urlscan.io logo urlscan.io
SecurityTrails logo

one.jlepp.com Open in urlscan Pro
2606:4700:3035::6815:815  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://one.jlepp.com/
Effective URL: https://one.jlepp.com/
Submission Tags: @phish_report
Submission: On December 19 via api from FI — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 50 IPs in 10 countries across 40 domains to perform 212 HTTP transactions. The main IP is 2606:4700:3035::6815:815, located in United States and belongs to CLOUDFLARENET, US. The main domain is one.jlepp.com.
TLS certificate: Issued by GTS CA 1P5 on November 27th 2023. Valid for: 3 months.
This is the only time one.jlepp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
27 2606:4700:303... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
7 2404:6800:400... 15169 (GOOGLE)
18 2606:4700:1::... 13335 (CLOUDFLAR...)
2 2404:6800:400... 15169 (GOOGLE)
9 2404:6800:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 23.198.59.89 16625 (AKAMAI-AS)
1 1 104.68.31.231 16625 (AKAMAI-AS)
2 23.52.255.186 16625 (AKAMAI-AS)
1 51.79.152.81 16276 (OVH)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 131.153.206.102 59210 (PHOENIXNA...)
1 2 207.65.33.79 62713 (AS-PUBMATIC)
1 1 35.213.12.39 15169 (GOOGLE)
1 52.76.177.21 16509 (AMAZON-02)
1 109.206.161.21 50245 (SERVEREL-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 5 142.251.221.66 15169 (GOOGLE)
1 1 80.77.87.161 46636 (NATCOWEB)
1 35.212.212.222 15169 (GOOGLE)
2 2 18.140.209.232 16509 (AMAZON-02)
1 1 147.135.71.203 16276 (OVH)
13 17 69.173.158.64 26667 (RUBICONPR...)
1 162.19.138.118 16276 (OVH)
14 2404:6800:400... 15169 (GOOGLE)
2 57.129.22.38 16276 (OVH)
1 51.75.95.135 16276 (OVH)
1 51.75.95.112 16276 (OVH)
3 51.75.95.152 16276 (OVH)
1 51.75.88.178 16276 (OVH)
2 51.75.95.199 16276 (OVH)
1 51.75.89.23 16276 (OVH)
2 51.75.92.250 16276 (OVH)
2 51.75.93.54 16276 (OVH)
1 51.75.89.188 16276 (OVH)
1 1 69.173.151.100 26667 (RUBICONPR...)
2 4 52.46.143.56 16509 (AMAZON-02)
2 2 15.197.193.217 16509 (AMAZON-02)
1 1 2406:da18:929... 16509 (AMAZON-02)
2 3 52.95.115.255 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 52.199.220.35 16509 (AMAZON-02)
1 1 2600:9000:21b... 16509 (AMAZON-02)
1 2 13.35.147.46 16509 (AMAZON-02)
1 2 209.191.163.152 14744 (INTERNAP-...)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 13.228.80.176 16509 (AMAZON-02)
1 162.19.138.120 16276 (OVH)
3 2406:2600:7:1... 55569 (CRITEO-AS...)
6 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
33 2406:2600:7:1... 55569 (CRITEO-AS...)
3 182.161.73.132 55569 (CRITEO-AS...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
22 2406:2600:7:1... 55569 (CRITEO-AS...)
7 2406:2600:7:1... 55569 (CRITEO-AS...)
2 2406:2600:7:1... 55569 (CRITEO-AS...)
1 2406:2600:4::13 55569 (CRITEO-AS...)
212 50
1    2606:4700:3032::ac43:8a3f (United States)

ASN13335 (CLOUDFLARENET, US)
one.jlepp.com
27    2606:4700:3035::6815:815 (United States)

ASN13335 (CLOUDFLARENET, US)
one.jlepp.com
1    2404:6800:4006:811::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2404:6800:4006:812::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
18    2606:4700:1::6813:814c (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
2    2404:6800:4006:809::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2404:6800:4006:811::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.198.59.89 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-59-89.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    104.68.31.231 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-31-231.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.52.255.186 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-255-186.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    51.79.152.81 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip81.ip-51-79-152.net
onetag-sys.com
1    2606:4700:3035::ac43:bfac (United States)

ASN13335 (CLOUDFLARENET, US)
cm.rtbsystem.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    131.153.206.102 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
2    207.65.33.79 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    52.76.177.21 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-177-21.ap-southeast-1.compute.amazonaws.com
crb.kargo.com
1    109.206.161.21 (Amsterdam, Netherlands)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    2606:4700::6813:9822 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
5    142.251.221.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
cm.g.doubleclick.net
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
2    18.140.209.232 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-209-232.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
1    147.135.71.203 (United States)

ASN16276 (OVH, FR)
PTR: ns106004.ip-147-135-71.us
tracker.direct.e-volution.ai
17    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
14    2404:6800:4006:80b::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    57.129.22.38 (France)

ASN16276 (OVH, FR)
c0.eu-3-id5-sync.com
c0.eu-4-id5-sync.com
1    51.75.95.135 (Germany)

ASN16276 (OVH, FR)
c1.eu-3-id5-sync.com
1    51.75.95.112 (Germany)

ASN16276 (OVH, FR)
c2.eu-3-id5-sync.com
3    51.75.95.152 (Germany)

ASN16276 (OVH, FR)
c3.eu-3-id5-sync.com
c4.eu-3-id5-sync.com
c6.eu-4-id5-sync.com
1    51.75.88.178 (Germany)

ASN16276 (OVH, FR)
c5.eu-3-id5-sync.com
2    51.75.95.199 (Germany)

ASN16276 (OVH, FR)
c6.eu-3-id5-sync.com
c1.eu-4-id5-sync.com
1    51.75.89.23 (Germany)

ASN16276 (OVH, FR)
c7.eu-3-id5-sync.com
2    51.75.92.250 (Germany)

ASN16276 (OVH, FR)
c2.eu-4-id5-sync.com
c7.eu-4-id5-sync.com
2    51.75.93.54 (Germany)

ASN16276 (OVH, FR)
c3.eu-4-id5-sync.com
c4.eu-4-id5-sync.com
1    51.75.89.188 (Germany)

ASN16276 (OVH, FR)
c5.eu-4-id5-sync.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2406:da18:929:5a03:b77c:bd67:d3cb:a383 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    52.199.220.35 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-220-35.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    2600:9000:21b5:4c00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    13.35.147.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-46.syd1.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
2    209.191.163.152 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ce.lijit.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    13.228.80.176 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-80-176.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
3    2406:2600:7:100::15 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
6    2404:6800:4006:809::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2404:6800:4006:809::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
33    2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
3    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
22    2406:2600:7:100::1f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
imageproxy.as.criteo.net
7    2406:2600:7:100::f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
2    2406:2600:7:100::e (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.sg1.as.criteo.com
1    2406:2600:4::13 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
Apex Domain
Subdomains		 Transfer
62 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
imageproxy.as.criteo.net — Cisco Umbrella Rank: 15904
csm.as.criteo.net — Cisco Umbrella Rank: 15538
592 KB
28 jlepp.com
one.jlepp.com
194 KB
21 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
27 KB
18 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 9066
c.mgid.com — Cisco Umbrella Rank: 7275
cdn.mgid.com — Cisco Umbrella Rank: 11503
servicer.mgid.com — Cisco Umbrella Rank: 9134
s-img.mgid.com — Cisco Umbrella Rank: 9069
cm.mgid.com — Cisco Umbrella Rank: 1303
214 KB
14 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
71 KB
14 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
42 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
270 KB
9 criteo.com
ads.as.criteo.com — Cisco Umbrella Rank: 15127
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 14807
rtb.sg1.as.criteo.com — Cisco Umbrella Rank: 27399
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 21368
139 KB
8 eu-4-id5-sync.com
c0.eu-4-id5-sync.com — Cisco Umbrella Rank: 14551
c1.eu-4-id5-sync.com — Cisco Umbrella Rank: 14437
c2.eu-4-id5-sync.com — Cisco Umbrella Rank: 14516
c3.eu-4-id5-sync.com — Cisco Umbrella Rank: 14394
c4.eu-4-id5-sync.com — Cisco Umbrella Rank: 14454
c5.eu-4-id5-sync.com — Cisco Umbrella Rank: 14419
c6.eu-4-id5-sync.com — Cisco Umbrella Rank: 14463
c7.eu-4-id5-sync.com — Cisco Umbrella Rank: 14494
2 KB
8 eu-3-id5-sync.com
c0.eu-3-id5-sync.com — Cisco Umbrella Rank: 14378
c1.eu-3-id5-sync.com — Cisco Umbrella Rank: 14300
c2.eu-3-id5-sync.com — Cisco Umbrella Rank: 14269
c3.eu-3-id5-sync.com — Cisco Umbrella Rank: 14327
c4.eu-3-id5-sync.com — Cisco Umbrella Rank: 14309
c5.eu-3-id5-sync.com — Cisco Umbrella Rank: 14396
c6.eu-3-id5-sync.com — Cisco Umbrella Rank: 14279
c7.eu-3-id5-sync.com — Cisco Umbrella Rank: 14281
2 KB
7 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
5 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
15 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
193 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
image8.pubmatic.com — Cisco Umbrella Rank: 661
63 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
530 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 835
1 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
2 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
698 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 666
661 B
2 e-volution.ai
sync.e-volution.ai — Cisco Umbrella Rank: 1756
tracker.direct.e-volution.ai — Cisco Umbrella Rank: 6176
377 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
147 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
936 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
34 KB
2 gstatic.com
fonts.gstatic.com
22 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
280 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
540 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
537 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
619 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
284 B
1 mfadsrvr.com
rtb-usw.mfadsrvr.com — Cisco Umbrella Rank: 7622
408 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1022
546 B
1 idealmedia.io
cm.idealmedia.io — Cisco Umbrella Rank: 8024
158 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 910
348 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
821 B
1 rtbsystem.com
cm.rtbsystem.com — Cisco Umbrella Rank: 3872
771 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
864 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
0 demdex.net Failed
dpm.demdex.net Failed
212 40
Domain Requested by
33 static.criteo.net ads.as.criteo.com
cdnjs.cloudflare.com
static.criteo.net
28 one.jlepp.com 1 redirects one.jlepp.com
22 imageproxy.as.criteo.net ads.as.criteo.com
one.jlepp.com
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
one.jlepp.com
11 pixel.rubiconproject.com 8 redirects one.jlepp.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
one.jlepp.com
googleads.g.doubleclick.net
8 cm.mgid.com jsc.mgid.com
one.jlepp.com
7 csm.as.criteo.net ads.as.criteo.com
7 pagead2.googlesyndication.com one.jlepp.com
pagead2.googlesyndication.com
www.googletagservices.com
6 tpc.googlesyndication.com googleads.g.doubleclick.net
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
5 cm.g.doubleclick.net 2 redirects one.jlepp.com
4 s.amazon-adsystem.com 2 redirects one.jlepp.com
4 s-img.mgid.com one.jlepp.com
3 cdnjs.cloudflare.com ads.as.criteo.com
3 cat.sg1.as.criteo.com ads.as.criteo.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 ads.as.criteo.com googleads.g.doubleclick.net
3 aax-eu.amazon-adsystem.com 2 redirects one.jlepp.com
2 rtb.sg1.as.criteo.com one.jlepp.com
2 capi.connatix.com 1 redirects one.jlepp.com
2 pixel.tapad.com 1 redirects one.jlepp.com
2 ce.lijit.com 1 redirects one.jlepp.com
2 match.prod.bidr.io 2 redirects
2 match.adsrvr.org 2 redirects
2 ad.360yield.com 2 redirects
2 image8.pubmatic.com 1 redirects one.jlepp.com
2 prebid.a-mo.net one.jlepp.com
2 creativecdn.com 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 cdn.mgid.com one.jlepp.com
2 fonts.gstatic.com fonts.googleapis.com
2 jsc.mgid.com one.jlepp.com
jsc.mgid.com
1 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
1 id5-sync.com cdn.id5-sync.com
1 match.sharethrough.com one.jlepp.com
1 sync1.intentiq.com one.jlepp.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 px.ads.linkedin.com one.jlepp.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 c7.eu-4-id5-sync.com cdn.id5-sync.com
1 c6.eu-4-id5-sync.com cdn.id5-sync.com
1 c5.eu-4-id5-sync.com cdn.id5-sync.com
1 c4.eu-4-id5-sync.com cdn.id5-sync.com
1 c3.eu-4-id5-sync.com cdn.id5-sync.com
1 c2.eu-4-id5-sync.com cdn.id5-sync.com
1 c1.eu-4-id5-sync.com cdn.id5-sync.com
1 c0.eu-4-id5-sync.com cdn.id5-sync.com
1 c7.eu-3-id5-sync.com cdn.id5-sync.com
1 c6.eu-3-id5-sync.com cdn.id5-sync.com
1 c5.eu-3-id5-sync.com cdn.id5-sync.com
1 c4.eu-3-id5-sync.com cdn.id5-sync.com
1 c3.eu-3-id5-sync.com cdn.id5-sync.com
1 c2.eu-3-id5-sync.com cdn.id5-sync.com
1 c1.eu-3-id5-sync.com cdn.id5-sync.com
1 c0.eu-3-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 tracker.direct.e-volution.ai 1 redirects
1 rtb-usw.mfadsrvr.com one.jlepp.com
1 cs.admanmedia.com 1 redirects
1 cm.idealmedia.io one.jlepp.com
1 sync.e-volution.ai one.jlepp.com
1 crb.kargo.com one.jlepp.com
1 x.bidswitch.net 1 redirects
1 cm.rtbsystem.com 1 redirects
1 onetag-sys.com cm.mgid.com
1 secure-assets.rubiconproject.com 1 redirects
1 ads.pubmatic.com jsc.mgid.com
1 cdn.id5-sync.com jsc.mgid.com
1 servicer.mgid.com jsc.mgid.com
1 c.mgid.com one.jlepp.com
1 fonts.googleapis.com one.jlepp.com
0 dpm.demdex.net Failed one.jlepp.com
212 75

This site contains no links.

Subject Issuer Validity Valid
jlepp.com
GTS CA 1P5		 2023-11-27 -
2024-02-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2023-10-25 -
2024-11-24		 a year crt.sh
rtb-usw.mfadsrvr.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-05 -
2024-02-03		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.eu-3-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.eu-4-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-22 -
2024-02-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-02-18		 3 months crt.sh
*.as.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-01-22		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-27 -
2024-02-21		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://one.jlepp.com/
Frame ID: 6640926D6A2D9C3A22C988EBD7969FCB
Requests: 97 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 82F4941B0D298F21680EA3C6615F9611
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 8073AD45989ACB7524F83ACBA6F129B5
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=nbjU3JNfuUCf&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 0C08A75D46A440E6BA99CE5237B715C2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2511600893987006&output=html&adk=1812271804&adf=3025194257&lmt=1703029137&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fone.jlepp.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703029136164&bpp=3&bdt=2894&idt=1175&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2808722828681&frm=20&pv=2&ga_vid=2127346281.1703029137&ga_sid=1703029137&ga_hid=1636082548&ga_fc=0&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079266%2C42532524%2C95320885&oid=2&pvsid=2484426186893482&tmod=940025970&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1195
Frame ID: D70C2B8F95A2F0C06C6EEBBEC98BD164
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2511600893987006&output=html&h=600&slotname=4138996536&adk=3175009733&adf=3372448513&pi=t.ma~as.4138996536&w=260&fwrn=4&fwrnh=100&lmt=1703029137&rafmt=1&format=260x600&url=https%3A%2F%2Fone.jlepp.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703029136167&bpp=2&bdt=2897&idt=1201&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2808722828681&frm=20&pv=1&ga_vid=2127346281.1703029137&ga_sid=1703029137&ga_hid=1636082548&ga_fc=0&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079266%2C42532524%2C95320885&oid=2&pvsid=2484426186893482&tmod=940025970&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=1206
Frame ID: 2BCD716375DEFD1E1AF988EB5F2AA49E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E205FAF7633B989FD7A1647977EB9303
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F3369AD6C7EBE50D4393D46C744A3CF5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D7DFD35CEEE495DE5548EAC66661B4DC
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Frame ID: A40B0DB9D91DCE9D2380B0DA52C13AEB
Requests: 32 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Frame ID: DDF481E7462E81BECBC184FB46435C03
Requests: 21 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Frame ID: 435983339AD82764E6638A20FD7DA04C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

One News | Berita Aktual dan Terpercaya

Page URL History Show full URLs

  1. http://one.jlepp.com/ HTTP 301
    https://one.jlepp.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

212
Requests

86 %
HTTPS

37 %
IPv6

40
Domains

75
Subdomains

50
IPs

10
Countries

1891 kB
Transfer

4265 kB
Size

56
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://one.jlepp.com/ HTTP 301
    https://one.jlepp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 52
  • https://cm.rtbsystem.com/mgid?c=nbjU3JNfuUCf&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=556372&c=92ea5111-90e5-5a87-bc74-26845ae27f04
Request Chain 53
  • https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=ZI05G0oD7OAW8QZ_kEJkcdra5HlENwaEPyT3RSbmlBA&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Request Chain 55
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1
Request Chain 56
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=nbjU3JNfuUCf&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=nbjU3JNfuUCf&dsp_id=303&krg_ids=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 59
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bmJqVTNKTmZ1VUNm&muidn=nbjU3JNfuUCf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bmJqVTNKTmZ1VUNm&muidn=nbjU3JNfuUCf&google_tc= HTTP 302
  • https://cm.mgid.com/google?muidn=nbjU3JNfuUCf&google_error=3
Request Chain 60
  • https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?gdpr=0&gdpr_consent=&ccpa=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D HTTP 302
  • https://cm.mgid.com/m?cdsp=675043&c=45679474-d05e-49df-bc86-8678db1108dd
Request Chain 62
  • https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=3d518c03-d92c-48e7-ab1b-fdf0fb0c8e3d
Request Chain 63
  • https://tracker.direct.e-volution.ai/sync?id=5&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D737576%26c%3D%7BPLL_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=737576&c=e32d7919-eb96-096b-8938-2f9ddf32376f
Request Chain 87
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LQCZKTLN-P-I6AT HTTP 302
  • https://cm.mgid.com/m?cdsp=43070&c=LQCZKTLN-P-I6AT&gdpr=0
Request Chain 88
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQCZKTLN-P-I6AT&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 89
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5eb896ec-6092-4827-b2e8-457a65e7e911&gdpr=0&gdpr_consent=&expires=30
Request Chain 90
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/t7JBrCaJ4UHDIYV2axws7A?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_hqwbhtE2oLd2H7XK3yMqhr0Bvpe6m6GI7deYQ--~A
Request Chain 91
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fcHex3EJTe2fYEEFuMt4ig&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fcHex3EJTe2fYEEFuMt4ig&gdpr=0
Request Chain 93
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=t5qXpFxJQMmazcu7-lUUwg&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=t5qXpFxJQMmazcu7-lUUwg&gdpr=0
Request Chain 94
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFDWktUTE4tUC1JNkFU&gdpr=0
Request Chain 95
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjA1MDVkMWM5YWJhYzBkYTA0MmQ2MjcwMWZkM2UzZGNlMWQzMjMxNw&gdpr=0
Request Chain 96
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQCZKTLN-P-I6AT&gdpr=0
Request Chain 97
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAD1lk7LBFMAABP7TxHQjg&expires=30&gdpr=0
Request Chain 98
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQCZKTLN-P-I6AT&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQCZKTLN-P-I6AT HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQCZKTLN-P-I6AT&ckls=true&ci=dsqAC6W13M&nc=false&trid=1253905568
Request Chain 99
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQCZKTLN-P-I6AT&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQCZKTLN-P-I6AT&gdpr=0&dnr=1
Request Chain 100
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQCZKTLN-P-I6AT&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQCZKTLN-P-I6AT&gdpr=0
Request Chain 101
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQCZKTLN-P-I6AT&gdpr=0
Request Chain 102
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQCZKTLN-P-I6AT&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQCZKTLN-P-I6AT&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Request Chain 103
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQCZKTLN-P-I6AT&gdpr=0
Request Chain 129
  • https://id5-sync.com/i/231/8.gif?id5id=ID5*tNBP0snnzV7PloXJ_kMhSJ6MNbklOq6_Fs52w9Q6D5B2GxbSMmtBCMteof90k96OdhzKtgOYzf39zmJTNMFAoQ&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=5eb896ec-6092-4827-b2e8-457a65e7e911&ttl=%%TTL%% HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F112%2F6%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F112%2F6%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/231/112/6/3.gif?puid=D7A3CAD89C9CE2F8&gdpr=0&gdpr_consent= HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=LQCZKTLN-P-I6AT&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/231/19/4/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/231/19/4/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/231/19/4/5.gif?puid=17878db6199194db0a7bec3f9d32f5ce&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F123%2F3%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F123%2F3%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/231/123/3/6.gif?puid=18c8472796a-aab0000010d5e2a&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=17878db6199194db0a7bec3f9d32f5ce&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F485%2F2%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=17878db6199194db0a7bec3f9d32f5ce&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F485%2F2%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0%26gdpr_consent%3D

212 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
one.jlepp.com/
Redirect Chain
  • http://one.jlepp.com/
  • https://one.jlepp.com/
41 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bf831df08f34cc0e37fbecb766cb21cdbae8c5d0f191a4c5db4eb65c417cda7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83837aec78611c53-AKL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 23:38:53 GMT
link
<https://one.jlepp.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YM0TxYICQHwPGClNJBVhvV238eT2lu97NfgTX7vrh5b%2Fewhv3BGGBUaJrNkZmkmEzipgwhffqGepjZ3agJefeBTE4u%2BKuRAni3hfF7eeiBa9fUOsTeC9N31JGWNgSYObkWQRDA1cI1%2FTWT%2Bg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
83837abc592850c0-AKL
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Dec 2023 23:38:36 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=holvKesLhWZXP24KqQMWpkKDq7PFA8LU7ZxsOphdYmqvMXJdgjujythuuZdUrR8T1cy8wyRJYwkarPVsxMstTg0ecdc5J9QYXhV%2BeVu6kMYA3lEAR%2BHC3XdnOuTXbmsI1TyHTzDXbLoZO4MN"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
location
https://one.jlepp.com/
vary
User-Agent
x-redirect-by
WordPress
x-turbo-charged-by
LiteSpeed
style.min.css
one.jlepp.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"19824-6532799e-14000a7afd2bf91d;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqK9seKA5kTUgGhJrzB4iqyNTVhQAIZuoE04KSVFseu9FhwCFRklsZXM6iokihfYjmHb4u8ENq%2Fp%2FF5c%2Fo4AIJMQt5FIKSA7XCNThBS1PUO5FDRqiFizgrWMB8VSqVfQR5DEdR2AilosWV1l"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b531c591c53-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:53 GMT
styles.css
one.jlepp.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.1
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"b2b-6532799e-163d6f7bc738424;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnvA5JZEr4V6vrbZHN3S1F787nyHr6jib4zmsR%2FDw2cRbN4%2FM09lqizrEbBKQobWJ02kBVLl2JOwS2qmDwo5QLL%2F9jyUcdpIEibXZRMScfq2%2FW2eK0lZfucYhMQdmjMDJ1GudXR0faf0cAKD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b531c5b1c53-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:53 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93c474ccab456ed58376fe1ab9e551aa1fdb9b9b2db14bd2f52e25aa1c32ac53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Dec 2023 23:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 19 Dec 2023 23:38:53 GMT
style.css
one.jlepp.com/wp-content/themes/revenue-pro/ 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/themes/revenue-pro/style.css?ver=20180523
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a715c661f106fa77ad59146fa901c9a52bbc515e64f8ca8ca6ec7b26078f75d4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d99b-6532799e-8d725abdcf3ad46c;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOlqFzR9gfC0dYSTGW3viexiey%2FkfpyYfy6%2Bkt2TMOoVug6Y%2Br3E5NYFR04l2rNNEDmOwXSy2nAt6IEojlx%2Flt7wmdoxlsrbXYv%2BupG4dkT9zc%2Fx6Xa7AG0oG70hXF5OG3EF9Vn0Cb%2FHRrcy"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b531c5c1c53-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:53 GMT
genericons.css
one.jlepp.com/wp-content/themes/revenue-pro/genericons/ 		154 B
432 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/themes/revenue-pro/genericons/genericons.css?ver=6.3.2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9a-6532799e-b9d5368c5caefa6a;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asbPuzTQaB3C9h2lX2syhgYU%2B5zGePYrAc%2FvwpnYZxu%2FxZBPffi2zj6EPTgdrhCgu7v%2B6C%2FFw0Xd6zwvJd7T8bAPwe0Ty9pc%2B2x%2F0Cwq4s0NoLYAiUes1fNnyDNlt6%2FFA1Kd32TKQxArY2KQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b531c5d1c53-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:53 GMT
responsive.css
one.jlepp.com/wp-content/themes/revenue-pro/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/themes/revenue-pro/responsive.css?ver=20171012
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba6c8cac4d8d7e28dcb24eb09c61a0c06d7908198cf17f62de01720e3de5d6c9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1ccc-6532799e-bdb83e90feee9304;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iz9aFQ%2Bq1YJIvsTRhiipd1UZTfMtmtibuSdKS508SsvgccjVBJtIn8h%2BCehQ9vPOIfbk%2FIF6uBwCzWf1jXhQTov3K07cb2avp7zjugeSKKCiE33grTlq4tIvJRxbtJHznv%2Bt5rVEliLj5xGt"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b531c5e1c53-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:53 GMT
jquery.min.js
one.jlepp.com/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"155ba-6532799e-ad7bb50f59441f89;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtSgmDIximHLftJP3lzn5XXIl4LGfhJUnaLWsokuTD58bfaUZL75z0QT3jBFHiOU%2FKVwuiALKd7Dz%2F7ev3mrMDoO%2BMb%2BF8VA%2F1ECXiYjwmLSrGDl1REpQyWnurwHojvEPm1%2Bd2kY%2BOusSDzj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b531c5f1c53-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:53 GMT
jquery-migrate.min.js
one.jlepp.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3509-6532799e-4aaa3f258a1e8bde;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BOUmwU5ciRDpJEGTCtUJ8tCsQig8aw9E66m15xs%2FUhywHhIbMFqeACadi3PI5Nus4%2BQf0E8xR23lrSgTdqTXQx9qrFiX9HNjTUp0BLDNREydbSBKsqWuuhWJ9ILA0jE%2Fka4ERu3BjyqWV2x"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b531c621c53-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:53 GMT
checkclicks.js
one.jlepp.com/wp-content/plugins/cfmonitor/js/ 		49 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/plugins/cfmonitor/js/checkclicks.js?ver=6.3.2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df963c9efbf64868ab3312f0ba278b13bf97b69c9b9eae2f9399b922ad07525

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:53 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"31-6532799e-dcb4869935bd650f;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fN6APgF0ifIR7uAHuNkmgWs9ElI7vniX2wA%2FpmAt5DMExhZrognsU3hZ8Ylwi5YueHPT2y88%2F%2BOn2Wu00YziJomxPy%2FwFyrZnSMiIGEzJsG7cLgltufhJ3cmBYoKyQanG%2BR2yqg1%2FaT4gz6l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b531c641c53-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:53 GMT
updateclicks.js
one.jlepp.com/wp-content/plugins/cfmonitor/js/ 		52 B
481 B 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/plugins/cfmonitor/js/updateclicks.js?ver=6.3.2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94034a75027b217a0f3fdfb41f799a60ae88425a7b0e69bf5d9c4c8ce73ff1b7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"34-6532799e-f4e0ddd789a44b76;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLJILqK%2FwBmcGFoitxmVEEETMUieU39ngpggbvWFOS3Q%2FkJuLAgTUFdfNJ%2Bqh3PI%2Fv6p7og5%2FRGaouW5rGeEgcDZO3A3ogw6riqHppUXeU4Lr43vXQxgqrkQzracJkw40vt10E9lAwmtdiS8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b531c651c53-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:53 GMT
check_min.js
one.jlepp.com/wp-content/plugins/cfmonitor/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/plugins/cfmonitor/js/check_min.js?ver=6.3.2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deaf971a839013e15b3917c3256b6e19f036bc569b72312da9526adcecf5d5e0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3514-6532799e-433f5d9d9639e20c;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BcISYVoaroCKcWngBT2p9shI9Fat9K%2FIFsoqTt1NJ98sS0zao98BPSt5BmzGZhRAadFQVeDWMINQMm6Fri9Wlt3mjrkKnyyizBCmIpndC%2B%2FOW0tXZUO5WuEIYRQ%2B0d2sVsakkpEnixoWDNX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b534ca01c53-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:53 GMT
1637141023611-1-1-4-355x199.jpeg
one.jlepp.com/wp-content/uploads/2023/10/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.jlepp.com/wp-content/uploads/2023/10/1637141023611-1-1-4-355x199.jpeg
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ca4aefeee24e97ea3e7a3d5f7c7fafee7243dbb47cca99dd2558c354d975c87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:54 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13568
last-modified
Fri, 20 Oct 2023 16:19:00 GMT
server
cloudflare
etag
"3500-6532a874-4a4fcbbd9d1eea12;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtkbPfEGeupR5YQZ0noJhrRUezfprvWVJ8Qd%2BV8MPyd%2B%2F%2Bh891TWFXw6JWNaPT36IWaMeRDB80JEfUEccP8DEouhLe8lsGMB6MNcyLr84MEbP4yDvSQ0TJ%2BVppKg14KZ%2Bdf5WrLaxyNRhEAv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83837b534ca31c53-AKL
expires
Tue, 26 Dec 2023 23:38:53 GMT
e3498026c2ec0063c6e3b3400d4e4ccdb8dc4c5d335dfcf331c29dbde31e31db.0-660x330-1-2-355x199.jpg
one.jlepp.com/wp-content/uploads/2023/10/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.jlepp.com/wp-content/uploads/2023/10/e3498026c2ec0063c6e3b3400d4e4ccdb8dc4c5d335dfcf331c29dbde31e31db.0-660x330-1-2-355x199.jpg
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c5585d82fc96cf7516f1e22bdd4e2ca819e74c1bb67e86055b590c878b062c0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:54 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
12204
last-modified
Fri, 20 Oct 2023 16:19:01 GMT
server
cloudflare
etag
"2fac-6532a875-ee817abbfb611741;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4I%2FLUF4qgThh6qXmB3qfycdHT3iN7CxxtNc03ygvXothbwEOP%2BxzmEETvpf9rPFfbskGmk8yvTmNPLT9M3iw%2BsDnzB1x8lhOPm4Z9TsAh17DOR%2Fre66YM9WSWZi2BPg7HSNJaFkRNZ6CZgSy"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83837b534ca41c53-AKL
expires
Tue, 26 Dec 2023 23:38:53 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2511600893987006
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
934a85f5f6c30919028e33bbdf2c34e4b688a53cb54e50628fef10e0abcf643d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
Origin
https://one.jlepp.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51287
x-xss-protection
0
server
cafe
etag
4961348056096416342
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 23:38:55 GMT
reeboksneakers.biz.1523443.js
jsc.mgid.com/r/e/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.js
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2f853a569440edd97d7101b365b7ba3d56618a1466530456dcda26c94f7e857
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:55 GMT
x-amz-version-id
ohM.LHhQqoDhYolB2cy63j7gKRCTfMl7
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
6QBGHK6888FBV3RC
cf-polished
origSize=3773
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tN+si6K5W9Kbud6wYZEPqKNsZAmL+4+MhMu/u0KLq9Vq/ZYg+k2bAnWgkikrdeIWBSuAcLAqLRE=
cf-bgj
minify
last-modified
Mon, 27 Nov 2023 14:15:08 GMT
server
cloudflare
etag
W/"e9270e0784d11cef70522026cee4882a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
83837b5f1ee2a81f-SYD
expires
Wed, 20 Dec 2023 02:38:55 GMT
index.js
one.jlepp.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.1
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2a12-6532799e-126cae61cede398b;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwDz1uKySMVns0M1O0YGW3R719ussXXIcELBYz%2Bj1R6kbouGnin8ZE3Vho0F2NnNoWWoYqMslIw5%2BHpH7RGW20a0PJWMcU7UqekC4BixFNC5vqjsvSKS1iaBvK5nstD095wRYdVndG3o6lN2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b534ca61c53-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:53 GMT
index.js
one.jlepp.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.1
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"328f-6532799e-320877bd8f064c5;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QYgmzHqK88zqXp%2BX0NpNpaZ846bi%2FOtICmrNNQnmn8BckPX1Fdlp5Gs3P%2By5BbTLixpl%2BjBOkwF9InNrmH3FDQeb9a7bDi8K7EuA5oxGL%2FVwl94bxiWMgv0uoQqZVpjF7CM23a4Y2fWMyYJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b57da7a725d-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:54 GMT
superfish.js
one.jlepp.com/wp-content/themes/revenue-pro/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/themes/revenue-pro/assets/js/superfish.js?ver=6.3.2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d7c-6532799e-a7961e7ab819f1ce;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvIJtEgtsztP24S5wFW9BcfKV5KlZPLHafgmd2SbS8UHk5SjKxHu80N532rdUxPPqWMNQxuEmuDf9IovyKuBhN5If6toKoPk%2FYh8XfdvQdW1iJNQCgnv3w%2BzqJQ5xwv%2FkPAmdGkendGjLy%2Bo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b586b62725d-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:54 GMT
jquery.slicknav.min.js
one.jlepp.com/wp-content/themes/revenue-pro/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/themes/revenue-pro/assets/js/jquery.slicknav.min.js?ver=6.3.2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"20df-6532799e-8f26d876a1454aeb;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfXaAlmfXosD%2BsNcvYYZLXWU632czAs7rcYuhIxowroI65tHQIRnp5Cf%2FwUcKRgo35nWGTFJuNEFsd%2B1e89L9rz%2F4dlJmGQo7TCN17jCX7%2BlyxDk9OPgJ3TLQ7nLrkhlnrB07q4%2BXV8RAU%2Fm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b5a2e64725d-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:54 GMT
jquery.sticky.js
one.jlepp.com/wp-content/themes/revenue-pro/assets/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/themes/revenue-pro/assets/js/jquery.sticky.js?ver=6.3.2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2765-6532799e-7cb0edc7afdca868;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4jUqeiHsejQ1qtrRzguv5IFQ6Shm8hsCXgyk%2BTkGLWbKqnamSvOCPcwFd%2FGK1nbXYQYgdMEVoLSO7Mpvr0p2IuZNI33Jvm0Yt3yHeiA%2B3dLZg9GfqFrCn37EuF2%2FCq4fQgdPLczGCpzwfpV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b5ceb0b725d-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:55 GMT
modernizr.min.js
one.jlepp.com/wp-content/themes/revenue-pro/assets/js/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/themes/revenue-pro/assets/js/modernizr.min.js?ver=6.3.2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3c36-6532799e-f324af219c4ff56c;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0CRdoYTPwh460%2FGuM%2B9qRKV9gwKRVssXxlHSVUH%2FzshMkM3ddAz57Bm1FSUXWDLjXLQTdoegZXb9HpShER0fu2g3VGeaB%2BlCF2iAZIsBuNY9ccbfHNZP9Ln%2FFX7jmDmuyiVlmNL1gkQirhB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b5e3d5d725d-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:55 GMT
html5.js
one.jlepp.com/wp-content/themes/revenue-pro/assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/themes/revenue-pro/assets/js/html5.js?ver=6.3.2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"285a-6532799e-66b4d100200bb41d;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znTKlcatd4WmyncodFpzAHtP5r%2FrRvX2B1jXDcyTz6Oniziop%2F34pdxIIq3OKOUAu5XtrU1udbA57y7nZZ2SyyKCxb50Ex6jhC5DJj5aXSPbH4d1YV%2FDnyX13YtCUtZbqjtk3XD5G6MU%2Fje4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b5e3d60725d-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:55 GMT
jquery.bxslider.min.js
one.jlepp.com/wp-content/themes/revenue-pro/assets/js/ 		66 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/themes/revenue-pro/assets/js/jquery.bxslider.min.js?ver=6.3.2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"107e0-6532799e-4e0a6003b18d334b;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlU%2FzM8AfoRNrGY9gO%2BfrHxZndNlXdsFlPlCiRXf1DGK46rUGrym3ZcK4HVDRLohVNCGlAUlSXRqe0IxlPoyM0ChvsN5%2BrW3vcHX1acs6dr2CzSyu1GTzr7lG%2BlY5VOIEwqJ3XtcMraWwHvN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b5e3d61725d-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:55 GMT
jquery.custom.js
one.jlepp.com/wp-content/themes/revenue-pro/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/themes/revenue-pro/assets/js/jquery.custom.js?ver=20171010
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b54c606593230660358db37e22ffba85f6a17b9c8619677ecaa6e1e12702f21f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1046-6532799e-792dbf0e0b0949a7;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLsK7rTIt3Kv57y%2FqCENC5%2BkEvGHE2JOXehd9jsme43JfzEN9ddASf0%2FtIzOWqiEnuF0g7cQ%2BlbHsTwsIh2YazxmprClKXazBhbSQMefyVII8rzQ2aMSpLBBOoBgDPtDFE73LIHDfBe718sU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b5e3d62725d-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:55 GMT
54a39be4-a137-4df0-aebd-d0cc7c09d899
https://one.jlepp.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://one.jlepp.com/54a39be4-a137-4df0-aebd-d0cc7c09d899
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Length
1245
Content-Type
text/javascript
genericons.css
one.jlepp.com/wp-content/themes/revenue-pro/genericons/genericons/ 		28 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-content/themes/revenue-pro/genericons/genericons/genericons.css
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/wp-content/themes/revenue-pro/genericons/genericons.css?ver=6.3.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/wp-content/themes/revenue-pro/genericons/genericons.css?ver=6.3.2
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6e6a-6532799e-4799ccc5870c034f;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvdw7c6L73Qo%2BLXJxttCjJnHdadG%2BOrr71ox7lIYagmBzZsrBxoTCNLXCvi6ReVErKq%2BK0YfRTCf%2Fy5GrcReBSEHC3UA0MZN9rvjYiOcHbYm57reY0mDyhVv47yE002xlPLDO9cbXzyUsU3J"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b573921725d-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:54 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://one.jlepp.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 03:58:32 GMT
x-content-type-options
nosniff
age
70823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 03:58:32 GMT
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://one.jlepp.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
application/x-font-woff;charset=utf-8
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://one.jlepp.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 13:39:34 GMT
x-content-type-options
nosniff
age
35961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 13:39:34 GMT
1637141023611-1-1-4-250x250.jpeg
one.jlepp.com/wp-content/uploads/2023/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.jlepp.com/wp-content/uploads/2023/10/1637141023611-1-1-4-250x250.jpeg
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3e2c085d8fb728870bb577cd9c6d1730579fd00313278abdddd57b9d63e013

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
10063
last-modified
Fri, 20 Oct 2023 16:19:00 GMT
server
cloudflare
etag
"274f-6532a874-1a8d7ac5acf520d2;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqMi7IVDObIScBB4pE9fFqUeN9qlNle5eE6UvhqZ2VXMgG8QYkGWDoJSMQhZAwiSVSwedDg6cm%2FKznXvjYCkq3XHq1BLxP2rxBEyBFrjw5BD2LbyzitTGxhtGUoL1RCXR2Cs%2BNRE3vJV7%2F93"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83837b5e5d93725d-AKL
expires
Tue, 26 Dec 2023 23:38:55 GMT
e3498026c2ec0063c6e3b3400d4e4ccdb8dc4c5d335dfcf331c29dbde31e31db.0-660x330-1-2-250x250.jpg
one.jlepp.com/wp-content/uploads/2023/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.jlepp.com/wp-content/uploads/2023/10/e3498026c2ec0063c6e3b3400d4e4ccdb8dc4c5d335dfcf331c29dbde31e31db.0-660x330-1-2-250x250.jpg
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27144f914bfa3ff5a6bdad23e2add0d675167a087db00326b1a7abe5bd2c447e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
11054
last-modified
Fri, 20 Oct 2023 16:19:01 GMT
server
cloudflare
etag
"2b2e-6532a875-7f33d117b1b63708;;;"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQZG1py08bSGJg43d5g0SEEoZlH8XIdKvodTUhotn27pytpu9cWTbGjkRcFg5oGsxdApQ6xqubvo8wqjS9V6P5D21qYLWWJl0CCqm4wdiuhBKHygF89t%2FY0V8IQhdGL47Zvhr%2FUHxqI5YxV5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83837b5e5d96725d-AKL
expires
Tue, 26 Dec 2023 23:38:55 GMT
reeboksneakers.biz.1523443.es6.js
jsc.mgid.com/r/e/ 		315 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc3699dd839ca3a7dc1e8aa7e774359fdc311bda16f675d3ea57aba4383b037
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://one.jlepp.com/
Origin
https://one.jlepp.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:55 GMT
x-amz-version-id
0J2EPewNx8zBUk7PetQtn_j6vBnUjcAA
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
6D7SHTAEG67GTDQV
cf-polished
origSize=322222
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
RnvChZpJb3lL/+HTAfi6EQ4tuvmB7llMZicuJBUBfAcJ1UnBvyqV1TdGcQ0odSVc3SO84prnETKPh7tcmpjWEdMbQc55k6Nw
cf-bgj
minify
last-modified
Mon, 27 Nov 2023 14:15:08 GMT
server
cloudflare
etag
W/"be6c40568fb47806b940d1699994411c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
83837b609e0da7f3-SYD
expires
Wed, 20 Dec 2023 02:38:55 GMT
81456273-786d-4adc-9ff1-6897032186e9
https://one.jlepp.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://one.jlepp.com/81456273-786d-4adc-9ff1-6897032186e9
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Length
0
Content-Type
text/javascript
4aa4fc63-d1b2-4b76-bcaf-6365292011b6
https://one.jlepp.com/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://one.jlepp.com/4aa4fc63-d1b2-4b76-bcaf-6365292011b6
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Length
250
Content-Type
text/javascript
/
c.mgid.com/pv/ 		43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/pv/?lu=https%3A%2F%2Fone.jlepp.com%2F&cbuster=1703029135910420893309&pvid=18c84725a268c339cb9&implVersion=11&cxurl=https%3A%2F%2Fone.jlepp.com%2F&site=909306&i=1&scum=%3F0&scuw=%3F0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
83837b63bceca81f-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
a7f62300-3671-4695-9460-d2b34d32a7fb
https://one.jlepp.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://one.jlepp.com/a7f62300-3671-4695-9460-d2b34d32a7fb
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
FT3B2YNDBGENVSWC
age
4513
alt-svc
h3=":443"; ma=86400
x-amz-id-2
T5sPcjZtf+bDh6XdJmp7hMMaIrle5xKb9BwVfmaNkAxai8X9iK4oKQPncfqBkIMJTmPLzS6Pbg2Yz9at9uMFJU2Q4p1mhW6T9hRl6tH5ghk=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
83837b63fd5ba81f-SYD
expires
Wed, 20 Dec 2023 23:38:56 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
816 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
YQB9E0XZ4AF5YHE7
age
524
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CxpyNkMvUy7EglrL46ndveEgmcKj5NlhgNn3xrtwadQGLxOYO5GJbbUWfWYVC/75XuxenQ1eXpI=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
83837b63fd59a81f-SYD
expires
Wed, 20 Dec 2023 23:38:56 GMT
1
servicer.mgid.com/1523443/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1523443/1?mp4=1&ap=1&w=260&h=1014&sz=257x227&szp=1,2,3,4&szl=1;2;3;4&cols=1&sessionId=65822990-0e51e&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fone.jlepp.com%2F&cbuster=1703029135958662309076&pvid=18c84725a268c339cb9&implVersion=11&cxurl=https%3A%2F%2Fone.jlepp.com%2F&scum=%3F0&scuw=%3F0&uniqId=0770c&niet=4g&nisd=false&pv=5&lct=1701043200&jsv=es6&pageView=1&dpr=1&ref=&tfre=2691
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce495a8f293847c13994464a06e108063fe31445991d0366d9c2cbf977b7e0a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
83837b63fd66a81f-SYD
alt-svc
h3=":443"; ma=86400
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2511600893987006
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:812::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c75d26a1c0116bc0920341dfe9141a8d38cc6b0ac81b47226f7d6ed119c9b30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137930
x-xss-protection
0
server
cafe
etag
15321744077988182258
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 23:38:56 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 82F4 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2511600893987006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

age
83773
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 00:22:43 GMT
etag
5585625838579639069
expires
Tue, 02 Jan 2024 00:22:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
wp-emoji-release.min.js
one.jlepp.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 12:59:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4904-6532799e-40a3add867b7724e;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3lmo9SagLl992CYX1CgnJlEuuSH6jSyxTDGr%2BqziSIJQp6iowfkSwTepEvpapOekGm3KxYk75eYNZHWQgiABcTuJddC37gDkWZPvpCzoKWYCpXlc%2FbH%2F0fn6sMCL4t2uPwe7AY8h69hd7g7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
83837b654ade725d-AKL
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Dec 2023 23:38:56 GMT
admin-ajax.php
one.jlepp.com/wp-admin/ 		35 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://one.jlepp.com/wp-admin/admin-ajax.php?action=ajax-checkclicks&nonce=3aa25c5b1f
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee21190895d4bc1b457c1687bd56d603c1b2377651cc18afe2e48631aaf7b68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://one.jlepp.com/
X-Requested-With
XMLHttpRequest
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/json
access-control-allow-origin
https://one.jlepp.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BFYc%2B8tArkspErWmn0LIfmK2z53XJXiGzcOYNl3vhZKW8fYghdpjipj4B23s%2BS3EOmrTppA1zjH5fmSC8u8glQ4bHJrh7A8R4lg3pCyhnak5QgsRPC8xpZEYa0whW6WNxTUJO2n%2FnLdvM6h"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex
cf-ray
83837b655ae8725d-AKL
expires
Wed, 11 Jan 1984 05:00:00 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOS83MjAwNjUvZmRjN...
s-img.mgid.com/g/17100408/492x277/-/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/17100408/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOS83MjAwNjUvZmRjN2YxZTFhYjJhZDc3MzkyYzZlY2Y1NjAyY2VmYmMuanBn.jpg?v=1703029136-_7R0Eg8p1GUnTY7KWTrdO4Diode8gf-i_b81ylyZMhk
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
328e9382150972f0ad75ef96bc5a2eb9fc6fba83410a4ae2adc6b13809b27c5f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://one.jlepp.com/
Origin
https://one.jlepp.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
d4b56099-8c91-411f-872c-7f5b610ee7a0
age
211540
cf-polished
origSize=35525
alt-svc
h3=":443"; ma=86400
content-length
33275
cf-bgj
imgq:100,h2pri
last-modified
Sun, 24 Sep 2023 12:24:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
83837b66af45571a-SYD
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMi83MDQ3MjEvYWI3N...
s-img.mgid.com/g/17942363/492x277/-/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/17942363/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMi83MDQ3MjEvYWI3NDgwZGY2ODUxMTVkNTRhOWEzYmI5NzAxMDA4NjIuanBlZw.jpg?v=1703029136-UWi1x0STmETYtjkb7tyjPZlfD1y0BZ_08b4A5nG1ASU
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24d882cb0a54823797b48ab3ed070aca0098aacf12b1f66e5943fdb4a6206dc5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://one.jlepp.com/
Origin
https://one.jlepp.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
9b9b632c-12c4-4531-be1d-2774542b93aa
age
1521623
cf-polished
origSize=49745
alt-svc
h3=":443"; ma=86400
content-length
45481
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Dec 2023 08:03:56 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
83837b66af46571a-SYD
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi82Njg1MzYvN2I0M...
s-img.mgid.com/g/17827862/492x277/-/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/17827862/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMi82Njg1MzYvN2I0MzgzYWFlNmYzZjhhYzkxNzE3NDM3N2I4ZWQzYjkuanBn.jpg?v=1703029136-4S1XFYua1rEkOugzKVhL-7gKfft749Tz_pnhUdwuURU
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a93a457edeb2b9816f8a68178543556ba8963578ec24a43ff6bf1120ab58c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://one.jlepp.com/
Origin
https://one.jlepp.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
fee2f4dd-6eb3-498d-86ac-217f9bafb4d6
age
89055
cf-polished
origSize=19697
alt-svc
h3=":443"; ma=86400
content-length
18850
cf-bgj
imgq:100,h2pri
last-modified
Sun, 10 Dec 2023 08:38:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
83837b66af42571a-SYD
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi83ODczMzUvYjUyM...
s-img.mgid.com/g/16534147/492x277/-/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/16534147/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi83ODczMzUvYjUyMjg5ZTMwNTBlMGQ2ZTI4NWUxMmQ2M2Y2ZTRjYWEuanBlZw.jpg?v=1703029136-gq01YMLluC79mhieQxGNSFEIYB2aKxuqCg5JLTpuMf0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e3db3b5fe2d7af142c7381fdf48aaa2b372dafac3a8ee11091e426d222ba39
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://one.jlepp.com/
Origin
https://one.jlepp.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-mg-request-uuid
ffc73e29-3327-453b-9d7b-cb5d88b7bc5d
age
2352637
cf-polished
origSize=12622
alt-svc
h3=":443"; ma=86400
content-length
11819
cf-bgj
imgq:100,h2pri
last-modified
Fri, 23 Jun 2023 01:19:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
83837b66af44571a-SYD
i.js
cm.mgid.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?muid=nbjU3JNfuUCf&cbuster=1703029136253368701022
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e52ea82683b29be80883e5bd1738156c1821bf09584a6e9caede419d448a805e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:38:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83837b65df63a81f-SYD
alt-svc
h3=":443"; ma=86400
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
4N4CCTYM7J75H1D6
age
374
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83837b662d2250c5-AKL
x-amz-id-2
HxcVMuxP0OW/G78BiDAGiW2PHJE/rPRoohTvthsyBV2Ribsfc53+KUTlFOsLroOJbW0WO2z+dgA=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:55:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=55454
accept-ranges
bytes
content-length
63913
expires
Wed, 20 Dec 2023 15:03:10 GMT
usync.html
eus.rubiconproject.com/ Frame 8073
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=nbjU3JNfuUCf&cbuster=1703029136253368701022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.255.186 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-255-186.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://one.jlepp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Dec 2023 23:38:56 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 19 Dec 2023 23:38:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 0C08 		2 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=nbjU3JNfuUCf&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=nbjU3JNfuUCf&cbuster=1703029136253368701022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://one.jlepp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
m
cm.mgid.com/
Redirect Chain
  • https://cm.rtbsystem.com/mgid?c=nbjU3JNfuUCf&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D
  • https://cm.mgid.com/m?cdsp=556372&c=92ea5111-90e5-5a87-bc74-26845ae27f04
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=556372&c=92ea5111-90e5-5a87-bc74-26845ae27f04
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:38:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83837b6a0be2a81f-SYD
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

date
Tue, 19 Dec 2023 23:38:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r46b5zYWX%2BmDMvtxLmZm%2Fz7G2bdxyDRy%2B7TAl3LsXH4w6PCi9M152zYbyeRaAIGQwu4bT58H5HnqAt3SPiGbgdg255VDe1JfDl6SeZGQYgUnqz4Agv3ugcofqI25IL8ABwpFU7IClhwwS7NAByHV"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
location
https://cm.mgid.com/m?cdsp=556372&c=92ea5111-90e5-5a87-bc74-26845ae27f04
cf-ray
83837b67d8b7508c-AKL
alt-svc
h3=":443"; ma=86400
content-length
43
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=
  • https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=ZI05G0oD7OAW8QZ_kEJkcdra5HlENwaEPyT3RSbmlBA&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
43 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=ZI05G0oD7OAW8QZ_kEJkcdra5HlENwaEPyT3RSbmlBA&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:38:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83837b6f1fe05727-SYD
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=ZI05G0oD7OAW8QZ_kEJkcdra5HlENwaEPyT3RSbmlBA&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
pragma
no-cache
date
Tue, 19 Dec 2023 23:38:57 GMT, Tue, 19 Dec 2023 23:38:57 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
0
prebid.a-mo.net/cchain/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Server
207.65.33.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:55 GMT
content-length
0

Redirect headers

location
/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1
date
Tue, 19 Dec 2023 23:38:56 GMT
content-length
269
content-type
text/html; charset=utf-8
bswsync
crb.kargo.com/api/v1/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=nbjU3JNfuUCf&gdpr=0&gdpr_consent=&us_privacy=
  • https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=nbjU3JNfuUCf&dsp_id=303&krg_ids=&gdpr=0&gdpr_consent=&us_privacy=
43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=nbjU3JNfuUCf&dsp_id=303&krg_ids=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Server
52.76.177.21 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-177-21.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:38:57 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
//crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=nbjU3JNfuUCf&dsp_id=303&krg_ids=&gdpr=0&gdpr_consent=&us_privacy=
Date
Tue, 19 Dec 2023 23:38:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
34b9aae5baa016b251b9fc488f4a97cd.gif
sync.e-volution.ai/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=nbjU3JNfuUCf&gdpr=0&gdpr_consent=&ccpa_consent=
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.161.21 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS, US),
Reverse DNS
109.206.161.21.serverel.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Connection
keep-alive
Date
Tue, 19 Dec 2023 23:38:57 GMT
Server
nginx
/
cm.idealmedia.io/setmuidn/ 		0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=nbjU3JNfuUCf
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
83837b67fc9750c8-AKL
alt-svc
h3=":443"; ma=86400
content-length
0
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bmJqVTNKTmZ1VUNm&muidn=nbjU3JNfuUCf
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bmJqVTNKTmZ1VUNm&muidn=nbjU3JNfuUCf&google_tc=
  • https://cm.mgid.com/google?muidn=nbjU3JNfuUCf&google_error=3
0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=nbjU3JNfuUCf&google_error=3
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/plain
cf-ray
83837b6b1b235727-SYD
alt-svc
h3=":443"; ma=86400
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:38:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.mgid.com/google?muidn=nbjU3JNfuUCf&google_error=3
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
261
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?gdpr=0&gdpr_consent=&ccpa=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D
  • https://cm.mgid.com/m?cdsp=675043&c=45679474-d05e-49df-bc86-8678db1108dd
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=675043&c=45679474-d05e-49df-bc86-8678db1108dd
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:38:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83837b6d7e225727-SYD
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 23:38:57 GMT
Server
nginx
Location
https://cm.mgid.com/m?cdsp=675043&c=45679474-d05e-49df-bc86-8678db1108dd
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
sync
rtb-usw.mfadsrvr.com/ 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.212.212.222 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
222.212.212.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=3d518c03-d92c-48e7-ab1b-fdf0fb0c8e3d
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=3d518c03-d92c-48e7-ab1b-fdf0fb0c8e3d
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:38:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83837b6d2dc55727-SYD
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=3d518c03-d92c-48e7-ab1b-fdf0fb0c8e3d
access-control-allow-origin
*
date
Tue, 19 Dec 2023 23:38:57 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
cm.mgid.com/
Redirect Chain
  • https://tracker.direct.e-volution.ai/sync?id=5&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D737576%26c%3D%7BPLL_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=737576&c=e32d7919-eb96-096b-8938-2f9ddf32376f
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=737576&c=e32d7919-eb96-096b-8938-2f9ddf32376f
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:38:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83837b7109f75727-SYD
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

location
https://cm.mgid.com/m?cdsp=737576&c=e32d7919-eb96-096b-8938-2f9ddf32376f
content-length
88
content-type
text/plain; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame 8073 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.255.186 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-255-186.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9c3bb91fde0cd5c32a62635603ca346cba30ceffc49240592fe57605265761ea

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 19 Dec 2023 23:38:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Dec 2023 23:36:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=86183
Connection
keep-alive
Content-Length
13201
Expires
Wed, 20 Dec 2023 23:35:20 GMT
khaos.json
token.rubiconproject.com/ Frame 8073 		7 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame D70C 		159 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2511600893987006&output=html&adk=1812271804&adf=3025194257&lmt=1703029137&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fone.jlepp.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703029136164&bpp=3&bdt=2894&idt=1175&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2808722828681&frm=20&pv=2&ga_vid=2127346281.1703029137&ga_sid=1703029137&ga_hid=1636082548&ga_fc=0&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079266%2C42532524%2C95320885&oid=2&pvsid=2484426186893482&tmod=940025970&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1195
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9966aad577dc1316f008f0bddfb1d5fcc46ed5865ddda43292d303922e880560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
24247
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 23:38:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2BCD 		714 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2511600893987006&output=html&h=600&slotname=4138996536&adk=3175009733&adf=3372448513&pi=t.ma~as.4138996536&w=260&fwrn=4&fwrnh=100&lmt=1703029137&rafmt=1&format=260x600&url=https%3A%2F%2Fone.jlepp.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703029136167&bpp=2&bdt=2897&idt=1201&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2808722828681&frm=20&pv=1&ga_vid=2127346281.1703029137&ga_sid=1703029137&ga_hid=1636082548&ga_fc=0&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079266%2C42532524%2C95320885&oid=2&pvsid=2484426186893482&tmod=940025970&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=1206
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a719d39a44e19fe2776bf84fd9e1f9b794c9b333821eca2f6549f4a9f820e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 23:38:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
v1
lb.eu-1-id5-sync.com/lb/ 		44 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
12a86ca36a9a731ef69629b69cc9930fbe46532b929909faa2c18f909e1347e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
https://one.jlepp.com
date
Tue, 19 Dec 2023 23:38:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:812::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2b7b4e33c4090238d2a09daf42da5ee45e8be0dd819247bb789fb78465a167a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56013
x-xss-protection
0
server
cafe
etag
10048901239571752361
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 23:38:58 GMT
ca-pub-2511600893987006
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2511600893987006?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83dab2709cf33e112d8bff906c538aec343671456304f26bc15fd4a5abb9d4aa
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-gTcwB4fgVdKA8sKZKxI15A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:58 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-gTcwB4fgVdKA8sKZKxI15A' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
c0.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.129.22.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.135 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.112 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.152 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.152 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.178 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.199 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.23 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c0.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.129.22.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.199 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.250 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.54 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.54 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.188 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.152 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.250 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
m
cm.mgid.com/ Frame 8073
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LQCZKTLN-P-I6AT
  • https://cm.mgid.com/m?cdsp=43070&c=LQCZKTLN-P-I6AT&gdpr=0
43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=43070&c=LQCZKTLN-P-I6AT&gdpr=0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83837b85f9135727-SYD
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.mgid.com/m?cdsp=43070&c=LQCZKTLN-P-I6AT&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 8073
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=LQCZKTLN-P-I6AT&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQCZKTLN-P-I6AT&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 23:39:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8CZNEFN59M3AA9RZMEW0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQCZKTLN-P-I6AT&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8073
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5eb896ec-6092-4827-b2e8-457a65e7e911&gdpr=0&gdpr_consent=&expires=30
42 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5eb896ec-6092-4827-b2e8-457a65e7e911&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5eb896ec-6092-4827-b2e8-457a65e7e911&gdpr=0&gdpr_consent=&expires=30
date
Tue, 19 Dec 2023 23:38:59 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 8073
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/t7JBrCaJ4UHDIYV2axws7A?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_hqwbhtE2oLd2H7XK3yMqhr0Bvpe6m6GI7deYQ--~A
42 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_hqwbhtE2oLd2H7XK3yMqhr0Bvpe6m6GI7deYQ--~A
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 19 Dec 2023 23:38:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_hqwbhtE2oLd2H7XK3yMqhr0Bvpe6m6GI7deYQ--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 8073
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fcHex3EJTe2fYEEFuMt4ig&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fcHex3EJTe2fYEEFuMt4ig&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fcHex3EJTe2fYEEFuMt4ig&gdpr=0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 23:39:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1GMK803DG7M3AG5PP7ZP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fcHex3EJTe2fYEEFuMt4ig&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8073 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:38:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8073
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=t5qXpFxJQMmazcu7-lUUwg&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=t5qXpFxJQMmazcu7-lUUwg&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=t5qXpFxJQMmazcu7-lUUwg&gdpr=0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
HTTP/1.1
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 23:39:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WP81ADERE7EHHPQF8FR1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=t5qXpFxJQMmazcu7-lUUwg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8073
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFDWktUTE4tUC1JNkFU&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFDWktUTE4tUC1JNkFU&gdpr=0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:38:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFDWktUTE4tUC1JNkFU&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4290507b7388fb86809e552482e2fff0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8073
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjA1MDVkMWM5YWJhYzBkYTA0MmQ2MjcwMWZkM2UzZGNlMWQzMjMxNw&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjA1MDVkMWM5YWJhYzBkYTA0MmQ2MjcwMWZkM2UzZGNlMWQzMjMxNw&gdpr=0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:38:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjA1MDVkMWM5YWJhYzBkYTA0MmQ2MjcwMWZkM2UzZGNlMWQzMjMxNw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4290507b7388fb86809e552482e2fff0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 8073
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQCZKTLN-P-I6AT&gdpr=0
0
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQCZKTLN-P-I6AT&gdpr=0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E0E95CBC06C14E78A2FE109CF1DE098D Ref B: AKL30EDGE0206 Ref C: 2023-12-19T23:39:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-source-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYM5V7zRkJ6VMAvy5hAXw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQCZKTLN-P-I6AT&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8073
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAD1lk7LBFMAABP7TxHQjg&expires=30&gdpr=0
42 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAD1lk7LBFMAABP7TxHQjg&expires=30&gdpr=0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAD1lk7LBFMAABP7TxHQjg&expires=30&gdpr=0
Date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 8073
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQCZKTLN-P-I6AT&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQCZKTLN-P-I6AT
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQCZKTLN-P-I6AT&ckls=true&ci=dsqAC6W13M&nc=false&trid=1253905568
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQCZKTLN-P-I6AT&ckls=true&ci=dsqAC6W13M&nc=false&trid=1253905568
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Server
13.35.147.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-46.syd1.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:39:02 GMT
via
1.1 26cfb3bc5100503427ae192845c72eca.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
udvrdfPB1Z2H40-cvrKnU3DZdSHFp9RJqMpnNq3cKO-sHMQ2lRgkgw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:39:01 GMT
via
1.1 26cfb3bc5100503427ae192845c72eca.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQCZKTLN-P-I6AT&ckls=true&ci=dsqAC6W13M&nc=false&trid=1253905568
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
BNhCVtZEH63dX0eDD5tYGzxMY0XWPvsfUZi1jUztg8HA3lrYML7I-w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 8073
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LQCZKTLN-P-I6AT&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LQCZKTLN-P-I6AT&gdpr=0&dnr=1
43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQCZKTLN-P-I6AT&gdpr=0&dnr=1
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
HTTP/1.1
Server
209.191.163.152 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 23:39:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 19 Dec 2023 23:39:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LQCZKTLN-P-I6AT&gdpr=0&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 8073
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQCZKTLN-P-I6AT&gdpr=0
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQCZKTLN-P-I6AT&gdpr=0
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQCZKTLN-P-I6AT&gdpr=0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQCZKTLN-P-I6AT&gdpr=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
magnite
prebid.a-mo.net/setuid/ Frame 8073
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
  • https://prebid.a-mo.net/setuid/magnite?uid=LQCZKTLN-P-I6AT&gdpr=0
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQCZKTLN-P-I6AT&gdpr=0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQCZKTLN-P-I6AT&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
pixel
capi.connatix.com/us/ Frame 8073
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LQCZKTLN-P-I6AT&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LQCZKTLN-P-I6AT&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQCZKTLN-P-I6AT&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83837b85ef1f50bf-AKL
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 19 Dec 2023 23:39:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQCZKTLN-P-I6AT&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83837b848bff50bf-AKL
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
v1
match.sharethrough.com/sync/ Frame 8073
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQCZKTLN-P-I6AT&gdpr=0
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQCZKTLN-P-I6AT&gdpr=0
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Server
13.228.80.176 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-80-176.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQCZKTLN-P-I6AT&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
v3
id5-sync.com/gm/ 		696 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
74c43bea4e229da66f998f112df32227fbab0de3b4bfc7537797ec521a6a183a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://one.jlepp.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

access-control-allow-origin
https://one.jlepp.com
date
Tue, 19 Dec 2023 23:38:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame E205 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

age
64673
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 05:41:06 GMT
etag
5585625838579639069
expires
Tue, 02 Jan 2024 05:41:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame F336 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

age
64673
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 05:41:06 GMT
etag
5585625838579639069
expires
Tue, 02 Jan 2024 05:41:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame D7DF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

age
64673
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 05:41:06 GMT
etag
5585625838579639069
expires
Tue, 02 Jan 2024 05:41:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXtXF6Q1f0ixK0p6qkeRyCfpnDWoeDZnUR5kOmn0bOsT0bfa14kyWg29Y_KAZODnozMCEHAPoWOZdGZo4O20JmKKJau0Aqw4d2VEsLgQ17rOQYMmAvimNUS7gbvYemsf1A6kwBFkA==
fundingchoicesmessages.google.com/f/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXtXF6Q1f0ixK0p6qkeRyCfpnDWoeDZnUR5kOmn0bOsT0bfa14kyWg29Y_KAZODnozMCEHAPoWOZdGZo4O20JmKKJau0Aqw4d2VEsLgQ17rOQYMmAvimNUS7gbvYemsf1A6kwBFkA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMDI5MTM5LDUyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9vbmUuamxlcHAuY29tLyIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMysiF4riUSkULFxxPpgkwV2eSITPA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f94079149a89523f87063c5f7caa26ac48d03c60123dfdf54daad082c0e24d3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-d_S_uYTv67RAPfRGksefUQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-d_S_uYTv67RAPfRGksefUQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
afr.php
ads.as.criteo.com/delivery/r/ Frame A40B 		157 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
698b23e45e03acea8c16664eb69b0fba7c9ee57797c8e10950cb80d41e6dfad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 23:38:59 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=qaPZPN7c8uXAChGOR6D8b575Ci-z8W8cF846jN4Lo54g_uGYa8a42msNsGShndRa0quK4zhhW54bVNcEpgRp-7ill8hUS2sO_vi3QlEIfqtli6Fk2JpCFBAnDAhntXgs_lZG2RWGqNhtciKqYr3oAD5qwoam3FX1w6hIFh5EvOptKCQl7oCCIE6GnnEInxnVL_a3mXgt2ItDbD_6JAeUiI00OIZ-vqU1e8UKsn1DS4hK0fNCZFLW7rZ0munKfZi1Qg5pbQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
71425382
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E205 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
78331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 01:53:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E205 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 03:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
73039
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 03:21:41 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E205 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 23:39:00 GMT
afr.php
ads.as.criteo.com/delivery/r/ Frame DDF4 		117 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
aaf281258b11fbcba38683ad511932193446a0149ec880b839da99acf2779293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 23:38:59 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=NFJHht7c8uXAChGOfGkFa96Uhd0GyzZIzw2cSsHmMosCh6PWBgnv2W8bsEsNAxrwJhiHh2i5IRy-oM4ytDRHP53rm5G0RBqHqB8JGN1qGGXznq_g9OmU1LYf6sTcNCUjyXSzZz_5WUR6NhTq_iaw6BqP8brcwX1knDRPyNVUZSsU5oNt_qSjhVCDxO7Gh8px7eL73LggmG_Y3JiB3GzRvE-giiai0pTN-8QpceJwQOLGFwjz_CRgjFPs2iwbM6QP2Efn0g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
30868440
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F336 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
78331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 01:53:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F336 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 03:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
73039
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 03:21:41 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F336 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 23:39:00 GMT
afr.php
ads.as.criteo.com/delivery/r/ Frame 4359 		116 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
ad190ffe64bb35418cd33fb3b31149729dbf6c0f04b133ab9cde5a1721d506d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 23:38:59 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=WCKdtt7c8uXAChGO_wjKsnjOqLTERHcHm_ox0XMOZZEK_1vif1Dnopr7Ts05ldCJzR8nEb_-lhfLPMGljMFCVWbyceCKUGTy8lDhQF_kSgzDJN7F8AYmGcJhENWBU7J2nEN-VFhhLQYhuECTimk2iIvnjY-X-QI6VdnkMg3aOsi_ofAuMtIHpdZPEftgcvjWKvp70OTqOadZaBaUnwR772ZbjVQ-YqCKuAckne0dF0bam2U6vjYk_I65shvYlTKLBfTEXg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
41923745
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D7DF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
78331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 01:53:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D7DF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 03:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
73039
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 03:21:41 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D7DF 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 23:39:00 GMT
AGSKWxX8Co_Xf4o72fXVMuCH0rtyfNSz9Y-1gxdaOFkn8YRebwZJ1nWIDVfVaRInyTA-oDJIh6CvoSdNAaXH0tFR5LFlDLry1MOHewCDZTB-T-IbNBTrmVI4IEpoupjGcCSv8mQXJiKPyA==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX8Co_Xf4o72fXVMuCH0rtyfNSz9Y-1gxdaOFkn8YRebwZJ1nWIDVfVaRInyTA-oDJIh6CvoSdNAaXH0tFR5LFlDLry1MOHewCDZTB-T-IbNBTrmVI4IEpoupjGcCSv8mQXJiKPyA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMysiF4riUSkULFxxPpgkwV2eSITPA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-u3ZUHmXUEHkNxlkF6xTWbw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-u3ZUHmXUEHkNxlkF6xTWbw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://one.jlepp.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWi2O_wjA-fWeiTxmrAnVxywM_wPDRN9ry4pAFqVA2J7mwUy2aV7IRMNmsHEe4jxMyy886sU5Ra-eVepT5VFRZV1p5pAmfP6yrjrX6VsoYqrnEIYMlRFVN5AmyLpGNp-sg2U6OG3A==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWi2O_wjA-fWeiTxmrAnVxywM_wPDRN9ry4pAFqVA2J7mwUy2aV7IRMNmsHEe4jxMyy886sU5Ra-eVepT5VFRZV1p5pAmfP6yrjrX6VsoYqrnEIYMlRFVN5AmyLpGNp-sg2U6OG3A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMDI5MTM5LDgzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9vbmUuamxlcHAuY29tLyIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMysiF4riUSkULFxxPpgkwV2eSITPA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3c869df4137e8a48f3c1141f98c6c5c90627d085dd09ae24901caa30397cfa8e
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-zAA1O1MAR-rS7XOn6KP_-Q' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-security-policy
script-src 'nonce-zAA1O1MAR-rS7XOn6KP_-Q' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame DDF4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame DDF4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DDF4 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 13 Dec 2024 23:39:00 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DDF4 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 13 Dec 2024 23:39:00 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame DDF4 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=a-gFYsqkwLA1YYJwq4-rAiVjtjg3dnsSOOnSFhhzz5NClkDF1HgAoTiUc1DwmdhFiQIC2OktvPFKN14bm8Y4n9elNvgw2fq6LsgwzFguRug7o9DIcHf4Lz14IKqV8O0sAvurMsC91iMgCjqG7mdFbc9z3W-WTJShWL2rUmmxlT_wqdhNBkoq3yprknTZHDz9iXfZzqjltFNFdaxkDB_VjFTdPd15SDlnZJ0RaNaqi_f9ALZHDz0hKVkQoegJyIWGWgM9hpgalsIOhlLO11AdKkWLs_Xzib1UIStrlw0Q-H3ZzmyaQa102CGLj6BQFqN2rTfLugxwdAx_W8jekfFCAlhNo3lQU-HJGClW0z2igY8siSX7mQkaBv0rZTi-yxJarrxXKA47DNpZbcCINoLtVoFVS_LuKDru7lW5yKNFa990_DgK
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:38:59 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2515420
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DDF4 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1940886
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vTdKjggcf1rGVQrhWfkBt%2FoiAmVg7F9YAkSzCd1UvELG%2F8K00kP0hmALcQ2gHlGUBXp4mICk3X0%2BEaifvCFLNN44tGy5bDlMNbkpm%2FlZX0zzbDNkTyuzY90jN2b1s53hGd%2B6UfJ0k7%2BVhrE3vE0MoYB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83837b7feaca725f-AKL
expires
Sun, 08 Dec 2024 23:39:00 GMT
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://id5-sync.com/i/231/8.gif?id5id=ID5*tNBP0snnzV7PloXJ_kMhSJ6MNbklOq6_Fs52w9Q6D5B2GxbSMmtBCMteof90k96OdhzKtgOYzf39zmJTNMFAoQ&o=api&gdpr_consent=undefined&gdpr=false
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=5eb896ec-6092-4827-b2e8-457a65e7e911&ttl=%%TTL%%
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F112%2F6%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F112%2F6%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/231/112/6/3.gif?puid=D7A3CAD89C9CE2F8&gdpr=0&gdpr_consent=
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=LQCZKTLN-P-I6AT&gdpr=0
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/231/19/4/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/231/19/4/5.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/231/19/4/5.gif?puid=17878db6199194db0a7bec3f9d32f5ce&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F123%2F3%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F123%2F3%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/231/123/3/6.gif?puid=18c8472796a-aab0000010d5e2a&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=17878db6199194db0a7bec3f9d32f5ce&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F485%2F2%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=17878db6199194db0a7bec3f9d32f5ce&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F485%2F2%2F7.gif%3Fpuid%3D%24%7...
0
0
animejs.js
static.criteo.net/animejs/ Frame DDF4 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
img
imageproxy.as.criteo.net/img/ Frame DDF4 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?h=116&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F107460%2F4956229%2F37f41b7470574b1eb1804a5ec1a936a8_99bd55bd-21d2-4073-b945-08ff2f7c76c7.png&v=3&w=396&rid=4&s=ZD8X2Ml9Rd82WMY-QkYSW5xQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0bb92622362f436a4368024e962a5727d99a8043c6604d65113ed65c5b6943aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
14822
expires
Thu, 07 Nov 2024 02:16:33 GMT
img
imageproxy.as.criteo.net/img/ Frame DDF4 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FP%2FC%2FPC-BUSIL-XX-01_RNUIBSXS1QXO_e3254a66-43f8-4df9-8a4a-250293b7a18c-cb3c61991b252a90845d84d339498f88_1.jpg&v=3&w=800&rid=4&s=3XxCajalT9vsIjB-PbjTHB7N&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e1ffc5a06c68c21ff0ca0fe22099d11c2327a4e707baec6a1e98c7aba21252f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
60448
expires
Sun, 08 Dec 2024 23:04:38 GMT
all
csm.as.criteo.net/ Frame DDF4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=NFJHht7c8uXAChGOfGkFa96Uhd0GyzZIzw2cSsHmMosCh6PWBgnv2W8bsEsNAxrwJhiHh2i5IRy-oM4ytDRHP53rm5G0RBqHqB8JGN1qGGXznq_g9OmU1LYf6sTcNCUjyXSzZz_5WUR6NhTq_iaw6BqP8brcwX1knDRPyNVUZSsU5oNt_qSjhVCDxO7Gh8px7eL73LggmG_Y3JiB3GzRvE-giiai0pTN-8QpceJwQOLGFwjz_CRgjFPs2iwbM6QP2Efn0g&sds=2&rev=89863&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 19 Dec 2023 23:38:59 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DDF4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DDF4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
nunitosans-700.css
static.criteo.net/design/googlefont/nunitosans/ Frame DDF4 		2 KB
809 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f06a-67a"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
nunitosans-400.css
static.criteo.net/design/googlefont/nunitosans/ Frame DDF4 		2 KB
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f069-67a"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4359 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 4359 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4359 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 13 Dec 2024 23:39:00 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4359 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 13 Dec 2024 23:39:00 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 4359 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=lVw9ptcD_oGfNvrvHti2Q9xKqW9kdj3XQ-g6-kvov9eV4P2NZkqieBRid3_JDQhCj-3RxejvCo7hkwXPMlq9wjtPI9tyz7DN66s4lP4tNc53jlhM7UPHsFJywq7RA2C0cH5zxQYxyYbbB7mxZHORjzyhAu85m7M6sGbNZp4OIqnPxn2dsHn-WR2WNwYwmKT12Owhz33bOzBMAUSA-4GzuqsyX9RqEOr-1vuRjoqjmyCUt0bzvLs7eVMJwoL8APosKWkCYyZjIc6JqTNmOt4l6nmsVpOo9Xz9Vkl2QFEL1SsKlOW58pfPAdBzTBZY-cdrRAjmOQF97wbEo_vub3qCMt1L7xO1kNfweIkhHHVUFGJIURzATu8I7u4ZTT2y9q3g4koT_fjwSDS7tpnqQo7uHdUYgWrCX-f5KauMudPHgcvW3dIK
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1633617
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4359 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1940886
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDXf26UaGCChJTSXaGf2TmcbSe0qp0EhCwD%2BnyLmqd4jcXebJJGrG8SWD0T6Sx76I7garSvHfqhR7iVaStu5x%2FEmDorwIJTtm7Kd5dLHE6wvThYl1OXH%2BBduLxlgQ%2FCXrzW2w94CvCODtNkYHv5z63m2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83837b805b99725f-AKL
expires
Sun, 08 Dec 2024 23:39:00 GMT
nunitosans-700.css
static.criteo.net/design/googlefont/nunitosans/ Frame 4359 		2 KB
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f06a-67a"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
nunitosans-400.css
static.criteo.net/design/googlefont/nunitosans/ Frame 4359 		2 KB
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f069-67a"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 4359 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
truncated
/ Frame D7DF 		448 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2663ee0ff57a9cf12427b6b51b3dc5f5695d29e51d0c77d49e6032ecda47093

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame A40B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame A40B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A40B 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 13 Dec 2024 23:39:00 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A40B 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 13 Dec 2024 23:39:00 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame A40B 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=TUS2gcqkwLA1YYJwq4-rAiVjtjgtQEYRyEqOSMCr9dapv3c6I9xCB2MKwaBJlVkSr146UGkKBM70MbztZsdfQGjK81_33nsQTDptyWkOYqH_Id6bRH_QYJId2wIAXSvjxdSy8hN-7jwjj5O4gABcX-sdkpincUmY5l4qkEMle7sxL_7-xg-ApVA5LZbq29-o0NxzkJV6aDZKcmHMz5VT3FylzTs8XuaDKLOiupOAxvQbqDL7wq9ApV8ws4hw8Uw-EXSA5Dao3On5nA6hTYq_4zJ-YKPQ5aB8mUXCbmkle6JxBNdseA7wQ6a3dod8m7WqoHzJUlSf5LHCHOgRMVFw8ybvIm5KbSKTecAt_B1pHnGiGZe1lRRsGr3dtA_5dOQB-7sdG_2DnB5opA474maTATsWV5t2LLuRBmZXkdHWiAjrchxT
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:38:59 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1810126
expires
Mon, 26 Jul 1997 05:00:00 GMT
img
imageproxy.as.criteo.net/img/ Frame 4359 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?h=244&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F107460%2F4956229%2F213a1ed3857e4ad1affae11f5293ad97_b877c97b-109b-482f-9cda-2ee006b6aceb.png&v=3&w=196&rid=4&s=vI9VQH9GIlvAzmfT_rfX_NQW
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
ff26a1bec1aa9d02ceb20b26dcf0421d1a88f7e5c7a9456c1724d7d164f320c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
15604
expires
Thu, 07 Nov 2024 02:50:36 GMT
img
imageproxy.as.criteo.net/img/ Frame 4359 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FR%2FO%2FROC-ENG-TRT-BLU8_SX3O5VXCZ9I1-714611ae107621ccdf95330f761356fc_1.jpg&v=3&w=800&rid=4&s=smU3-fDhvuBoa2lpe7oiZS52&b=1200
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
9256d516bad34dd634951c0bb8779811af3bc22f724a741cb2053d7f0944f3e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
62940
expires
Mon, 09 Dec 2024 01:29:21 GMT
all
csm.as.criteo.net/ Frame 4359 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=WCKdtt7c8uXAChGO_wjKsnjOqLTERHcHm_ox0XMOZZEK_1vif1Dnopr7Ts05ldCJzR8nEb_-lhfLPMGljMFCVWbyceCKUGTy8lDhQF_kSgzDJN7F8AYmGcJhENWBU7J2nEN-VFhhLQYhuECTimk2iIvnjY-X-QI6VdnkMg3aOsi_ofAuMtIHpdZPEftgcvjWKvp70OTqOadZaBaUnwR772ZbjVQ-YqCKuAckne0dF0bam2U6vjYk_I65shvYlTKLBfTEXg&sds=2&rev=89863&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4359 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4359 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A40B 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1940886
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4ZJHet%2Fyo5XKFET49zSRfnjKxkXp8SP6UuEbQFhami9oMXCLsEWF7qCkWUOavegR8fZiXhk32TDORTwPLX3RS%2BK4VLWtg%2Bzk6btmAyx6ocAGarerCczhafyv%2FE6nePKkpGJ8BCsJNzpchBidufW5Twu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83837b810c901c54-AKL
expires
Sun, 08 Dec 2024 23:39:00 GMT
animejs.js
static.criteo.net/animejs/ Frame A40B 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
nunitosans-400-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame DDF4 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f069-4254"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:01 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?h=116&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F107460%2F4956229%2F37f41b7470574b1eb1804a5ec1a936a8_99bd55bd-21d2-4073-b945-08ff2f7c76c7.png&v=3&w=396&rid=4&s=ZD8X2Ml9Rd82WMY-QkYSW5xQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0bb92622362f436a4368024e962a5727d99a8043c6604d65113ed65c5b6943aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
14822
expires
Thu, 07 Nov 2024 02:16:33 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FP%2FC%2FPC-BUSIL-XX-01_RNUIBSXS1QXO_e3254a66-43f8-4df9-8a4a-250293b7a18c-cb3c61991b252a90845d84d339498f88_1.jpg&v=3&w=400&rid=4&s=YL6ync0fsNIny55GPePjeVZO&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
10215540ea5c27d5ceded7efa5c52a0e54ac30500a05f6df8047bc853b14d37d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
20228
expires
Sun, 08 Dec 2024 23:04:38 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fc%2F5%2Fc5eb5158-d390-4c2b-9eb1-581e02c860e3-5c1db9104057cee1d87145612faf9000.jpeg&v=3&w=400&rid=4&s=xuUgSVE-H1bWw-GfDfwMs0NE&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3e57a120124322d404f0bfb260907d04289c13fe447d7e033973eb02a92f97cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
16132
expires
Fri, 15 Nov 2024 21:52:48 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fb%2F4%2Fb42c2a43-fef3-4a0f-89c8-916e9f7fbd06-84717e09a5a655b0d160eae353ff473c.jpeg&v=3&w=400&rid=4&s=yVUW2-JgIBv1nz941jKj3LXO&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
9151ca3018d23b8e4d4ffe61d4268fbc16c7db1730beccdc505ef92ffe59d401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:38:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
11848
expires
Fri, 15 Nov 2024 21:52:42 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F17e315d6-7f03-43fd-8f11-bd96c4d9f62f-2f645c790df440c1963b8ed6f3fbe986.png&v=3&w=400&rid=4&s=hsdcLBRpiZJ9br9AT7aQCXxD&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3f1dcfebe62f05ac58b5eedf71336ecaceb98f602b872093582d9f57e75dac89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
19192
expires
Sun, 17 Nov 2024 04:00:00 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F249d1208-a6ba-4e37-a63b-b70f9f457a60-55d4bf1c6589ee859340468424f8984e.jpeg&v=3&w=400&rid=4&s=HoVlvI-Uv-5ISM_Y8p0L5HZk&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
152f85967b2d147e1fc7b7c2f6e96a48b90ff8c9d7d1f3dea2f3a2dda41ce153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
8862
expires
Fri, 15 Nov 2024 21:55:48 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FR%2FO%2FROC-ENG-TRT-GN-001-08_SNO5LLKG0TUT-51ebe59643916dafcf27186052cb37b0_1.jpg&v=3&w=400&rid=4&s=DhdeAepoC8dG2Lyuo3hFGO5O&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
30851c47004ecf397c724e02d242aa8eb7a390b27b1236ce73aa781a71de3648
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
11578
expires
Sun, 08 Dec 2024 22:40:15 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fb%2F1%2Fb18b5f21-4663-43f1-99c9-1b48fb666437-c2b73173e4633800cf4e2be0bf1951de.jpeg&v=3&w=400&rid=4&s=cXfdPXA2pwic8c3iuAlTCIYP&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
990a5086ae3d50bc9e29b7188c158406ee74556198b55c4ce449af72fcff31e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
9384
expires
Fri, 22 Nov 2024 23:03:43 GMT
all
csm.as.criteo.net/ Frame A40B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=qaPZPN7c8uXAChGOR6D8b575Ci-z8W8cF846jN4Lo54g_uGYa8a42msNsGShndRa0quK4zhhW54bVNcEpgRp-7ill8hUS2sO_vi3QlEIfqtli6Fk2JpCFBAnDAhntXgs_lZG2RWGqNhtciKqYr3oAD5qwoam3FX1w6hIFh5EvOptKCQl7oCCIE6GnnEInxnVL_a3mXgt2ItDbD_6JAeUiI00OIZ-vqU1e8UKsn1DS4hK0fNCZFLW7rZ0munKfZi1Qg5pbQ&sds=2&rev=89863&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A40B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A40B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
nunitosans-700.css
static.criteo.net/design/googlefont/nunitosans/ Frame A40B 		2 KB
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f06a-67a"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
nunitosans-400.css
static.criteo.net/design/googlefont/nunitosans/ Frame A40B 		2 KB
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f069-67a"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:00 GMT
nunitosans-400-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 4359 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f069-4254"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:01 GMT
nunitosans-700-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 4359 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f06a-42dc"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:01 GMT
nunitosans-400-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame A40B 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f069-4254"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:01 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=10.768474425456244
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-YHbfwxle73Zw-YiYvyGjiw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:39:01 GMT
content-security-policy
script-src 'nonce-YHbfwxle73Zw-YiYvyGjiw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.04555840415405
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-Bwo3TsgeZl21PLzZID3P9g' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:39:01 GMT
content-security-policy
script-src 'nonce-Bwo3TsgeZl21PLzZID3P9g' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F336 		360 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d4dd1f9604aa9a4616997ad232402f5daa732d31f7eae086b407c01a1c039f9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame F336 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C735HkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE2QFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFweCAk_7tbLHn6ggXvxG6mwBG8nt9gBFPgBnJWY2OtbjsLHrjydxHgAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjUxMTYwMDg5Mzk4NzAwNhgA&sigh=Je0QXVMESR4&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_Rg4MBmtBZVfFc_WaAXZK_ExUFIW86D_e485BEZeIY7C1FQa_zHWAL8GWsYhD3Ahs12oMOWrstoPvEeFbKAHEiAoLkR8z2TJu1RgB&cbvp=2&vis=1
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 19 Dec 2023 23:39:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.sg1.as.criteo.com/google/auction/ Frame F336 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.sg1.as.criteo.com/google/auction/notify?profile=14&payload=kuX5GKOzWcgB2ARi-C0SAgAAAMKRTfIIuvR7gq2_OxCRKYJl19AvRSw7F1DJVgAAEgAACgpBUVVERGdFQkRn&wp=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&cbvp=2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
149501
server
Kestrel
content-length
0
img
imageproxy.as.criteo.net/img/ Frame DDF4 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?h=116&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F107460%2F4956229%2F37f41b7470574b1eb1804a5ec1a936a8_99bd55bd-21d2-4073-b945-08ff2f7c76c7.png&v=3&w=396&rid=4&s=ZD8X2Ml9Rd82WMY-QkYSW5xQ
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0bb92622362f436a4368024e962a5727d99a8043c6604d65113ed65c5b6943aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
14822
expires
Thu, 07 Nov 2024 02:16:33 GMT
img
imageproxy.as.criteo.net/img/ Frame DDF4 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FP%2FC%2FPC-BUSIL-XX-01_RNUIBSXS1QXO_e3254a66-43f8-4df9-8a4a-250293b7a18c-cb3c61991b252a90845d84d339498f88_1.jpg&v=3&w=800&rid=4&s=3XxCajalT9vsIjB-PbjTHB7N&b=800
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e1ffc5a06c68c21ff0ca0fe22099d11c2327a4e707baec6a1e98c7aba21252f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
60448
expires
Sun, 08 Dec 2024 23:04:38 GMT
nunitosans-700-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame DDF4 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f06a-42dc"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:01 GMT
truncated
/ Frame E205 		364 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f1d63d6d2bf2486695f0f57b1b6c20f7afee4fb541e0eedfe5f12442992294f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame E205 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CC6x0kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE2QFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3o94VGlRBDr2_s0RSgsuDY3wG1V_RFdcYHtZAAqItT8MO_fWfiQrgAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjUxMTYwMDg5Mzk4NzAwNhgA&sigh=GCmdbIYcq_E&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_Rg4MBmtBZVfFc_WaAXZK_ExUFIW86D_e485BEZeIY7C1FQa_zHWAL8GWsYhD3Ahs12oMOWrstoPvEeFbKAHEiAoLkR8z2TJu1RgB&cbvp=2&vis=1
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 19 Dec 2023 23:39:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.sg1.as.criteo.com/google/auction/ Frame E205 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.sg1.as.criteo.com/google/auction/notify?profile=14&payload=kuX5GKOzWcgB2ARi-C0SAgAAAMKRTfIIuvR7gq2_OxCRKYJlkMgE2uLF6aVPvgAAEgAACgpBUVVCRGdFQkRn&wp=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&cbvp=2
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
174958
server
Kestrel
content-length
0
img
imageproxy.as.criteo.net/img/ Frame A40B 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?h=116&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F107460%2F4956229%2F37f41b7470574b1eb1804a5ec1a936a8_99bd55bd-21d2-4073-b945-08ff2f7c76c7.png&v=3&w=396&rid=4&s=ZD8X2Ml9Rd82WMY-QkYSW5xQ
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0bb92622362f436a4368024e962a5727d99a8043c6604d65113ed65c5b6943aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
14822
expires
Thu, 07 Nov 2024 02:16:33 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FP%2FC%2FPC-BUSIL-XX-01_RNUIBSXS1QXO_e3254a66-43f8-4df9-8a4a-250293b7a18c-cb3c61991b252a90845d84d339498f88_1.jpg&v=3&w=400&rid=4&s=YL6ync0fsNIny55GPePjeVZO&b=400
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
10215540ea5c27d5ceded7efa5c52a0e54ac30500a05f6df8047bc853b14d37d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
20228
expires
Sun, 08 Dec 2024 23:04:38 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fc%2F5%2Fc5eb5158-d390-4c2b-9eb1-581e02c860e3-5c1db9104057cee1d87145612faf9000.jpeg&v=3&w=400&rid=4&s=xuUgSVE-H1bWw-GfDfwMs0NE&b=400
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3e57a120124322d404f0bfb260907d04289c13fe447d7e033973eb02a92f97cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
16132
expires
Fri, 15 Nov 2024 21:52:48 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fb%2F4%2Fb42c2a43-fef3-4a0f-89c8-916e9f7fbd06-84717e09a5a655b0d160eae353ff473c.jpeg&v=3&w=400&rid=4&s=yVUW2-JgIBv1nz941jKj3LXO&b=400
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
9151ca3018d23b8e4d4ffe61d4268fbc16c7db1730beccdc505ef92ffe59d401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
11848
expires
Fri, 15 Nov 2024 21:52:42 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F17e315d6-7f03-43fd-8f11-bd96c4d9f62f-2f645c790df440c1963b8ed6f3fbe986.png&v=3&w=400&rid=4&s=hsdcLBRpiZJ9br9AT7aQCXxD&b=400
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3f1dcfebe62f05ac58b5eedf71336ecaceb98f602b872093582d9f57e75dac89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
19192
expires
Sun, 17 Nov 2024 04:00:00 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F2%2F4%2F249d1208-a6ba-4e37-a63b-b70f9f457a60-55d4bf1c6589ee859340468424f8984e.jpeg&v=3&w=400&rid=4&s=HoVlvI-Uv-5ISM_Y8p0L5HZk&b=400
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
152f85967b2d147e1fc7b7c2f6e96a48b90ff8c9d7d1f3dea2f3a2dda41ce153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
8862
expires
Fri, 15 Nov 2024 21:55:48 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FR%2FO%2FROC-ENG-TRT-GN-001-08_SNO5LLKG0TUT-51ebe59643916dafcf27186052cb37b0_1.jpg&v=3&w=400&rid=4&s=DhdeAepoC8dG2Lyuo3hFGO5O&b=400
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
30851c47004ecf397c724e02d242aa8eb7a390b27b1236ce73aa781a71de3648
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
11578
expires
Sun, 08 Dec 2024 22:40:15 GMT
img
imageproxy.as.criteo.net/img/ Frame A40B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fb%2F1%2Fb18b5f21-4663-43f1-99c9-1b48fb666437-c2b73173e4633800cf4e2be0bf1951de.jpeg&v=3&w=400&rid=4&s=cXfdPXA2pwic8c3iuAlTCIYP&b=400
Requested by
Host: one.jlepp.com
URL: https://one.jlepp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
990a5086ae3d50bc9e29b7188c158406ee74556198b55c4ce449af72fcff31e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:00 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
9384
expires
Fri, 22 Nov 2024 23:03:43 GMT
nunitosans-700-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame A40B 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:10:50 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f06a-42dc"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:39:01 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D7DF 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CQMTxkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE2gFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutroHnTDGT85mZHy3ulI1f3m2vrOoO8hn4-qiBVaFUj97dnXmHvqE4AGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI1MTE2MDA4OTM5ODcwMDYYAA&sigh=f2W1sZq6pbc&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_Rg4MBmtBZVfFc_WaAXZK_ExUFIW86D_e485BEZeIY7C1FQa_zHWAL8GWsYhD3Ahs12oMOWrstoPvEeFbKAHEiAoLkR8z2TJu1RgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 19 Dec 2023 23:39:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame D7DF 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kuX5GKOzWe0HfGL4LRICAAAAwpFN8gi69HuCrb87EJApgmXfI-HlEnpX5sxAAAASAAAKCkFRVUREUUVCRFE&wp=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
138349
server
Kestrel
content-length
0
all
csm.as.criteo.net/ Frame 4359 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=WCKdtt7c8uXAChGO_wjKsnjOqLTERHcHm_ox0XMOZZEK_1vif1Dnopr7Ts05ldCJzR8nEb_-lhfLPMGljMFCVWbyceCKUGTy8lDhQF_kSgzDJN7F8AYmGcJhENWBU7J2nEN-VFhhLQYhuECTimk2iIvnjY-X-QI6VdnkMg3aOsi_ofAuMtIHpdZPEftgcvjWKvp70OTqOadZaBaUnwR772ZbjVQ-YqCKuAckne0dF0bam2U6vjYk_I65shvYlTKLBfTEXg&sds=2&rev=89863&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFa0F2LosAAyT5_4asCBd3UX2ELXACA&u=%7CC%2F%2BL5VUchnTTZf36zGJO899K3RC02i77iaTDsaWcg0U%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLGhYJgYjkM7n1v97iBAzj5Xb9faAU6uluwmtzJDqJRdsctXcYAbM2ZDXIA0gqSAxoENBdrTMKmg_YldBrLq6cDzk7SQPJsPeyh3FmvuLiYltz3QPDu3qk0Z45s7dt4Em9rFiPbtIIPE32TEevhDcjdFeGBqy4h_XL-BHBpsp88dVl1y-XZDqNxwoW8VcOPICwN3nwQ5fi5fDh3vlRWH7zdthkVV5NpFyUMpi9dke4EMzMK78ZjzvdjF-Rwz3mqX0e5Un8zseXRlLwStfGor90tRtE5f45nhNgs3A7w5QvQdOou_KIb6H5VGeHMy0qxR1MfQrK8B-NJSbI1nefEm-9EfwlVUcVyoQLilPcg_kFKfQdv3lggwRZ5-H_wVRX3CWcUFZm-PKEPrGbjjSwhqjExTo7kvk6Er3KiRbsGaOzzAG_5NxZONk-Z2oslECWA8lLFmCX49FIQKtpQNPrhW-ikU8jNT9iXahrx6-_Lg5dkBZOu_msefXWGtAicR3foblDcSB36LeFTRDHlhQxY6RxPnU6b6VzUD_pQQtJct_qtN6ka4Rh2FqiA8k-674DByvw72WJZFbNqRgNdM2SSmupgLqFGA0Tm_fTOxA0gVUX650A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGsWSkSmCZa2rHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3QFP0MaAZZanvi6XfUqJX1mnCaGwciuzKXivfLP4QrbKez4NIZcPHKwegrXaWWim5qNfQTrP6HgvMwdKg066EV8q6lCvybk4O6j6aSW5PmvO-nEoD8hVA3QOww1XJC8eCqowy9jYS1jl96Me2H7V02uvaTDcoE1zacfxeJ_zRSPGcSrduZvTCnxCDhGZ9dmQBfJHmfjoDj2VFRAtDb71q-duMGL-LKUw8eq6jDjvwCGA6XmfutqqHFVR_PGw5257r3ejg2cl8-7EN-UPh2cie0PA3PbjwcEwc-qU7AbbPYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WO-On_bVnIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ql8_W316C2cRlqnQYjPEfk_HVJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
AGSKWxX8Co_Xf4o72fXVMuCH0rtyfNSz9Y-1gxdaOFkn8YRebwZJ1nWIDVfVaRInyTA-oDJIh6CvoSdNAaXH0tFR5LFlDLry1MOHewCDZTB-T-IbNBTrmVI4IEpoupjGcCSv8mQXJiKPyA==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX8Co_Xf4o72fXVMuCH0rtyfNSz9Y-1gxdaOFkn8YRebwZJ1nWIDVfVaRInyTA-oDJIh6CvoSdNAaXH0tFR5LFlDLry1MOHewCDZTB-T-IbNBTrmVI4IEpoupjGcCSv8mQXJiKPyA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMysiF4riUSkULFxxPpgkwV2eSITPA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-OO3NqSOnQm8KK-wcydiQrw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 23:39:02 GMT
content-security-policy
script-src 'nonce-OO3NqSOnQm8KK-wcydiQrw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://one.jlepp.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D7DF 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnxNE2dCWpoeDVqCvf6ZZ01B2ZJtSbQRel_A2bi9ESN5hAYTbLe46gE61ylgO-3EeLqKC651QKP9wSDeRJxsUHB5uFVTVkz7F0Pq63sUQ8_eXbCW9Dq_1H&sig=Cg0ArKJSzJ6lcvC0i8ZvEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703029139512&rpt=1583&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:39:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame DDF4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=NFJHht7c8uXAChGOfGkFa96Uhd0GyzZIzw2cSsHmMosCh6PWBgnv2W8bsEsNAxrwJhiHh2i5IRy-oM4ytDRHP53rm5G0RBqHqB8JGN1qGGXznq_g9OmU1LYf6sTcNCUjyXSzZz_5WUR6NhTq_iaw6BqP8brcwX1knDRPyNVUZSsU5oNt_qSjhVCDxO7Gh8px7eL73LggmG_Y3JiB3GzRvE-giiai0pTN-8QpceJwQOLGFwjz_CRgjFPs2iwbM6QP2Efn0g&sds=2&rev=89863&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 19 Dec 2023 23:39:01 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F336 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWPjQUaV8sNW3r5XB2ZVkg5LRvNhbwDmcCvRYIpGaNESqmfJz0ByJ5uJqevUDUbZ-C7ivoxcbblYMVkeuTOE2UgQqnE7oD-n465p9zRbL8b44Q4HKJcrQF&sig=Cg0ArKJSzLu3zDEbkhwdEAE&id=lidar2&mcvt=1001&p=0,0,600,200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703029139511&rpt=1491&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:39:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame DDF4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=NFJHht7c8uXAChGOfGkFa96Uhd0GyzZIzw2cSsHmMosCh6PWBgnv2W8bsEsNAxrwJhiHh2i5IRy-oM4ytDRHP53rm5G0RBqHqB8JGN1qGGXznq_g9OmU1LYf6sTcNCUjyXSzZz_5WUR6NhTq_iaw6BqP8brcwX1knDRPyNVUZSsU5oNt_qSjhVCDxO7Gh8px7eL73LggmG_Y3JiB3GzRvE-giiai0pTN-8QpceJwQOLGFwjz_CRgjFPs2iwbM6QP2Efn0g&sds=2&rev=89863&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFawF2LosAAyT5yAiRdKj5T12VAcuYw&u=%7CC%2F%2BL5VUchnR5BddNSz5SPSTc6LwZaXnQhUOjLDMyukY%3D%7C&c1=tPIJKG1ovymPjO1ckn1nYDcpzj9IciH4KCA_cSer7K71_nltt2ssESNlqF__G6ZXY8XuEq1Jb6L6neZCcFBaAVFCPZmGW-sG_F7Vvf0lHU2RpYna6BWW-pCg90aTURbuyDsJ4TawbsX70qBJII0uCul6dA0i2GNY_lbQmekSml4YTItBXI_wtLy5jWx_i7Q40bZZeqgBsaoFnznKn2tethnICqBgXunSis0Xam10OZ-54DAx9P95Cbtyt097ZFj9CtqzA3fz8KyI0nlrWE_4HJ4t2ZlNUDm8fSscldeVTKQhIq4edo-tIv9Kz3svfnHwxMX1GWW0YkcOr8zFYxhZYqxpP31kFaICxy9ZLFMIjUVyo2ekDavLEdHPbKcN9eDxAMlGWIsn8ouO56KZamTLQkCXQmFVSAiBUv1Mna6iLYG_2esLUYm5O1J3ozoubYFhbuxchL1HHikYEhb6CguhWNmUsq-qnZrEMVdR5jd-5Zq15q1ah3v_ECyx9V0NVSqIRF3rRvPq5wPtSBZGy6yGmM1opsqHhepM27NU7OBYvupy8CBC_o99DI7XWXi8nL_ly8Cdj4p-31uwUByr71D5fJnUsvUJSclhSnrnwW0D_kdBH0mD1IakHC8GA6f60-PfMGkDzc84eaaSvnQji0Ds60W4t2sHwTDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9dtJkSmCZayrHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0HYSzukfdOqUtdNrfUaLNwsjH9Ks_BYwVhpYpaSiykFSEsN62boyrja0zIFjakgzbv8NFD1XeiW8LXW-736rORHI1PcywyBtAOxsL0qnAERGGFJRKs52fcd4SQeMcypFLbHVvIDYkNVNMGrkSIxcUDG4N2wO_huSHvNecABb_BmLmzEO-jD2GUHtptFsGXS0CqA-V1CzZtVkrUX5Qy9uLONzS5eiaEBuNqtbX2FVDAJFwaKCsmwIojiZFYFmIfrsAcNv5nHqij9XaJE6DxdHC6bANJ0IWKK48ah_gAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2SeaSL-67wdjSrTQ5iDF8LzqiGAg%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 19 Dec 2023 23:39:02 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E205 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlr_ANsIKfr6vyPv1bHWzaTFz8I3VhDbf-3Hi5BFwn0ro0H98MaUB2gXZgV1TnjrYn3RGaGGSYSzsthnCKLmLJALkBRYk7gMFd0rD_PeUWP9IpN39PRg3b&sig=Cg0ArKJSzIIugH5QlycAEAE&id=lidar2&mcvt=1004&p=0,0,600,200&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703029139508&rpt=1465&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:812::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 19 Dec 2023 23:39:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame A40B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=qaPZPN7c8uXAChGOR6D8b575Ci-z8W8cF846jN4Lo54g_uGYa8a42msNsGShndRa0quK4zhhW54bVNcEpgRp-7ill8hUS2sO_vi3QlEIfqtli6Fk2JpCFBAnDAhntXgs_lZG2RWGqNhtciKqYr3oAD5qwoam3FX1w6hIFh5EvOptKCQl7oCCIE6GnnEInxnVL_a3mXgt2ItDbD_6JAeUiI00OIZ-vqU1e8UKsn1DS4hK0fNCZFLW7rZ0munKfZi1Qg5pbQ&sds=2&rev=89863&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYIpkQAHFasF2LosAAyT53RoPaFjsRWes7o1BQ&u=%7CC%2F%2BL5VUchnS%2FBXsDXplFIJsJzajqxHnlhA%2FPGNIfFcg%3D%7C&c1=Dcz_gsP0hEs2hPPxR5MK82vcc0tlf-hy1uMCUj1FbLFBmIawFlZPo7ZjJDNi_GvPZ-NENhdYy0K1XHKUKfLmsh_xIeAzAgu6vdi8jnhKrN7YnznOtBbaQkYHXjmjR68ifmagdCFvIYTLYFy0lgeeX9zummM9Yg-uTH8r3cJo7SLu25_H_CNbgxXBDcmTUhF3MXu7J57Gl0M3aKBjmdS--06b6MI2BUHVcrk9YWKtMy_G6D7k5uWE-sK9eR7K1OBkQFOb285pLM1WP7zCN30hiG-GkZpBvwvy8o-9_ImkJtZSHN8l5U0AuNdxyAO6L5kPcdBu-H3dMvcTJpBJZ5ZZWulLj7NCAtGZQ1eNnWx_fwj4WBZMxZGNHE7w1oqYd9doKq5lWAp97VOqFVL5leik3B5OhMQQw_mhsJQsJgAbjoh69GQsImWSdNMGfYT9FIKIaskg3VSjUWIlg4o48wQRecHCieaCg5pQ05vZpEUHKbeug7TLGzgBOD83-p2h-TCMb-V48YNaZ5MlwAcqZF2YGPPbp-eafCXfJtb1Toi9hpZxv0in-5pT-7KYcWTIwIkYo6lTTbi-MJtsm0XBQexwvVx9MctcbJydhvV--Kkls6McKKo5KJJohaQbkgiaQmf3uoJQZWoDlzPlIKsIuPBvOaxP98HdWV9U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR10-kSmCZaurHKz04t4P56eyuAmY_NGxXLrzw-WFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi0yNTExNjAwODkzOTg3MDA2yAEJqQLiRBaaB4ymPqgDAcgDAqoE3AFP0J0rQINAjXRbMFLj7Xl-M3o52t8fPu5d59u2jXTy6_Ma2tzPw4NTJrFAdRr12lR-6F4HEKKIXhphIfCVh0WgDSaOine3i6Ojyr9nkqegku_KpWKJeyGUqYBH9lxs7LWuOOQhza6k5g8XJQ1vZk91YfekEEvxLTdsEcFjiUNAZba-GtX4p95fPfPwgwF50jWV7MCFAXODD1Uua6BEkHjQrfhZc9TfJ-3_3T69sv8bwBaI3s16dfu0yrOIAURg1OB4l07ZD1_oTnlEiPOqVpBBCyEgIxA971rUuIpugAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY746f9tWcgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3plNVxQptStCQibyKDXe23b9MGJA%26client%3Dca-pub-2511600893987006%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 19 Dec 2023 23:39:02 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
w_ad.aspx
fundingchoicesmessages.google.com/f/AGSKWxUU5VrQLWR1MrYUArf7vM7APgQYjqFWHCUz7ywwU1o_LKt-sboVhqfM7beO2LUo9siU7pjgUukFwg8rrBVdW5-SueR3JIXq86U7jGFU55EVP2Q-b5EZZi4pNWZyn-vWhV2QGWFxFw4bAmbSEYGbKI48WTgFy... 		54 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUU5VrQLWR1MrYUArf7vM7APgQYjqFWHCUz7ywwU1o_LKt-sboVhqfM7beO2LUo9siU7pjgUukFwg8rrBVdW5-SueR3JIXq86U7jGFU55EVP2Q-b5EZZi4pNWZyn-vWhV2QGWFxFw4bAmbSEYGbKI48WTgFyTyiDwRQbJxHnOPQ48NwXfmibPiVaKHg/__doubleclick./attachad.=ad&action=/w_ad.aspx?/ad/index_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzPYjN9S8yuKSdzf5DBVTWvaboYzw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bca826252312359148693e34c05c70ddf31206db2914a2afb6a563e7881e388c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-LV5warm-MYFGjjodi1wTrA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-LV5warm-MYFGjjodi1wTrA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzPYjN9S8yuKSdzf5DBVTWvaboYzw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:812::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 22:43:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
3310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 19 Dec 2023 23:43:52 GMT
AGSKWxX8Co_Xf4o72fXVMuCH0rtyfNSz9Y-1gxdaOFkn8YRebwZJ1nWIDVfVaRInyTA-oDJIh6CvoSdNAaXH0tFR5LFlDLry1MOHewCDZTB-T-IbNBTrmVI4IEpoupjGcCSv8mQXJiKPyA==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX8Co_Xf4o72fXVMuCH0rtyfNSz9Y-1gxdaOFkn8YRebwZJ1nWIDVfVaRInyTA-oDJIh6CvoSdNAaXH0tFR5LFlDLry1MOHewCDZTB-T-IbNBTrmVI4IEpoupjGcCSv8mQXJiKPyA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMysiF4riUSkULFxxPpgkwV2eSITPA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-9R_IKx33GlR5RFXp0PeyEA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 23:39:02 GMT
content-security-policy
script-src 'nonce-9R_IKx33GlR5RFXp0PeyEA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://one.jlepp.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX8Co_Xf4o72fXVMuCH0rtyfNSz9Y-1gxdaOFkn8YRebwZJ1nWIDVfVaRInyTA-oDJIh6CvoSdNAaXH0tFR5LFlDLry1MOHewCDZTB-T-IbNBTrmVI4IEpoupjGcCSv8mQXJiKPyA==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX8Co_Xf4o72fXVMuCH0rtyfNSz9Y-1gxdaOFkn8YRebwZJ1nWIDVfVaRInyTA-oDJIh6CvoSdNAaXH0tFR5LFlDLry1MOHewCDZTB-T-IbNBTrmVI4IEpoupjGcCSv8mQXJiKPyA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMysiF4riUSkULFxxPpgkwV2eSITPA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-B9gA9qQKl-dceV4MdFwQqw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 23:39:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-B9gA9qQKl-dceV4MdFwQqw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://one.jlepp.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX8Co_Xf4o72fXVMuCH0rtyfNSz9Y-1gxdaOFkn8YRebwZJ1nWIDVfVaRInyTA-oDJIh6CvoSdNAaXH0tFR5LFlDLry1MOHewCDZTB-T-IbNBTrmVI4IEpoupjGcCSv8mQXJiKPyA==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX8Co_Xf4o72fXVMuCH0rtyfNSz9Y-1gxdaOFkn8YRebwZJ1nWIDVfVaRInyTA-oDJIh6CvoSdNAaXH0tFR5LFlDLry1MOHewCDZTB-T-IbNBTrmVI4IEpoupjGcCSv8mQXJiKPyA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMysiF4riUSkULFxxPpgkwV2eSITPA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-T8fSsHeYw8w5KtGFgdCyIg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 23:39:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-T8fSsHeYw8w5KtGFgdCyIg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://one.jlepp.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX8Co_Xf4o72fXVMuCH0rtyfNSz9Y-1gxdaOFkn8YRebwZJ1nWIDVfVaRInyTA-oDJIh6CvoSdNAaXH0tFR5LFlDLry1MOHewCDZTB-T-IbNBTrmVI4IEpoupjGcCSv8mQXJiKPyA==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX8Co_Xf4o72fXVMuCH0rtyfNSz9Y-1gxdaOFkn8YRebwZJ1nWIDVfVaRInyTA-oDJIh6CvoSdNAaXH0tFR5LFlDLry1MOHewCDZTB-T-IbNBTrmVI4IEpoupjGcCSv8mQXJiKPyA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMysiF4riUSkULFxxPpgkwV2eSITPA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-SHbWKWZXxUS-nL0Jn7v3dg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 23:39:03 GMT
content-security-policy
script-src 'nonce-SHbWKWZXxUS-nL0Jn7v3dg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://one.jlepp.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUgu-IPj9XG0sXD7xMlTPvqJ26whl5ng9GzIV5m5zV6rLtKUuqF_s1AWLTJcgMtFyx_HNsthcvwPZe5ZXVNU2tWn5FKhHHSB2aXes_MGo6jT9zsbuWZFcnNicQ1PIwf5bTeyhiqiA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUgu-IPj9XG0sXD7xMlTPvqJ26whl5ng9GzIV5m5zV6rLtKUuqF_s1AWLTJcgMtFyx_HNsthcvwPZe5ZXVNU2tWn5FKhHHSB2aXes_MGo6jT9zsbuWZFcnNicQ1PIwf5bTeyhiqiA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMDI5MTQzLDIwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNywxMCw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9vbmUuamxlcHAuY29tLyIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMysiF4riUSkULFxxPpgkwV2eSITPA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30588b8c5666e0fda34fc4a6bc029733fed058ccb7f88c280b4d2002536381d3
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-Zs8OPlJex1hOaBA69U-BYA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.jlepp.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 19 Dec 2023 23:39:03 GMT
content-security-policy
script-src 'nonce-Zs8OPlJex1hOaBA69U-BYA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXjCFKkRvgO40VE7ke35kkkbxu6SVLcJWZs-5dUop77ms1swebvFMUj6y-Z_2mqQY75-PYp6FLt1YDU-6LmI3QLs3eOmPo-794tDvVl7xfVTzKtV2VuxbXQ7uL0kVCq1xca-RC37Q==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXjCFKkRvgO40VE7ke35kkkbxu6SVLcJWZs-5dUop77ms1swebvFMUj6y-Z_2mqQY75-PYp6FLt1YDU-6LmI3QLs3eOmPo-794tDvVl7xfVTzKtV2VuxbXQ7uL0kVCq1xca-RC37Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMysiF4riUSkULFxxPpgkwV2eSITPA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:80b::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-_YEaW2h7N-WFng-mP37yxg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://one.jlepp.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 23:39:03 GMT
content-security-policy
script-src 'nonce-_YEaW2h7N-WFng-mP37yxg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://one.jlepp.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dpm.demdex.net
URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=17878db6199194db0a7bec3f9d32f5ce&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F485%2F2%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D0%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery object| AjaxCheckClicks object| AjaxUpdateClicks object| clientcfmonitor function| cfmonitorProcess function| ajax_post function| checkit function| countajaxclicks function| saveIframes function| findIframes function| iframeAction function| initiateIframe function| processMouseOut function| processMouseOver function| processIFrameClick function| saveElements function| updateElements string| clientIP string| maxclickcount string| bannedperiod string| nonceUpdate string| nonceCount string| preurl string| counturl object| firstclickdata number| firstclickdate number| updatedVisitCount string| currentURL function| jq number| oneDay object| clickdate object| currDate number| secondDate object| endDate string| customclass string| firstclick string| disablead string| wrapperclass object| cfmonitor_options boolean| isOverIFrame object| object object| adsbygoogle object| swv object| wpcf7 object| html5 object| Modernizr function| yepnope object| _mgIntExchangeNews object| MarketGidInfC1523443 boolean| mg_loaded_909306_1523443 function| _mgWidgetLoad1523443 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint909306 object| _mgPageView909306 object| _mgPvidList string| _mgPvid string| _mgCanonicalUri object| _mgUserPages object| onClickExcludes function| mgReject1523443 function| mgLoadAds1523443_0770c function| _mgConsentWait1523443_0770c function| MarketGidCReject1523443 function| MarketGidLoadGoods1523443_0770c object| _mgSessionPages string| _mgSessionId number| _mgSessionPagesNumber object| _mgSessionsTimeList object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| _mgViewrate1523443 string| _mgUniqueHash1523443_0770c boolean| i.js.loaded object| PWT object| pbjs object| regeneratorRuntime object| ID5 object| __id5_instances object| owpbjsChunk object| owpbjs object| _pbjsGlobals boolean| _mgPubmaticExists object| twemoji object| wp function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTAwOGQyYmQ0YTM2ZmMyMGxvYWRlcl9qcw== string| NTAwOGQyYmQ0YTM2ZmMyMGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady boolean| _mgID5Exists object| googletag boolean| b93d4c99-361c-48cc-af32-16f255cf2dcf

56 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: z4HIzwik_dzKX8p4KxdTRBaQC6LAN0QITe9uRGvSkhQ-1703029135-1-AW2RCvIgWsxVG6fQxIkJriXwaiCi+ivi+w434ZWBWlNbF7Hd1lHhRz2xlKX8vAuzU0nb2QcZNYpTPhQpUxz/xYQ=
.mgid.com/ Name: muidn
Value: nbjU3JNfuUCf
one.jlepp.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1523443%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221703029136248%22%7D%7D
one.jlepp.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.rtbsystem.com/ Name: ut-0
Value: 92ea5111-90e5-5a87-bc74-26845ae27f04
.rtbsystem.com/ Name: ut-28
Value: 6367880726032
.rtbsystem.com/ Name: ut-15
Value: 23C4E9741ABCDE5BA1AA85126EAF596CF1E84C0DD2EDF2305DF3E010C02659E3
.bidswitch.net/ Name: tuuid
Value: 6f6e2b77-36b3-40d8-856c-9250363b8d83
.bidswitch.net/ Name: c
Value: 1703029137
.bidswitch.net/ Name: tuuid_lu
Value: 1703029137
.360yield.com/ Name: tuuid
Value: 3d518c03-d92c-48e7-ab1b-fdf0fb0c8e3d
.360yield.com/ Name: tuuid_lu
Value: 1703029137
.creativecdn.com/ Name: u
Value: oe4RVpDgKlgI2duok6HV
.creativecdn.com/ Name: g
Value: oe4RVpDgKlgI2duok6HV_1703029137274
.creativecdn.com/ Name: ts
Value: 1703029137
.admanmedia.com/ Name: admtr
Value: 45679474-d05e-49df-bc86-8678db1108dd
.admanmedia.com/ Name: ac_r
Value: CS77
.jlepp.com/ Name: __gads
Value: ID=68c485d416792d13:T=1703029137:RT=1703029137:S=ALNI_MZ_v0-IqQSgx5Hf9I25efMNPub-RQ
.jlepp.com/ Name: __gpi
Value: UID=00000cb76fee24b3:T=1703029137:RT=1703029137:S=ALNI_MZwF43bHZtt9-f3itkGZcU2__iqsQ
.e-volution.ai/ Name: lluid
Value: e32d7919-eb96-096b-8938-2f9ddf32376f
.rubiconproject.com/ Name: khaos
Value: LQCZKTLN-P-I6AT
.adsrvr.org/ Name: TDID
Value: 5eb896ec-6092-4827-b2e8-457a65e7e911
.yahoo.com/ Name: A3
Value: d=AQABBJMpgmUCEATWI5RUvorFK3H9oi-XlIwFEgEBAQF7g2WMZQAAAAAA_eMAAA&S=AQAAAguZr0zaFsZr7jJ6b6dQQh8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidr.io/ Name: bito
Value: AAD1lk7LBFMAABP7TxHQjg
.bidr.io/ Name: bitoIsSecure
Value: ok
.linkedin.com/ Name: bcookie
Value: "v=2&c1901b11-ca7a-4a46-8fcd-b1f4d07bbe98"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3210:u=1:x=1:i=1703029140:t=1703115540:v=2:sig=AQEkFXsmadKFGNO6SO_hbydB1KuiAKtb"
.amazon-adsystem.com/ Name: ad-id
Value: A7kTPjHMhkU3oBenk8_fv5A
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.id5-sync.com/ Name: id5
Value: 20701439-cd07-701f-96fc-82e90e842119#1703029140537#2
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCLjThM-2vcA8EAUYASABKAIyCwiS8YqJzb3APBAFOAFaBzhoOXUxMWhgAg..
.tapad.com/ Name: TapAd_TS
Value: 1703029140972
.tapad.com/ Name: TapAd_DID
Value: ba610fb5-f132-4665-82c3-5545e4bd2726
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.connatix.com/ Name: cnx_userId
Value: c9d6261b6fa14f8a8c7f234d437f491d
.lijit.com/ Name: ljt_reader
Value: H2YLBQZH9mUlV_RXRaSPTy74
.sharethrough.com/ Name: stx_user_id
Value: ada801ce-6656-48aa-a9f4-5f6c29553368
.semasio.net/ Name: SEUNCY
Value: D7A3CAD89C9CE2F8
cm.mgid.com/ Name: mg_sync
Value: {"265689":1703029136,"363887":1703029136,"363888":1703029136,"43070":1703029141,"433146":1703029136,"501037":1703029137,"516418":1703029136,"556372":1703029137,"665953":1703029137,"737576":1703029138}
.lijit.com/ Name: _ljtrtb_80
Value: LQCZKTLN-P-I6AT
.intentiq.com/ Name: intentIQ
Value: dsqAC6W13M
.intentiq.com/ Name: IQver
Value: 1.9
.rubiconproject.com/ Name: audit
Value: 1|gDWhD4UHCdUCMIy+1z1m1smvENcS5dCWQziYU5O/exgMBauyBg8c1D0sWlLT0ji1QNwnAoPk+5UiZ07GJqnMnrT0MEv0F07OHm0QlslGhrY=
.intentiq.com/ Name: intentIQCDate
Value: 1703029142251
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUeXZvaXhy
.intentiq.com/ Name: IQPData
Value: 1732971354#1703029142250#0#1703029142250
.intentiq.com/ Name: ASDT
Value: 0
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 17878db6199194db0a7bec3f9d32f5ce
.jlepp.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_Glp_ET6J1VtOr8uiDvJ7jfydTXVsJSqJciFRGxPO9e9C9cUj-oZNqCpUh7t3KZWUg2QmU1JijBNbnsnXcjmHCABULTm4NVtNZyLIsG5n0bDIQZjUlVzA8kyZRNfDlepGQ7kPvY6uxCT2I5xdKGt_XmPQNDA%3D%3D%22%5D%5D
.id5-sync.com/ Name: 3pi
Value: 112#1703029141950#-1731181718#D7A3CAD89C9CE2F8|19#1703029143514#214164806#17878db6199194db0a7bec3f9d32f5ce|264#1703029140920#1680485156#5eb896ec-6092-4827-b2e8-457a65e7e911|285#1703029142514#-1901229437#LQCZKTLN-P-I6AT
.eyeota.net/ Name: mako_uid
Value: 18c8472796a-aab0000010d5e2a
.eyeota.net/ Name: SERVERID
Value: 24106~DM

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1(Line 17)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad.360yield.com
ads.as.criteo.com
ads.pubmatic.com
c.mgid.com
c0.eu-3-id5-sync.com
c0.eu-4-id5-sync.com
c1.eu-3-id5-sync.com
c1.eu-4-id5-sync.com
c2.eu-3-id5-sync.com
c2.eu-4-id5-sync.com
c3.eu-3-id5-sync.com
c3.eu-4-id5-sync.com
c4.eu-3-id5-sync.com
c4.eu-4-id5-sync.com
c5.eu-3-id5-sync.com
c5.eu-4-id5-sync.com
c6.eu-3-id5-sync.com
c6.eu-4-id5-sync.com
c7.eu-3-id5-sync.com
c7.eu-4-id5-sync.com
capi.connatix.com
cat.sg1.as.criteo.com
cdn.id5-sync.com
cdn.mgid.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cm.rtbsystem.com
crb.kargo.com
creativecdn.com
cs.admanmedia.com
csm.as.criteo.net
dpm.demdex.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
id5-sync.com
image8.pubmatic.com
imageproxy.as.criteo.net
jsc.mgid.com
lb.eu-1-id5-sync.com
live.primis.tech
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
one.jlepp.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
px.ads.linkedin.com
rtb-usw.mfadsrvr.com
rtb.jp2.as.criteo.com
rtb.sg1.as.criteo.com
s-img.mgid.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
servicer.mgid.com
static.criteo.net
sync.e-volution.ai
sync.intentiq.com
sync1.intentiq.com
token.rubiconproject.com
tpc.googlesyndication.com
tracker.direct.e-volution.ai
www.googletagservices.com
x.bidswitch.net
dpm.demdex.net
104.18.41.104
104.68.31.231
109.206.161.21
13.228.80.176
13.35.147.46
131.153.206.102
142.251.221.66
147.135.71.203
15.197.193.217
162.19.138.118
162.19.138.120
18.140.209.232
182.161.73.132
185.184.8.90
207.65.33.79
209.191.163.152
23.198.59.89
23.52.255.186
2404:6800:4006:809::2001
2404:6800:4006:809::2002
2404:6800:4006:809::2003
2404:6800:4006:80b::200e
2404:6800:4006:811::2002
2404:6800:4006:811::200a
2404:6800:4006:812::2002
2406:2600:4::13
2406:2600:7:100::1
2406:2600:7:100::15
2406:2600:7:100::1f
2406:2600:7:100::e
2406:2600:7:100::f
2406:da18:929:5a03:b77c:bd67:d3cb:a383
2600:9000:21b5:4c00:1a:5235:f980:93a1
2606:4700:10::ac43:266a
2606:4700:1::6813:814c
2606:4700:3032::ac43:8a3f
2606:4700:3035::6815:815
2606:4700:3035::ac43:bfac
2606:4700::6811:180e
2606:4700::6813:9822
2620:1ec:21::14
34.111.113.62
35.212.212.222
35.213.12.39
51.75.88.178
51.75.89.188
51.75.89.23
51.75.92.250
51.75.93.54
51.75.95.112
51.75.95.135
51.75.95.152
51.75.95.199
51.79.152.81
52.199.220.35
52.46.143.56
52.76.177.21
52.95.115.255
57.129.22.38
69.173.151.100
69.173.158.64
80.77.87.161
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb92622362f436a4368024e962a5727d99a8043c6604d65113ed65c5b6943aa
0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098
0df963c9efbf64868ab3312f0ba278b13bf97b69c9b9eae2f9399b922ad07525
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
0f94079149a89523f87063c5f7caa26ac48d03c60123dfdf54daad082c0e24d3
10215540ea5c27d5ceded7efa5c52a0e54ac30500a05f6df8047bc853b14d37d
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
12a86ca36a9a731ef69629b69cc9930fbe46532b929909faa2c18f909e1347e4
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
152f85967b2d147e1fc7b7c2f6e96a48b90ff8c9d7d1f3dea2f3a2dda41ce153
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7
1b3e2c085d8fb728870bb577cd9c6d1730579fd00313278abdddd57b9d63e013
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
24d882cb0a54823797b48ab3ed070aca0098aacf12b1f66e5943fdb4a6206dc5
27144f914bfa3ff5a6bdad23e2add0d675167a087db00326b1a7abe5bd2c447e
27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30588b8c5666e0fda34fc4a6bc029733fed058ccb7f88c280b4d2002536381d3
30851c47004ecf397c724e02d242aa8eb7a390b27b1236ce73aa781a71de3648
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e9382150972f0ad75ef96bc5a2eb9fc6fba83410a4ae2adc6b13809b27c5f
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3c869df4137e8a48f3c1141f98c6c5c90627d085dd09ae24901caa30397cfa8e
3ca4aefeee24e97ea3e7a3d5f7c7fafee7243dbb47cca99dd2558c354d975c87
3e57a120124322d404f0bfb260907d04289c13fe447d7e033973eb02a92f97cd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f1dcfebe62f05ac58b5eedf71336ecaceb98f602b872093582d9f57e75dac89
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4a719d39a44e19fe2776bf84fd9e1f9b794c9b333821eca2f6549f4a9f820e53
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5c5585d82fc96cf7516f1e22bdd4e2ca819e74c1bb67e86055b590c878b062c0
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
698b23e45e03acea8c16664eb69b0fba7c9ee57797c8e10950cb80d41e6dfad3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f1d63d6d2bf2486695f0f57b1b6c20f7afee4fb541e0eedfe5f12442992294f
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74c43bea4e229da66f998f112df32227fbab0de3b4bfc7537797ec521a6a183a
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7bf831df08f34cc0e37fbecb766cb21cdbae8c5d0f191a4c5db4eb65c417cda7
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
83dab2709cf33e112d8bff906c538aec343671456304f26bc15fd4a5abb9d4aa
8d4dd1f9604aa9a4616997ad232402f5daa732d31f7eae086b407c01a1c039f9
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9151ca3018d23b8e4d4ffe61d4268fbc16c7db1730beccdc505ef92ffe59d401
9256d516bad34dd634951c0bb8779811af3bc22f724a741cb2053d7f0944f3e3
92e3db3b5fe2d7af142c7381fdf48aaa2b372dafac3a8ee11091e426d222ba39
934a85f5f6c30919028e33bbdf2c34e4b688a53cb54e50628fef10e0abcf643d
93c474ccab456ed58376fe1ab9e551aa1fdb9b9b2db14bd2f52e25aa1c32ac53
94034a75027b217a0f3fdfb41f799a60ae88425a7b0e69bf5d9c4c8ce73ff1b7
990a5086ae3d50bc9e29b7188c158406ee74556198b55c4ce449af72fcff31e6
9966aad577dc1316f008f0bddfb1d5fcc46ed5865ddda43292d303922e880560
9c3bb91fde0cd5c32a62635603ca346cba30ceffc49240592fe57605265761ea
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a715c661f106fa77ad59146fa901c9a52bbc515e64f8ca8ca6ec7b26078f75d4
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaf281258b11fbcba38683ad511932193446a0149ec880b839da99acf2779293
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
ad190ffe64bb35418cd33fb3b31149729dbf6c0f04b133ab9cde5a1721d506d5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b54c606593230660358db37e22ffba85f6a17b9c8619677ecaa6e1e12702f21f
ba6c8cac4d8d7e28dcb24eb09c61a0c06d7908198cf17f62de01720e3de5d6c9
bca826252312359148693e34c05c70ddf31206db2914a2afb6a563e7881e388c
bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00
bee21190895d4bc1b457c1687bd56d603c1b2377651cc18afe2e48631aaf7b68
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b7b4e33c4090238d2a09daf42da5ee45e8be0dd819247bb789fb78465a167a
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c75d26a1c0116bc0920341dfe9141a8d38cc6b0ac81b47226f7d6ed119c9b30a
c7a93a457edeb2b9816f8a68178543556ba8963578ec24a43ff6bf1120ab58c6
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce495a8f293847c13994464a06e108063fe31445991d0366d9c2cbf977b7e0a3
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35
d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a
deaf971a839013e15b3917c3256b6e19f036bc569b72312da9526adcecf5d5e0
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c
dfc3699dd839ca3a7dc1e8aa7e774359fdc311bda16f675d3ea57aba4383b037
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1ffc5a06c68c21ff0ca0fe22099d11c2327a4e707baec6a1e98c7aba21252f6
e2663ee0ff57a9cf12427b6b51b3dc5f5695d29e51d0c77d49e6032ecda47093
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ea82683b29be80883e5bd1738156c1821bf09584a6e9caede419d448a805e
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d
f2f853a569440edd97d7101b365b7ba3d56618a1466530456dcda26c94f7e857
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9
f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186
ff26a1bec1aa9d02ceb20b26dcf0421d1a88f7e5c7a9456c1724d7d164f320c6