=50TXAp8jOYt_G4lhBXYUSd2B&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
6fddb43fae6bf8f7ff3d4bf9fe3422fc8dc1e5471ae1616686562c3c7ddeb465
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
13606
expires
Wed, 31 Jan 2024 00:42:57 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F83K1_45_CALVIN_KLEIN_UNDERWEAR_BLACK_SOLID_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=B1c7HdR1m3pA54UnprdUMtkS&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
2045dc903e8140c3937e5a5f577a8145707f0f0fe80980eb191f3c782fff8011
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
15488
expires
Wed, 31 Jan 2024 00:39:09 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F37K4_31_LAUREN_BY_RALPH_LAUREN_SUIT_SEPARATE_JACKETS_NAVY_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=kRbRid2uPWMtRBglz65A7iOC&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
3d160f18c4ab0e4cc4dc1352a8a34a3a1c27ef245b8497a9d1691abb48a8fdcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
13734
expires
Wed, 31 Jan 2024 00:35:14 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F31C3_01_PRONTO_UOMO_PLATINUM_SUIT_SEPARATE_PANTS_BLACK_SOLID_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=TXXGs5MubUYJoeLWn0tFqUTV&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
d59232b2d65a6bedba07ac0efe4e6f1b008f5f4e04baeae1d5eb80a2c3d533e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
6748
expires
Wed, 31 Jan 2024 00:44:22 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F37UP_41_TRAVELER_SUIT_SEPARATE_PANTS_BLUE_TIC_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=79ROmouxhs3Qfzdz-kQ2eIuZ&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
bf7445a84b2c5bc2bc8a80d3e13cd191b74f612bee6a7e38c85b108cf2ff4521
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
13780
expires
Wed, 31 Jan 2024 00:37:43 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F40GH_01_COTTAGE_COLLECTION_SLIPPERS_BLACK_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=0rPgiZqr4hxf33Q5BEuk8h2n&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
c905ee95e5d18a317f419fa47bced19c81165059f9bffbf5f85b8bc15baf11a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
18146
expires
Wed, 31 Jan 2024 00:47:57 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F40DF_04_FLORSHEIM_DRESS_SHOES_COGNAC_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=9ZmiW1JavxJ6k8uckoH8m4jl&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
9f0c86609facb4f4dde17f7f68b91a55e9fe141b1d9651aadd64a578b4c017b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
21544
expires
Wed, 31 Jan 2024 00:42:49 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F715R_45_PAISLEY_AND_GRAY_TOPCOATS_GREY_SOLID_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=GDio0-0XiaCZZ-z_bhvckCFe&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
cab39e515392adfe3a713cc442fadd75182e27a1c5a90d20519a9bed3fdd2ae4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
26906
expires
Wed, 31 Jan 2024 00:46:12 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F37KT_28_LAUREN_BY_RALPH_LAUREN_2_PIECE_SUITS_GREY_PLAID_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=0DssXSLKoLlBtRcbUWYUzC-S&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
5f6869fca1b7c19d84736dc6b9dbc7f763f8719ac0acd009d792b8634a9110f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
17448
expires
Wed, 31 Jan 2024 00:36:32 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F714E_45_JOSEPH_ABBOUD_HERITAGE_WOOL_COATS_GREY_SOLID_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=NBK3Locx5r5VBK6XogPHyOYv&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
f88f306e7926260f6b9faca43b97a86be4ff58acbad1740d19367da45d86ca97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
21846
expires
Wed, 31 Jan 2024 00:40:06 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F716R_25_CALVIN_KLEIN_TOPCOATS_NAVY_SOLID_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=jdLXhKrdenAa2psV-CABWGS0&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
53952db058c5e69f14e066a7dd383ef6421150a2224662acd9bdb68dc0dc2247
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
11698
expires
Wed, 31 Jan 2024 00:44:02 GMT
img
imageproxy.us.criteo.net/img/ Frame F98C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F386D_09_EGARA_SUIT_SEPARATE_JACKETS_BLACK_WINDOWPANE_MAIN%3F%24browse_thumbnail%24&v=3&w=400&rid=4&s=oMNQ0iMX6aIXscTp2NXsXFZc&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.80 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
1e20957e4427e1ff5353f2d8a78358e59abd92cb45b05379086c90859756945f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=900
timing-allow-origin
*
content-length
16474
expires
Wed, 31 Jan 2024 00:43:02 GMT
all
csm.us.criteo.net/ Frame F98C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=jidrbIdZE_Ax8bGC-I-v8S0m0dkkX5eMg782nW8uBV0g79o-FHV1Ap7ytYPYa_usnSxBcQLcZU497UVCvFFCmj97a_4ZNxXBHpZI_ZGdfOVzI41hjbzf2lKyh9jG_iho08PhMOeQLGJM4NprqU2TMs3gWwOIzZS36AnNR5dXJj8GCtMBaornqnwF0YgjSuRWFsX9r4BU5SvTqOdf2VgtlfX_rJSt1QAvLM1cP-WUzD5osC5t02DSiFjlQYBntMTI-u0zIA&sds=2&rev=90409&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F98C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:33:39 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame F98C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:33:39 GMT
opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame F98C 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:33:39 GMT
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame F98C 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:33:39 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 25 Jan 2025 00:33:39 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: nordot.app
URL: https://nordot.app/1103463313237606400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nordot.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 25 Jan 2025 00:33:39 GMT
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame F98C 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.us.criteo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:33:39 GMT
opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame F98C 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin
https://ads.us.criteo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-3ff4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jan 2025 00:33:39 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9822 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0OVHtyF9VMVaX1nTXbCCvTaUwNHfjApH3KrTKGsGJYIIuTDZyqIBcMZqyu_5zQZqHYvB6lm0xWEMTurKZ1qgJI_MI-EoodBsb-obtkT0NSBaZM_zmSska0M7wdhujU7Q&sig=Cg0ArKJSzE6_58t_xtxcEAE&id=lidar2&mcvt=1000&p=114,315,364,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2439979591&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170666121900&rst=1706661219015&rpt=354&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:33:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.us.criteo.net/ Frame F98C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=jidrbIdZE_Ax8bGC-I-v8S0m0dkkX5eMg782nW8uBV0g79o-FHV1Ap7ytYPYa_usnSxBcQLcZU497UVCvFFCmj97a_4ZNxXBHpZI_ZGdfOVzI41hjbzf2lKyh9jG_iho08PhMOeQLGJM4NprqU2TMs3gWwOIzZS36AnNR5dXJj8GCtMBaornqnwF0YgjSuRWFsX9r4BU5SvTqOdf2VgtlfX_rJSt1QAvLM1cP-WUzD5osC5t02DSiFjlQYBntMTI-u0zIA&sds=2&rev=90409&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&u=%7CKpsyyC%2FZS9aIw9FaaGsaqFLrj51wNjQ908YibYSPSig%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlzYYps7vJAwTFTvLUvKsEppzVwt1nV9p42olo2INbwkGC-dS9kAnZPozEG1yvXuIdmaeXXsaA3j4khz_8msIuXTNmIMAc4caiR-ywRN2Cra82MKyEqW4elzLXSXLYwOXbe0Hr-7v81DVwsog7BNWGBJaLHIB2TfXHdBeAygeMMKytyd0FCLJ9UxU1sUriHhIXg3J597UHySEive956VyHklul7Qnavk8tEDsMfN8xrj0g8F9niuVwch1Lz4bjl_SrP684dG24MkoiCAiBtS6O4wSsLKsJWXA2U8DXZ2reQgRmgexcNs7P4zc-nOsxtZR-3fhtO97jb2AWlRqIpAii03N1vcOKL2VRgXC9-f2uds3JNM6nL2qFdhvaqj9l5Jp4H8qoVfDkLB3vWvo-MUCxfjjFqB3WrwtURHIMrLNyePM5lVeNv0ILC8uljuvx1sMLbIhi6ld3hOgdXS97Kwx4PJHv7UPWkWR31mnrkLCN3-7SYKJ6huwKZ8Cudprb1uOllvm46UlDVFn_1bvaCJkb-YiD9b5f0Y9oxlKP9ZXC75Pn0ZnlrTFqIoKcJSipFVFPvwI5Mur-l0ldHNlneHQIz3ghw4LPZE0yHl9vXHCYDQpL9FceKsvoW4PJ3bqPgOrfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgbyFYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKkCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXKBusgl_UiLyTVoNOi2jtvCZtY7xvpj_uHwL51h7Ekn8mwfhmWwkdnf4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwE%26num%3D1%26sig%3DAOD64_2IJB2hs7COLCaG3ikB-_BgT078bw%26client%3Dca-pub-5072240791770582%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 31 Jan 2024 00:33:40 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 9822 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CLcArYpW5ZaSOL-a-o9kPz-OPmAycge-wXKLKp6p0wI23ARABIABg_YiUgegDggEXY2EtcHViLTUwNzIyNDA3OTE3NzA1ODLIAQngAgCoAwHIAwKqBKYCT9AryI-zYlIzH8OSSwaGy0vWuNyUygtdlfvKgFvjbd4AQNviuKFqX3tLgGNElvqDpOpLFA4-8KzTqTRsgQ2noVC2WwQKOt5wmLnL4DS4aMnGLaSt2cqMoahB6tunacEeQuwRRzTUD2LTLXuDpxeqm9Z-K9tGJhtlJzccYXm2IqSFAMrJq2oD9kG_7y0K8rG2H0Ae8Sn1JGrBn9g1KQD1UOvE_kv6-eWqUWsSewFkJXLHAZqxHeh3oWOQCyrbPFLZZInHOPnDf6M-Nt1FN3QzFgftK9NdpHIsvp8ZvJb4C7ovKMPDg_42k1pNJFkOpiHoch9GF1mpQeP1uF7xjRlnqXLDuOi3O_Vgs7yDCzw6tzxm19kTz9R7OnoDVRSoUlcL6u3bElxX4AQBgAaV6IHuiNmRr0CgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYrYrIvbCGhAOACgP6CwIIAYAMAeINEwjxtsi9sIaEAxVm3ygFHc_xA8PQFQGAFwGyFxwKGhIUcHViLTUwNzIyNDA3OTE3NzA1ODIY4Joh&sigh=ekhqGP3TrXc&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_MNYS7wAgqvLAeu5J4BjEDOxtFzmnGapOocJApJo8kHDKfXqX6QbUfRnMM9Su23X3oYGtyWX6yRgB&cbvp=2&vis=1
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame 9822 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k_C6FOL_CsoH-gHiIp0XAgAAAItrJpHvWJswxlQQ_3USlloQYpW5ZaLTLKnutgyNkbQAABIAAAoKQVFVRENnRUJDZw&wp=ZbmVYgALxyQFKN9mAAPxz4raHLGYJ9NJBO82dQ&cbvp=2
Requested by
Host: e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.130 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:33:41 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
199774
server
Kestrel
content-length
0
event
log.nordot.jp/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-cloud-trace-context
27daa58d5ce97c3f79be82ed3092cdfd
date
Wed, 31 Jan 2024 00:33:41 GMT
server
Google Frontend
content-length
0
content-type
text/html
event
log.nordot.jp/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.nordot.jp/event
Requested by
Host: log.nordot.jp
URL: https://log.nordot.jp/js/beacon-1.1.0.js?2020083101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f121.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nordot.app/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-cloud-trace-context
ae317940ce52f3969c51c8b91bb090a7
date
Wed, 31 Jan 2024 00:33:46 GMT
server
Google Frontend
content-length
0
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
onetag-sys.com
URL
https://onetag-sys.com/prebid-request
Domain
exchange.kueezrtb.com
URL
https://exchange.kueezrtb.com/prebid/multi/65686dbe623fb8a7bb1324d7
Domain
s-rtb-pb.send.microad.jp
URL
https://s-rtb-pb.send.microad.jp/prebid?spot=62adce24723708f043e68c9a1f99ef56&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=14eaa78998d632&transaction_id=undefined&media_types=3&cbt=7ce901729471ac018d5cef2fff&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%223e07f463-6ade-42d7-98d6-fd85d3c5c3cc%22%7D%5D
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=44605782832&lsavail=1
Domain
s-rtb-pb.send.microad.jp
URL
https://s-rtb-pb.send.microad.jp/prebid?spot=bdab9c43160ecd0c3a19cf1006af2f91&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=233299022f22e18&transaction_id=undefined&media_types=3&cbt=4ee92268d31914018d5cef300a&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%223e07f463-6ade-42d7-98d6-fd85d3c5c3cc%22%7D%5D
Domain
s-rtb-pb.send.microad.jp
URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=2463101502adacc&transaction_id=undefined&media_types=3&cbt=17744509156423018d5cef300a&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%223e07f463-6ade-42d7-98d6-fd85d3c5c3cc%22%7D%5D
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
exchange.kueezrtb.com
URL
https://exchange.kueezrtb.com/prebid/multi/65686dbe623fb8a7bb1324d7
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=11984664839&lsavail=1
Domain
colossusssp.com
URL
https://colossusssp.com/?c=o&m=multi
Domain
onetag-sys.com
URL
https://onetag-sys.com/prebid-request
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
colossusssp.com
URL
https://colossusssp.com/?c=o&m=multi
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=51509488366&lsavail=1
Domain
exchange.kueezrtb.com
URL
https://exchange.kueezrtb.com/prebid/multi/65686dbe623fb8a7bb1324d7
Domain
s-rtb-pb.send.microad.jp
URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=78ae9739bd12b31&transaction_id=undefined&media_types=3&cbt=ab06cbde2a0df8018d5cef302f&aids=%5B%7B%22type%22%3A15%2C%22id%22%3A%223e07f463-6ade-42d7-98d6-fd85d3c5c3cc%22%7D%5D
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
onetag-sys.com
URL
https://onetag-sys.com/prebid-request
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
colossusssp.com
URL
https://colossusssp.com/?c=o&m=multi
Domain
exchange.kueezrtb.com
URL
https://exchange.kueezrtb.com/prebid/multi/65686dbe623fb8a7bb1324d7
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
colossusssp.com
URL
https://colossusssp.com/?c=o&m=multi
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
exchange.kueezrtb.com
URL
https://exchange.kueezrtb.com/prebid/multi/65686dbe623fb8a7bb1324d7
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
id5-sync.com
URL
https://id5-sync.com/api/config/prebid
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=26
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Domain
sync.kueezrtb.com
URL
https://sync.kueezrtb.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&ccpa=&coppa=
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub10101531197440
Domain
sync.bfmio.com
URL
https://sync.bfmio.com/sync?pid=187&uid=35FDC6AD-C189-4D48-AD94-B5C34D497FE2&gdpr=0&gdpr_consent=
Domain
sync-dmp.mobtrakk.com
URL
https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=adaptmx&bsw=ebf2b27d-a102-4d68-bd73-bbd2c20367ba
Domain
i.liadm.com
URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZbmVVprW8dtWEUcsNNASTgAA%26129&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
s-rtb-pb.send.microad.jp
URL
https://s-rtb-pb.send.microad.jp/prebid?spot=62adce24723708f043e68c9a1f99ef56&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=162d189dc5b07a73&transaction_id=undefined&media_types=3&cbt=1df39df5b468a8018d5cef81cc&aids=%5B%7B%22type%22%3A14%2C%22id%22%3A%22oXE0sl85dHFkUWJYTGxxSCUyQjlJMlIxcTElMkIwa1R2MmNLaGxwOHZIM0VEVk04bmRxUFM3RlExYjJwSVNOYU9rZTBSUWM5OHQlMkZSUlc0OHFHeENicUNtaXgzbXlLdyUzRCUzRA%22%7D%2C%7B%22type%22%3A15%2C%22id%22%3A%223e07f463-6ade-42d7-98d6-fd85d3c5c3cc%22%7D%5D
Domain
exchange.kueezrtb.com
URL
https://exchange.kueezrtb.com/prebid/multi/65686dbe623fb8a7bb1324d7
Domain
s-rtb-pb.send.microad.jp
URL
https://s-rtb-pb.send.microad.jp/prebid?spot=bdab9c43160ecd0c3a19cf1006af2f91&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=175fd8fb742e691&transaction_id=undefined&media_types=3&cbt=50b080d56c152c018d5cef8239&aids=%5B%7B%22type%22%3A14%2C%22id%22%3A%22oXE0sl85dHFkUWJYTGxxSCUyQjlJMlIxcTElMkIwa1R2MmNLaGxwOHZIM0VEVk04bmRxUFM3RlExYjJwSVNOYU9rZTBSUWM5OHQlMkZSUlc0OHFHeENicUNtaXgzbXlLdyUzRCUzRA%22%7D%2C%7B%22type%22%3A15%2C%22id%22%3A%223e07f463-6ade-42d7-98d6-fd85d3c5c3cc%22%7D%5D
Domain
s-rtb-pb.send.microad.jp
URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=176a7d2f35135262&transaction_id=undefined&media_types=3&cbt=dc1bbed05e51d0018d5cef8239&aids=%5B%7B%22type%22%3A14%2C%22id%22%3A%22oXE0sl85dHFkUWJYTGxxSCUyQjlJMlIxcTElMkIwa1R2MmNLaGxwOHZIM0VEVk04bmRxUFM3RlExYjJwSVNOYU9rZTBSUWM5OHQlMkZSUlc0OHFHeENicUNtaXgzbXlLdyUzRCUzRA%22%7D%2C%7B%22type%22%3A15%2C%22id%22%3A%223e07f463-6ade-42d7-98d6-fd85d3c5c3cc%22%7D%5D
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
exchange.kueezrtb.com
URL
https://exchange.kueezrtb.com/prebid/multi/65686dbe623fb8a7bb1324d7
Domain
s-rtb-pb.send.microad.jp
URL
https://s-rtb-pb.send.microad.jp/prebid?spot=0424f1ac630be70cae5b5f5f91fd6e4d&url=https%3A%2F%2Fnordot.app%2F1103463313237606400&referrer=null&bid_id=214020cf90a9def5&transaction_id=undefined&media_types=3&cbt=dc23b405d04a9818d5cef829d&aids=%5B%7B%22type%22%3A14%2C%22id%22%3A%22oXE0sl85dHFkUWJYTGxxSCUyQjlJMlIxcTElMkIwa1R2MmNLaGxwOHZIM0VEVk04bmRxUFM3RlExYjJwSVNOYU9rZTBSUWM5OHQlMkZSUlc0OHFHeENicUNtaXgzbXlLdyUzRCUzRA%22%7D%2C%7B%22type%22%3A15%2C%22id%22%3A%223e07f463-6ade-42d7-98d6-fd85d3c5c3cc%22%7D%5D
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
exchange.kueezrtb.com
URL
https://exchange.kueezrtb.com/prebid/multi/65686dbe623fb8a7bb1324d7
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGzGFKaxKyLCV0TX8x5K_DE&google_cver=1&google_push=AXcoOmRKzjR4psmtJsgUI1eZYgPFkADvXWZxLzmKYu40N9RFQF3xoIrwJ-ZqieQtoMreXuA1eT29pJz7h8-fsC_EeqL9O2u0OYB9

Verdicts & Comments Add Verdict or Comment

244 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| didna function| w_event function| createElementFromHTML function| stripScripts function| generateID function| shouldExclude function| checkScriptHead function| observe_mutation function| getCpcPrediction string| metaName object| pbjs object| adhUnitSettings object| devices number| len object| searchParams boolean| disableSticky number| policyRetry number| retryMax number| checkPolicy function| getUrlParameter function| getCookie function| policyAccepted function| inIframe object| DIDNA_CONFIG object| apstag function| $ function| jQuery function| _ object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue function| a0_0x12a9 function| a0_0x8d5d undefined| google_measure_js_timing string| contentURL string| no_script_tag object| data object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| regeneratorRuntime object| Criteo object| nmmRefreshCounts object| wpJsonRciWidget object| ua_result object| revcontent function| renderRCWidget object| google_tag_manager object| dataLayer object| owpbjsChunk object| owpbjs object| PWT function| dspCriteoRTUSCallback function| dspCMCallback object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTJmZWNiMzc0ZjY2OGM4MWxvYWRlcl9qcw== string| ZTJmZWNiMzc0ZjY2OGM4MWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady boolean| 45e0b1cd-6741-4ae9-9a2b-d56c05841547 object| YAHOO object| YJ_YADS function| YadsTimelineManager function| yadsTimelinePoolAds function| gAdController function| yadsDispatchDeliverProduct function| yadsRenderAd_v2 object| yadsInnerFuncs function| yadsRequestAsync object| sas object| apntag object| _ADAGIO number| google_unique_id object| gaGlobal object| ONFOCUS object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| hindsight boolean| hindsight_loaded object| __uid2SecureSignalProvider object| __uid2 object| criteo_pubtag object| criteo_identitytag_149 object| Criteo_identitytag_149 object| signal_decrypted object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| _33across object| platform object| nor boolean| adBlocked undefined| oReq object| jQuery1113037378031795211153 function| onYouTubeIframeAPIReady object| _aps boolean| apstagLOADED object| apscustom object| YJ_UADF

149 Cookies

Domain/Path Name / Value
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr-exp
Value: "2024-02-01 00:33:16"
pbs.nextmillmedia.com/openrtb2 Name: nmm-ss-cps-usr
Value: 2
.nordot.app/ Name: _pubcid
Value: 3e07f463-6ade-42d7-98d6-fd85d3c5c3cc
.nordot.app/ Name: _pubcid_cst
Value: zix7LPQsHA%3D%3D
.rubiconproject.com/ Name: khaos
Value: LS120EQR-R-BSOS
nordot.app/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.revcontent.com/ Name: rcuuid
Value: e6ad18a1-ea1e-4154-91c7-d478b470d95a
.revcontent.com/ Name: adb_blk
Value: false
.revcontent.com/ Name: __ID
Value: 560e1fdc10f241c392be4ac1e29676a6
.lijit.com/ Name: ljt_reader
Value: IFKBABZHk6Ofd0kUTf2UPf40
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: d4EogVaNFNsRftHHTYRbY_u3w21P8sHjss49zzletqD6dK3d25bOl3ijVGsq8Bsd_c-u3vacDTZLOKvnwQ34837YJYjbr1E54BK6OT5JpbI.
.adnxs.com/ Name: uuid2
Value: 6245270470711808888
.send.microad.jp/ Name: TR
Value: 345f7203b4e1b7197be5fd5fb1e0eeaa
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: xyAaIFHpqp
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1706661199169
.bidswitch.net/ Name: tuuid
Value: ebf2b27d-a102-4d68-bd73-bbd2c20367ba
.bidswitch.net/ Name: c
Value: 1706661199
.bidswitch.net/ Name: tuuid_lu
Value: 1706661199
.mfadsrvr.com/ Name: tuuid
Value: 7b989c66-4663-4b04-8cf4-a7ded099b1f2
.mfadsrvr.com/ Name: c
Value: 1706661199
.mfadsrvr.com/ Name: tuuid_lu
Value: 1706661199
.nordot.app/ Name: __gads
Value: ID=92894da90665411c:T=1706661199:RT=1706661199:S=ALNI_MZF0Dmg_X5WcwdluVFl0mSTM0h2XA
.nordot.app/ Name: __gpi
Value: UID=00000dbc3c24cc40:T=1706661199:RT=1706661199:S=ALNI_MZFnXc9xiVWCEAINDdbGvv2L6GuRQ
.nordot.app/ Name: __eoi
Value: ID=0cb9b18b8705afe1:T=1706661199:RT=1706661199:S=AA-AfjbnzNfqmWrhS7NpHMZix5_m
.quantserve.com/ Name: mc
Value: 65b99550-27f11-a2c70-4b083
.scorecardresearch.com/ Name: UID
Value: 1942c9b320ab248f81311f51706661200
nordot.app/ Name: _lr_retry_request
Value: true
nordot.app/ Name: _lr_env_src_ats
Value: false
.onetag-sys.com/ Name: OTP
Value: MsiWN7xI_BcnakTwlc3RbMx7fSk5pV_DotU8GxV4CQ0
.33across.com/ Name: check
Value: true
.agkn.com/ Name: ab
Value: 0001%3AGwIwSVKBVN1EyvDnCAWppOrff9mHvGqe
nordot.app/ Name: Neustar-Fabrick ID
Value: %7B%22fabrickId%22%3A%22E1%3A5KmPQ0fHNfOa5zoLPq46Jo2arKKd2f8N9fEaRinFksn-whfkCkuVXHrNKt9wTwd3WDIS4jLdZiMiZaP76k5iLjvn3Oehh9fRnPPg9T234PEvjIvtcTEoP8LhA1njWy--%22%7D
nordot.app/ Name: Neustar-Fabrick ID_cst
Value: zix7LPQsHA%3D%3D
.mathtag.com/ Name: uuid
Value: c85765b9-9551-4700-82d0-3a50a75cd423
.adsrvr.org/ Name: TDID
Value: 2252e6ea-1e69-4d02-aa70-27b4ea294b3b
.doubleclick.net/ Name: IDE
Value: AHWqTUmNEpDC8FbUdxRSEOuH2tpPL2BiTw--TgZhigGhRE1mX0suPMFtAeWUtHF0mD0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 35FDC6AD-C189-4D48-AD94-B5C34D497FE2
.amazon-adsystem.com/ Name: ad-id
Value: AyhjIoIyxUFpugdvWjkgXUw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-2252e6ea-1e69-4d02-aa70-27b4ea294b3b&KRTB&22918-2252e6ea-1e69-4d02-aa70-27b4ea294b3b&KRTB&22926-2252e6ea-1e69-4d02-aa70-27b4ea294b3b&KRTB&23031-2252e6ea-1e69-4d02-aa70-27b4ea294b3b
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJgXZOjubBaAGxGIltffFbc&KRTB&23025-CAESEJgXZOjubBaAGxGIltffFbc&KRTB&23386-CAESEJgXZOjubBaAGxGIltffFbc
.yahoo.com/ Name: A3
Value: d=AQABBFOVuWUCEM6iMDgTpw2v4muPvciiDhUFEgEBAQHmumXDZQAAAAAA_eMAAA&S=AQAAAtK_oSlBA5csdn7JD6zA09g
.3lift.com/ Name: tluid
Value: 1334555656355575701643
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_52595a64-73eb-4a44-b6b7-0de4b802d93c
.pubmatic.com/ Name: DPSync3
Value: 1707868800%3A262_261_260_259_263_201%7C1707264000%3A265%7C1706745600%3A248
.33across.com/ Name: 33x_ps
Value: u%3D212336988706950%3As1%3D1706661205760%3Ats%3D1706661205760
.simpli.fi/ Name: suid
Value: 2DD5465C06D943EC9AC22BC365CFFD62
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6245270470711808888&KRTB&23339-6245270470711808888
.tapad.com/ Name: TapAd_TS
Value: 1706661205806
.tapad.com/ Name: TapAd_DID
Value: ae687f3c-51ce-4d5b-a7e1-53f58f462959
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:2DD5465C06D943EC9AC22BC365CFFD62&KRTB&23486-uid:2DD5465C06D943EC9AC22BC365CFFD62&KRTB&23489-uid:2DD5465C06D943EC9AC22BC365CFFD62&KRTB&23539-uid:2DD5465C06D943EC9AC22BC365CFFD62
.a-mo.net/ Name: amuid2
Value: d7d3ec20-4010-4ed0-89ff-d56e7813b25c
.prebid.a-mo.net/ Name: sd_amuid2
Value: d7d3ec20-4010-4ed0-89ff-d56e7813b25c
.adgrx.com/ Name: ADGRX_UID
Value: 58e65b1c-bfd0-11ee-b8d0-b4c1bd5172af
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: fb9bd328dae5d887d324fb2c3217a117
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-58e65b1c-bfd0-11ee-b8d0-b4c1bd5172af&KRTB&23275-58e65b1c-bfd0-11ee-b8d0-b4c1bd5172af
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAANBHjHa4yhMANOcohAAAAAAAA&KRTB&22713-AAANBHjHa4yhMANOcohAAAAAAAA&KRTB&22715-AAANBHjHa4yhMANOcohAAAAAAAA&KRTB&23519-AAANBHjHa4yhMANOcohAAAAAAAA
.openx.net/ Name: i
Value: 2ae3f2f6-5670-4ff0-9f07-8dfcdeebdee1%7C1706661206
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!744
.nordot.app/ Name: _cc_id
Value: fb9bd328dae5d887d324fb2c3217a117
.nordot.app/ Name: panoramaId_expiry
Value: 1706747606117
.casalemedia.com/ Name: CMID
Value: ZbmVVprW8dtWEUcsNNASTgAA
.casalemedia.com/ Name: CMPS
Value: 129
.casalemedia.com/ Name: CMPRO
Value: 129
.nordot.app/ Name: FCNEC
Value: %5B%5B%22AKsRol-Nu-1vfT8xOBu_BHA0uT7Y-58ehua3uqYVAkzI05bRcI_hHZfEUNrsGV93lQHW1sxDSENtyvb17FteSs129UXCszMr40Vn9krV95DiLbn64TZ8Wm4itt8qBMHT84GDr62UHTZXbQ7TLS9405k6dnnLRDj-IA%3D%3D%22%5D%5D
.yieldmo.com/ Name: yieldmo_id
Value: VEDQE33vvQ3z7lCRlV8E%7C1706659200000%7C0
.ipredictive.com/ Name: cu
Value: 3954684e-eacf-4092-98e4-dce92a6fc57b|1706661206931
.tynt.com/ Name: uid
Value: k3eNWWW5lVYHOLzCYHW0bg==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1706661206997%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1706661206997%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1706661206997%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1706661206997%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1706661206997%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1706661206997%7D%5D
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-3954684e-eacf-4092-98e4-dce92a6fc57b&KRTB&23011-3954684e-eacf-4092-98e4-dce92a6fc57b&KRTB&23355-3954684e-eacf-4092-98e4-dce92a6fc57b
.pubmatic.com/ Name: SyncRTB3
Value: 1707264000%3A2_223_15%7C1707868800%3A166_54_250_3_220_165_71_21_48_13_104
prebid.a-mo.net/ Name: amdgt_lk%40cfs
Value: 1
.bidr.io/ Name: bito
Value: AAEOW07LcysAABMb6VTUew
.bidr.io/ Name: bitoIsSecure
Value: ok
.mxptint.net/ Name: mxpim
Value: R33647_110201AC1_94329522.1.000000000000000065B99557
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_110201AC1_94329522&KRTB&23092-R33647_110201AC1_94329522
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: 52594fd4-3fc1-48ab-858e-15b5a5afdf80
.a-mx.com/ Name: amdt_t
Value: p::1706661207376
.a-mx.com/ Name: amuid2
Value: d7d3ec20-4010-4ed0-89ff-d56e7813b25c
.pubmatic.com/ Name: SPugT
Value: 1706661206
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "190u~2ghc:18vk~2ghc:19e0~2ghc"
.linkedin.com/ Name: bcookie
Value: "v=2&e8bb1d06-feca-4cf5-82b2-e4a0eab0f06e"
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2876:u=1:x=1:i=1706661208:t=1706747608:v=2:sig=AQEH4mhieBXaS4QnFzZmHhjAIgR9GKO6"
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.smartadserver.com/ Name: pid
Value: 4365668101828837717
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAEOW07LcysAABMb6VTUew
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiZDdkM2VjMjAtNDAxMC00ZWQwLTg5ZmYtZDU2ZTc4MTNiMjVjIiwiZXhwaXJlcyI6IjIwMjQtMDItMTRUMDA6MzM6MjguNjQ5NzY1MTUyWiJ9fX0=
.technoratimedia.com/ Name: tads_uidp_73
Value: AAEOW07LcysAABMb6VTUew
.technoratimedia.com/ Name: tads_uid
Value: 4DCB6B2FADFF46BCA882FC96EED78312
.technoratimedia.com/ Name: tads_uid_cd
Value: 20240131003328+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiZDdkM2VjMjAtNDAxMC00ZWQwLTg5ZmYtZDU2ZTc4MTNiMjVjIiwiZXhwaXJlcyI6IjIwMjQtMDQtMzBUMDA6MzM6MjdaIn0sInJ1Ymljb24iOnsidWlkIjoiTFMxMjBFUVItUi1CU09TIiwiZXhwaXJlcyI6IjIwMjQtMDQtMzBUMDA6MzM6MjhaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDEtMzFUMDA6MzM6MjdaIn0=
.kargo.com/ Name: ktcid
Value: 13411e34-93eb-04d7-5be7-768b761cbe92
.technoratimedia.com/ Name: tads_uidp_82
Value: ZbmVVprW8dtWEUcsNNASTgAA&129
.primis.tech/ Name: csuuid
Value: 65b99558e92a6
.intentiq.com/ Name: IQPData
Value: 622056491#1706661209000#0#1706661199167
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVMnRjVlJhIzE1MzU4XzAmVTJ0Y1Nzeg
.contextweb.com/ Name: V
Value: iqUk72M2hso0
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1pf7|7dN.0.AAEOW07LcysAABMb6VTUew
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: c85f094038984397
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEOW07LcysAABMb6VTUew
.pubmatic.com/ Name: pi
Value: 157577:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
cookies.nextmillmedia.com/ Name: syncedBidders
Value: {"33across":1,"amx":1,"grid":1,"ix":1,"loopme":1,"openx":1,"pubmatic":1,"rubicon":1,"yieldmo":1}
pbs.nextmillmedia.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyIzM2Fjcm9zcyI6eyJ1aWQiOiIyMTIzMzY5ODg3MDY5NTAiLCJleHBpcmVzIjoiMjAyNC0wMi0xNFQwMDozMzoyNy4yODA0NTcyOTVaIn0sImFteCI6eyJ1aWQiOiJkN2QzZWMyMC00MDEwLTRlZDAtODlmZi1kNTZlNzgxM2IyNWMiLCJleHBpcmVzIjoiMjAyNC0wMi0xNFQwMDozMzoyNy4zNDQzMzQ1NjhaIn0sImdyaWQiOnsidWlkIjoiZWJmMmIyN2QtYTEwMi00ZDY4LWJkNzMtYmJkMmMyMDM2N2JhIiwiZXhwaXJlcyI6IjIwMjQtMDItMTRUMDA6MzM6MjUuOTA2OTU1MzY2WiJ9LCJpeCI6eyJ1aWQiOiJaYm1WVnByVzhkdFdFVWNzTk5BU1RnQUEiLCJleHBpcmVzIjoiMjAyNC0wMi0xNFQwMDozMzoyNi41Mjk4ODAyOTZaIn0sImxvb3BtZSI6eyJ1aWQiOiI1MjU5NGZkNC0zZmMxLTQ4YWItODU4ZS0xNWI1YTVhZmRmODAiLCJleHBpcmVzIjoiMjAyNC0wMi0xNFQwMDozMzoyNy40NTA4MDU2NTlaIn0sIm9wZW54Ijp7InVpZCI6ImMwOTE0MjYwLTQ2NjgtNDNlZS1hZTVkLTg1MDEzYjk3MmY5MSIsImV4cGlyZXMiOiIyMDI0LTAyLTE0VDAwOjMzOjI2LjQwOTg1MzUwNloifSwicHVibWF0aWMiOnsidWlkIjoiMzVGREM2QUQtQzE4OS00RDQ4LUFEOTQtQjVDMzRENDk3RkUyIiwiZXhwaXJlcyI6IjIwMjQtMDItMTRUMDA6MzM6MjkuMzEyMTA1NTZaIn0sInJ1Ymljb24iOnsidWlkIjoiTFMxMjBFUVItUi1CU09TIiwiZXhwaXJlcyI6IjIwMjQtMDItMTRUMDA6MzM6MjguMTc5OTQ2MTIyWiJ9LCJ5aWVsZG1vIjp7InVpZCI6IlZFRFFFMzN2dlEzejdsQ1JsVjhFIiwiZXhwaXJlcyI6IjIwMjQtMDItMTRUMDA6MzM6MjYuNjk5NzAxNjk3WiJ9fX0=
.nordot.app/ Name: cto_bundle
Value: Ja9_mF9EblIlMkZTazNaU0hEa1J5d0lHVHElMkZCdjk0ZE9iUThrYkU2bHhyY0c5S0oyWGtLUSUyRjdqVEJGeHMzclFYTUJ4MmhLOWRQV1ZYclhDNjRWclYzQmdxNkcydDFMN09TUlNJMmNZbGxrem53cDNPajZKTGlmNkpDZDluc2MyU0xPVTZiVw
.nordot.app/ Name: cto_bidid
Value: eya_gl85dHFkUWJYTGxxSCUyQjlJMlIxcTElMkIwa1R2MmNLaGxwOHZIM0VEVk04bmRxUFM3RlExYjJwSVNOYU9rZTBSUWM5ODNXRWJzQ2slMkYlMkJTblh3RjdSanZnQUxnJTNEJTNE
.hb.yahoo.net/ Name: visitor-id
Value: 3496628095649135000V10
.hb.yahoo.net/ Name: data-mag
Value: LS120EQR-R-BSOS~~63
.turn.com/ Name: uid
Value: 7948812739667623049
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7948812739667623049&KRTB&23150-7948812739667623049&KRTB&23527-7948812739667623049
.pubmatic.com/ Name: PugT
Value: 1706661209
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: id5
Value: 69f8f841-e94e-716d-971c-ce144205ea4e#1706661210084#1
.sharethrough.com/ Name: stx_user_id
Value: 33ce6942-c5e7-4a93-9758-7b7132c38c0b
log.nordot.jp/ Name: browser
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJjMDYxMjBlZDVjNzYwYTcwOWEwZTMxNTUxYmIwNWM1YyIsImlhdCI6MTcwNjY2MTIxMSwianRpIjoiMTU3OTg3MjAyMSIsImV4cCI6MTc2OTczMzIxMX0.orOktO8sCj-OH5qdpVh6PZ3Ah5shfh74YcHQDKIvC_k
.smaato.net/ Name: SCM
Value: 129ff4b45d
.smaato.net/ Name: SCMaps
Value: 129ff4b45d
.zemanta.com/ Name: zuid
Value: pVBh4BsHBjZmBDRFltyN
.dotomi.com/ Name: DotomiTest
Value: 273938a2929506f8
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwim7Ky0yP_QPBAFEhQKBXRhcGFkEgsI-OTi1sj_0DwQBRIWCgdydWJpY29uEgsI0qGj6cj_0DwQBRIVCgZjYXNhbGUSCwie8uORyf_QPBAFGAEgAygCMgsIqNvlg9__0DwQBTgBWgV0YXBhZGAC
.mediago.io/ Name: __mguid_
Value: 09dd4f7e8a073e6a24j1ea00ls120rj3
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
yads.yjtag.yahoo.co.jp/ Name: receive-cookie-deprecation
Value: 1
.yahoo.co.jp/ Name: XA
Value: b91j33lirj5as&sd=A&t=1706661212&u=1706661212&v=1
.yahoo.co.jp/ Name: XB
Value: ckfs2n9irj5as&b=3&s=e5
.media.net/ Name: visitor-id
Value: 3496628135649197000V10
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjI0U7IyNDcwtzA3sDA00VGyMEDlm6HLm6PyjSDyZuYGJiaGJrUAnF8QXw%3D%3D
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcKzOF5S2yRrNAJpdVl+8HYpsinqGCZ+fq0AkKl9P5VylNiPBTkmlJYJI3NL7Jbqj9e2AZ0e7ARiW3oebD9XI3Kh
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1706661214!onetag,1706661200!revcontent,1706661199!intentiq,1706661198
.sitescout.com/ Name: ssi
Value: e9435ccd-289b-41d2-8f05-a8f0e060f4e3#1706661214372
.lijit.com/ Name: _ljtrtb_80
Value: LS120EQR-R-BSOS
.lijit.com/ Name: _ljtrtb_87
Value: 7b989c66-4663-4b04-8cf4-a7ded099b1f2
.adnxs.com/ Name: anj
Value: dTM7k!M40<CxrEQF']wIg2GVUqG%Fm!m5LRe$bM0cd#BHEFb'Z?.UfD0/n!h6(XG48mIwn(7nYt+!K1-ZT[SWV%xpCB<W<.+7?k_B`V2C2]qq4Sy?G#S@g][>Y%SXNWW^XHRQ$#^cerr'Bb-@9RrTq^Al-f
.adnxs.com/ Name: icu
Value: ChgInIc_EAoYASABKAEwzarmrQY4AUABSAEKGAjd3m4QChgBIAEoATDequatBjgBQAFIARDequatBhgB
.sitescout.com/ Name: _ssuma
Value: eyI0OCI6MTcwNjY2MTIxNDUyNCwiMzkiOjE3MDY2NjEyMTQ1MjQsIjciOjE3MDY2NjEyMTQ1MjR9
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzNLSwMDcyMbcwsjQ0BLKE-Ax1LYxyMt2MksuKnd3cADtGk0gkAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzNLSwMDcyMbcwsjQ0BLKE-Ax1LYxyMt2MksuKnd3cADtGk0gkAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtobmBmZmZoZGhibm4KAKqiIsQQAAAA
.lijit.com/ Name: _ljtrtb_26
Value: ebf2b27d-a102-4d68-bd73-bbd2c20367ba
.lijit.com/ Name: ljtrtb
Value: eJwVyjEKwzAMBdC7aM4HWTaS3bHQLVAan8Cy4kuE3r3p%2BngXidKDTl%2FiYoGRWFBCKzwswz1kCmc1H7RR5fvuPQm%2FPgcOPPu7%2F9luNm%2B1TVUU1YziXFDnKhgWZ3BrnpbQ9wcu%2FRwb
.lijit.com/ Name: _ljtrtb_16
Value: e9435ccd-289b-41d2-8f05-a8f0e060f4e3-65b9955e-4341

8 Console Messages

Source Level URL
Text
javascript error URL: https://nordot.app/1103463313237606400
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=26' from origin 'https://nordot.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=26
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2035FDC6AD-C189-4D48-AD94-B5C34D497FE2&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp={{.GPP}}&gpp_sid={{.GPPSID}}&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dtriplelift%26nmuid%3D%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=nordot.app&e=27&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cookies.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=nordot.app&e=27&uid=d7d3ec20-4010-4ed0-89ff-d56e7813b25c(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://nordot.app').
other warning URL: https://yads.c.yimg.jp/js/yads-async.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.
other warning URL: https://e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
a.tribalfusion.com
a121ff75dd5b77ef27f5c07ae6a4c23a.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.avads.net
ads.pubmatic.com
ads.stickyadstv.com
ads.us.criteo.com
ads.yieldmo.com
ajax.googleapis.com
amazon-tam-match.dotomi.com
ap.lijit.com
api.rlcdn.com
api.whizzco.com
assets.a-mo.net
assets.revcontent.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
casale-match.dotomi.com
cat.va.us.criteo.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.whizzco.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
colossusssp.com
config.aps.amazon-adsystem.com
connectid.analytics.yahoo.com
cookies.nextmillmedia.com
crb.kargo.com
cs.admanmedia.com
cs.media.net
csm.us.criteo.net
csync.loopme.me
dclk-match.dotomi.com
de.tynt.com
didna.b-cdn.net
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e47b995034432ff0e67559ae488797f5.safeframe.googlesyndication.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
events-ssc.33across.com
exchange.kueezrtb.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
funes.solutionshindsight.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
hde.tynt.com
i.liadm.com
ib.adnxs.com
id.a-mx.com
id.rtb.mx
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imageproxy.us.criteo.net
images.revcontent.com
img.revcontent.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.primis.tech
log.nordot.jp
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
media.revcontent.com
mp.4dex.io
nordot-res.cloudinary.com
nordot.app
nym1-ib.adnxs.com
oa.openxcdn.net
onetag-sys.com
ow.pubmatic.com
p.rfihub.com
pagead2.googlesyndication.com
pbs.nextmillmedia.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
report2.hb.brainlyads.com
rtb-csync.smartadserver.com
rtb-use.mfadsrvr.com
rtb.mfadsrvr.com
rtb.openx.net
rtb.va.us.criteo.com
rules.quantcount.com
s-rtb-pb.send.microad.jp
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.yimg.jp
sb.scorecardresearch.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssc-cms.33across.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.solutionshindsight.net
storage.didna.io
storage.googleapis.com
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.a-mo.net
sync.bfmio.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.intentiq.com
sync.ipredictive.com
sync.kueezrtb.com
sync.mathtag.com
sync.technoratimedia.com
sync1.intentiq.com
t.adx.opera.com
tags.crwdcntrl.net
targeting.unrulymedia.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trends.revcontent.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.temu.com
x.bidswitch.net
yads.c.yimg.jp
yads.yjtag.yahoo.co.jp
yeet.revcontent.com
yj-a.p.adnxs.com
ads.stickyadstv.com
api.rlcdn.com
bidder.criteo.com
btlr.sharethrough.com
c2shb.pubgw.yahoo.com
colossusssp.com
cs.admanmedia.com
dmp.brand-display.com
exchange.kueezrtb.com
hbopenbid.pubmatic.com
i.liadm.com
id5-sync.com
onetag-sys.com
pixel-eu.rubiconproject.com
s-rtb-pb.send.microad.jp
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.bfmio.com
sync.colossusssp.com
sync.kueezrtb.com
t.adx.opera.com
targeting.unrulymedia.com
104.17.24.14
104.18.24.173
104.18.34.178
104.18.36.155
104.19.158.19
104.21.15.170
104.22.52.86
104.26.8.169
104.36.115.111
13.107.42.14
13.225.199.75
13.249.190.125
131.153.242.59
142.250.31.132
142.251.16.156
142.251.16.207
142.251.16.94
142.251.16.97
142.251.16.99
142.251.163.100
142.251.163.155
142.251.167.154
147.135.94.213
147.28.129.140
147.28.146.89
151.101.1.229
151.101.65.137
162.19.138.117
162.19.138.118
172.253.115.132
172.253.122.121
172.253.122.155
172.253.122.95
172.253.62.95
172.64.152.89
172.67.163.80
173.237.69.132
18.160.10.101
18.161.21.121
18.208.47.7
183.79.219.252
184.31.52.28
185.167.164.43
192.184.68.149
193.122.130.38
198.148.27.131
199.38.167.130
20.121.97.20
202.233.84.2
207.198.113.204
216.200.232.253
216.239.32.21
23.105.12.143
23.192.31.127
23.221.252.246
23.221.253.11
23.39.177.103
23.55.60.16
23.83.76.90
3.161.213.38
3.161.213.68
3.161.253.193
3.162.3.123
3.162.3.125
3.162.3.33
3.162.3.51
3.162.8.154
3.217.51.221
3.33.220.150
3.82.86.24
3.93.122.201
34.102.146.192
34.111.113.62
34.117.239.71
34.150.170.96
34.200.65.202
34.230.167.23
34.236.83.94
34.96.70.87
35.170.24.131
35.190.39.111
35.205.207.25
35.207.24.140
35.208.249.213
35.211.178.172
35.214.167.88
35.227.239.69
35.227.252.103
35.244.159.8
35.244.193.51
35.71.139.29
37.157.3.20
37.19.207.34
38.98.69.175
40.76.134.238
44.194.20.78
44.205.63.57
50.116.194.21
51.222.39.186
52.201.172.228
52.203.1.116
52.21.39.178
52.4.73.70
52.46.151.131
52.7.65.124
54.144.15.249
54.146.20.223
54.172.1.24
54.192.51.124
54.192.51.91
54.84.92.154
64.202.112.159
65.8.19.31
67.202.105.21
67.202.105.32
67.220.228.200
68.67.160.117
68.67.179.164
69.173.151.100
69.194.240.11
69.90.254.78
74.119.119.129
74.119.119.130
74.119.119.131
74.119.119.139
74.119.119.147
74.119.119.149
74.119.119.65
74.119.119.73
74.119.119.80
8.18.45.76
8.28.7.105
8.28.7.81
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.32
8.43.72.97
99.86.229.2
00d38aba554491252d57c462a721f53b97c9dbc9286600e7d8fce2d334e8dc21
019a1cc4825ee7c7b9261da016e662cea837b6b725d63bbc96306bad4db93be4
026e74a7997fc6f1891b5f3ab6fab7add554fd1be583bb8d08f45d2279bed528
034122fa818a19732e0d9dca9c05edb3594e2ad642a1865fa03d709e19ef0140
037283765f853249f1407dc2c5ec21e055055ba2cc33c040f018b93bd706a5c8
051a084c42fd7a14a0a2a3ed385ba18f8c4b05007b46ba4be54e0a5d92b8d64e
062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0723ed2c0369c9d2aabbabc19f5476494c8b9413d3c95a0670e5e11d06a4b6e0
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a02a11b0c51c1164f6f0b086bacdb92eb3275b293aa6d6abb045416530c1837
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
103aabbfb76356f57bcf765814ae77eca2d11c9f22cc74327a72db3fb13a0d93
1047bf2303165f70fb18f2e4ab0bb2baed7918de0243565d99a601feccbb7a25
128cffe69bc6370cd531ab722f6f275d8d41e9f01c2b4c3e2659156404efcca2
139846ce435dc5f9649c909ef6cd0801b4ad0b61d92dee7f89e62ee014a7021c
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
13e921baff7dcf1c6112841437b95602bf4f445bf38054129a407003818a111d
175cd526064cfc4706642010bd18c66d570b0cd4145f52f453a8a01373d0df1f
1781b696d0260b6fbaa8cee4557699ee6c23b51718c099b9949e36734ef98a1d
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18da2618d901784810589aa02204a0476971430219b89261498ae9be29376a6f
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
1bb35275679fea6c43901369f47659bccaa8b61e18e1798bf5b4d04398a0224a
1c898587bd3aa9de3c224f4e3d1426729bb1a9cb7825aacf09bf23fb6abee8ef
1e20957e4427e1ff5353f2d8a78358e59abd92cb45b05379086c90859756945f
1e9cc4a3d46ded64af434e1bf7be6f2983d8cc8e1b407298a8ee1b8439273576
1ea32e31fdb3bfe4c122b5b638d3002d1274477d0f67ba1d62512c57f91b7016
1ec00d2e95e656b87d9f899683f2d4882693662a3a759ec9907ca500e99d4348
1eee8c38e8802407d6dca550dfac248c80d8f3c0814d3e1f5903477dfc87e798
1f9e494521255366cfcbbddbc0c58d2d692616f197754a799bf4c9d84fa997dc
1fed7da86f9d9735ea1018a3ac1be1e3e6fc105b7c7dc2c809626d34b4ee85c1
2045dc903e8140c3937e5a5f577a8145707f0f0fe80980eb191f3c782fff8011
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
24814800066bb8325efc2781ac3ed3ff8a1b0f77048d40b2e02fc7304e79621d
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
26310f42535af96b780d8bee7733b66e54cd02d344d27c70d208d21cf7bf9350
26b74084193a7882fc9988b59107a58c455555d4fdea0b79f3360b7e97b178df
26cde3b7eb15105f83935450eecf442c6838406d803fa8658114cf483906319c
27338a4ccc83bcd831a4608e6d6ab5270ff706458758407e01f857f13e05049d
288e3d972d4c5053af91f1c8d8eb04252f3fa1de9345643d7057d39259240188
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d2f0d368bf03561099df3cb58b8116ba09abd5695497a5b986e8e959d39d443
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e17d453586f6fba79959e0231b9cc069460c04501d100ebad423ab2f2f50788
2f696b5dd6b357c564bfdf4a647fcbadfab9dac11e442c5f970315fe2fc28f38
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33dbac17ba432802e8cb4a642513a257de63b15de3fe565247ec47fd891c20d2
356c05c394aa1acd7ab323d2634e4ca319ed2fb602c787e0257172d92200e2bc
35f026090d9b1c7613e932c9b04aa1cbed33608343bb95326f08c63d14a55b59
36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
39ed21a082e04ad54d3d3da85091586228016d9cf22d72fb01ddd9b82dd7d65d
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3d0fdf0fc1191ba4b7a57a9677ce5c7eda1c2a1f687a0802e7fb6176a016131b
3d160f18c4ab0e4cc4dc1352a8a34a3a1c27ef245b8497a9d1691abb48a8fdcf
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3d403b6244107dd484e1047e88177d8e709d854e598fd312f7db4a0ebe3bd138
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffbaf66f00650ea54330dce79f84272a57f69fcff0a52be0cbd64b32d849132
403d832105280f1d276cec4c18b85af00bc66b845d83c7da33118e47403a7c30
405e43cd3a1d6144f42375bbf65312766341fae117f8809b9faa4d023a279068
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43ca2ad362daac70294e80333e8c6c0f118f03e58a24e82d0a85a11c46a44fcf
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
46823c9150ac78a5b9c8db644a98bb860c999b4a77bfd8fc5c0d83f41cec5be9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4761af700d2a30254d4709b617ba843907373af7d0fdcd7dc9069d067d4d87c8
47af9ee690634c7e3f48ba9a1149a81f860180feee94b2617a337a6251eb73fc
487dc6ed472ca5634e4ba3411cdf5e0dd5093d4404d793464ac915f6fbe280ae
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48abe6f6bdb06a6f38d0a842e2c17af50ecbad8920267ce577fbbbcc01776125
48c0c0652213b10729997c6c43dcbce4f18f36d011c0ed2dbfd4006808e80569
49b0decbc87abc0c5fe97f8928eeff5f7bf1735e612edd1fbdfcff12839e5d4e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9afca1f1a89595b15d84e7b3eb6e249494d42a57532950e2c89318a04d2fc5
4d8562efd8364015edd8080e72d8bd98f0a92019058f15df14e03f9951e01876
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec53e9a0d8f74ac6954356d69b8cc1fd8b5ae1268a6be4713d7652ffb48c951
4edab288d02a2436bd81bec6eb85bcf2bb52db55521173e01c28d334f4eabeac
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
500a62fe6da2bd1699283b0b3fff6e642249bffef5bb2ef9d8cbea3ddf51df39
508ec1418d9498ff28d313b9972402037e837ceca5c372c672099a23dbdb764d
51c8cb746d4f228b4e000de4ddb990cc1caf285086dc66053093bdd679d8da52
5220389433c833cd9610617aed5305f2d416b2846ff6a4b32e36148976f9fafe
52682033ea6af1bc75522a845aef7578f4dec6f198da595518939d8bd5f2d535
53952db058c5e69f14e066a7dd383ef6421150a2224662acd9bdb68dc0dc2247
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5414a3616f7620f3a2c3fe5748630b77b654096e78d4b7e8d998bd15b63f448b
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
585860218f8ab1e2f9e44acaece51990bc7a9bd161e98ef8e1dbfb13577ea866
5f6869fca1b7c19d84736dc6b9dbc7f763f8719ac0acd009d792b8634a9110f1
5f6bb5d053b27ed6289fc56a621ab7879e1a0f30805246532a5dee5f1d859903
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
6180189f97f183998256ce1d41dd6b6ebca562a9cc7b11a124dfc58bfd98d058
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62921b3ec5288a3afbc4291e3df141024b8f3cf3bdfbd959ad005ade511c19fc
62930f88e12fa8085ce4bb62144a756767b2c9f817d4fcd40181b6c9bca29fbf
643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0
64faef43f59f0d829a290bb25e0b5c24308c0381b590d9717e460a8344912ba3
65bbe8d939600776ec47ff5e3b8779050611ca64b96deaa71d547fca9b307d3c
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
69d01bc765cac28d86d6011b8cbbaee112febae3c4597c1b84a819d091cf5062
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6c3ebd767f813b0f4614aaf4ff52ada0f8c0f7715d034ee46cd4a2357ee0ee15
6debcf007daae7098aede21aa59b4bd3da1a0aac1b5baaed0041aca462e0d482
6e74b9e8c320b1a1d7379d6037667fe4121312418c1fdb680bafc7ea3a8176dd
6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5
6fddb43fae6bf8f7ff3d4bf9fe3422fc8dc1e5471ae1616686562c3c7ddeb465
701d86c2142cb744f4ec1d73dd57f82cff04601f8e706c82d465d1c88645f32f
704856bd548c203f7ed684bfff8c025b3e8d904b7a01167f52ae7055ec8035e8
704f0b97c077cd087d128e45a303b4ddb30bedb9a6b918bd34b05894d747a6e5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
79aaa9404326294b7ae8cb5f1a3244fd08921ae93141eee0bf557881e6aa0a21
7af9077acb7394c2dd8f17beb7247f50e4c9ab42d1c4b184c125fb57f1453c2d
7bbbcbd087cf998167c840ac1a9ac6531dee41a1de9dabb8604fa5aa45288692
7d9438473df6837d2beb62526ed451d900736f60122b2cf9ad44072dc8d8d637
7f6968c3fc0048fc45314d004c0a95deaca8e4788117b8c0b1833148cdc1163f
8065b40879ee291260084a91bef981607f9e66952a6cc4b1eb8828256e5e00c2
8303d2d8ad46da79400f9ff757e3a4ce7e74dff74bbf3c3df746181601824d4e
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84825ad2be9c8f4b0988504b86e19c48206bc14fb9319a5a652b4b843bbf6507
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
86036cbe1dd82dc84489e713501e2fb7e5e18d2f41b3668006f5657e3deb512a
874f6b264fbf887ede170202307ef4b83f6100f8618ebf70b9a1e9aa04e63aa2
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
88bd4c21016bd5c895bc9a0d96fd043e3d314f9a6fc2129e9eb15a249336ec2a
8e49d9b1504acd5d895a91fae1ebf7895d7c2ebff3aa1a4c484171a38d033d65
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f06440dab8c5d5eb0c68fe3d53655ac8c99a1803009faa70ff02c29b1ced7c8
8f2f59431f6d915b5c83b674f6d2fdc140b5ebf80a14cbb55ffe4f2b99155828
909c929c8a40c985e894f290ea52e73b18027237bfbfcf7a28ef2425c23fdb31
918a9543162474ed798c7221f51b127bb61016c95baa599dddfce3e9d1af9f02
91ac8223c94474d8f361532ab4d70c812009953802cadba310a2cb9f2600e300
92090accd09a1d2c268b57c682aef78b4327f6c4873f62137cb2c67a66078ae8
94a892acac25ca6118f3ee3345ffa580ce38142282343eb43af3581bcc12a72b
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
95e6145c4e44910a27b2063d14cb4554246e99a04a9a6502d97689e4f53f43da
96ac32cb0fa23aec421d39cab3fe9dba1ed57944577b0903660ed6c4966d566d
98590349443ab5e895ccb7518448a454c451174f94670dcbaeb780ee88a24af0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9938e1251dfeeaa89b45a270d448be6a910fa17a3081ea4a6487a0f8f7130c3f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b09e8282c00fbed8f6103f0acf0a5bbe48efa5ade88efed989a57a14ce998be
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841
9d9d64b2b982e8dda8f9362efc4e2c0c454c6a7b0fd8759cf5d4218fc07874c2
9f0c86609facb4f4dde17f7f68b91a55e9fe141b1d9651aadd64a578b4c017b7
9f71c68db8f50cecab42686d45c685b9fa2710dac74bd8eb50df4689575fc204
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2af9b81597828d0fff527e26f6deb2f50db4a6d015f7fba9b4c286c83116561
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a521ed8025803c6b8daa3d03dfec9682b1cc450981bc1d0e84a30285c9bed367
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a79e82fb537b0621dd3cad7ccff489e28d71450ae91ee4e27b85c5e0f0fd26d9
a7e337ed8d8f48cd2c88e93c598d3eabd67b153e0572dc16c10f09637a0ab9fe
a96d7f93ec302f75880f5780c285651419d8f44b4899ff66a6bf2d7e44c25458
aa183ad43effa43190060992c26ea1074e25f5e324bc4dd6233a7ee46af7e03d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
adfa92bb37a71b1de6544805baa2fdc0565824cda30fd822013a6a0107f3d3fd
ae8f033ec543c8821c3918fc4d65de5ca9124ac9f3ffb3bde767a049ba8ee67d
aeb9abc35bc334d3e94e43e4b6a9c4bafbc5d632317732b5def224800db7f696
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b135d50c4310442851f754c5525614341f9dd2569472ee760743a948db6f2f6d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9a0b571f57eaf8592a65ee115132cc668621d895640bfb8e89945924ed370b7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc22f49b8344f3009be5c0c22aaacb92a5459151feb3924e6a9497b9d84fed09
bc4156e6bba79e792d217dca00a6bdc80f0cac60d0dff8ea495f8d01e6ac55b7
bcac64a1603be1dec3af184710a196369af1a5bbcdba2e6b0b27161f0bb96e90
bcdac781651836ec817fd5f11c5a5f2631eb831ebcedca3014a73d9e9d6adeb4
bdaa567881b615e42ebb65389980fcb30db05494938ad83092a7cca70e18dc00
bdafaa1a09e41629d6f5d558d498a4a72b5ec0528f88dcdf1451082361db364f
be70cedebacd96dce28b985d65c52839d99611ea2cba820ef151c52fb8be8096
bf7445a84b2c5bc2bc8a80d3e13cd191b74f612bee6a7e38c85b108cf2ff4521
c0bbc4391cda92fca886c44524c83f63a82c79c3ed057316149de123ec5b7b88
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c4c6ca254af069397bbef06bc71aeff299af0baa5e02a8c20e40d29ec6ba9afc
c614223ab752caa3310e53482f994e60b7eb8c9c8b0f0d151b30c297dfef7f1a
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c905ee95e5d18a317f419fa47bced19c81165059f9bffbf5f85b8bc15baf11a3
ca4d1ee7717bf8e9b2c7254fd311e040350782a964c20db52f087f8282682ece
ca58cc84a778cb115e578190cfe200a49e15b722a5c8b5648679c6084f1f17a4
ca692845f7ef7dc5350cfe9bc3e6a21d445e891249fdf76737fa644182d25800
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cab39e515392adfe3a713cc442fadd75182e27a1c5a90d20519a9bed3fdd2ae4
cb0607ddd06d68b7d83cde36087159858a58bfe0a5d593eeeb58e27d0cabbc3c
cbb470390431a28455afefcded54718a12e0c0acfe31b79e1562f31d94d3cf1f
ccfe71c865265c82740591f9ac7f2cdbba8414039976d942da18d4883b07de5d
ce6562305ef8b622be0575cc1136a87f4a2a6be8ee307854e70a670362d08b67
ceb5f5e6bcb91fcc4c03c82b96002bea3a2627413e785c6de5db6e2b78a4a124
cee393b224f2d24ee4edd7a965ee9c12a9c822c46836fbd526082ed10fa905d7
d13f91ab1a62e1359a5fafcb9f882298b95a0f735b60b97a01cbf99211adbc85
d19055ff365d6545e7c2fa7724a2ac524079ce3a0a4784d853f6f244b2ac9a08
d249c2a4085538a252c982913fa9a2140b5e4431748fb580e1e2f95a62fd196e
d45769dabcf08dcb986b60e8b136dcb14e78b6a930e3f08ba84c4e527cb15436
d50e7cf0a20f44a45242aee3a67629cfc278e0575fcd2edf1fca03a686433f6f
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d59232b2d65a6bedba07ac0efe4e6f1b008f5f4e04baeae1d5eb80a2c3d533e6
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4
d7f905c023500e45d51f38d367e40a9d92f99a60eaaff765bb1fa2c7253bf1a4
d8011f8702c24591e152399f1ab4ad3b11bb4f080dbd09c252caa565468065e4
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3
dbfdfc90f3fd3c26808f03cea1d8290f65f29b9de6ec5fafeabd1be95f1f6ebb
dcc45c991696d726863fbd33b7c423cb24056d250b818b2fa735dc193718dbb9
dcc52a554efbdb0baadd0c8939cca5e6616aeab8c22085858b9395e9f061fbab
dde2e059710cec5179594241f0db5d75752cb13709f959d414476396730d2b11
e042f7b9638fdd28d660eb5a9552b5192f96a1131c0e28c3f63666c9b9deebfe
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e0f614339a69161df13a533add75a74dd1e349df73359e1f33f2a017009f5477
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f8eed8f325395fb25c9643d823541a817d69d6238a51d88e3a3306d6ce333e
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eafb4bf577f5c3be774b5a16fb3729c76c6487f5e210b2a55b962d2acee40638
eafba26e24c80c1199a2da9c67547d2aca2c97276b684c861be6448ea35bf704
ec8db144347791e7556dc8789a83360f4ec075961e060b35863a43fc12fdf3ff
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed1fb51802ae35cf63c5670e375135e8b68a8200c6ae2ef79a5748549435061a
eddd922d29760850c3e11583838cb36abbeb7a2136c2bf22232d3c2d5b97c54a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00279b4bafdaf1ea153927873f7644205fd393e4731b0d18b06f651baf517a2
f32ac60b367bd1bb9fc176456129ae82df647db6100b1b4ca0f96e73c4ed120a
f509537a941a4046b1f076ab2441d1ea6bf21b3d2a0122faea116e1d609fbfaa
f55ec1a81d641a7b309ae4916fc82ca314edc9bcc97159b6e0a2aeedd2f782bf
f78914ef8e8101e4277027815acd04f954570bc0e639a72f815a8f82a39f303f
f7fd21b6e0980aada740143417f0af047b4c0e30d5e2d353ca62f14feb2c7459
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
f88f306e7926260f6b9faca43b97a86be4ff58acbad1740d19367da45d86ca97
f934a2861322881ef8660fc0c849379fd8722eb0eca55abbaec1b3a2c7829ae1
fa38a81d24ad46a7f907dcb1208a2776c2afa8129f8342f60cb40ee0fc7d6f0a
fb24b25bb91f7581e63efc45b67db32fa6ac3e0ca6551b2d8171f1b036bb728f
fdf3f101547881f9f4a3a40bce5c2cc9c0b977893c473b4e6e7653a0fa29eaf8
fe336101f8c59e2205145584e95b3c523939c4feddd720745c108b9506103c08
ff94340efca752d7021f668b54338b193df6f425ba6f914b786bf4b3018750c4
ff98dfc1b60c8acebfada367211130e1fe8a73d3ba06deb5720b55bf8fc8e3e1