one.kversemm.xyz Open in urlscan Pro
2606:4700:3036::ac43:a308 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://one.kversemm.xyz/
Effective URL:
https://one.kversemm.xyz/
Submission Tags: @phish_report
Submission: On January 18 via api (January 18th 2024, 12:12:24 am UTC) from FI — Scanned from NZ

Summary HTTP 96 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 96 HTTP transactions. The main IP is 2606:4700:3036::ac43:a308, located in United States and belongs to CLOUDFLARENET, US. The main domain is one.kversemm.xyz.
TLS certificate: Issued by GTS CA 1P5 on January 7th 2024. Valid for: 3 months.

This is the only time one.kversemm.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:2a94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:303... 2606:4700:3036::ac43:a308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4006:812::200a	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4006:813::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:208... 2600:9000:2083:2600:0:4402:e8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4006:809::2003	15169 (GOOGLE) (GOOGLE)
1 2	3.90.206.144 3.90.206.144	14618 (AMAZON-AES) (AMAZON-AES)
3	2404:6800:400... 2404:6800:4006:814::2001	15169 (GOOGLE) (GOOGLE)
2	2406:2600:7:1... 2406:2600:7:100::15	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
6	2404:6800:400... 2404:6800:4006:809::2001	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4006:811::2002	15169 (GOOGLE) (GOOGLE)
21	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	182.161.73.132 182.161.73.132	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2406:2600:7:1... 2406:2600:7:100::e	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
17	2406:2600:7:1... 2406:2600:7:100::1f	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2406:2600:7:1... 2406:2600:7:100::f	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2404:6800:400... 2404:6800:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
96	18

1 2606:4700:3031::6815:2a94 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

one.kversemm.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3036::ac43:a308 (United States)

ASN13335 (CLOUDFLARENET, US)

one.kversemm.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:812::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4006:813::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2083:2600:0:4402:e8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.worldglobalssp.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:809::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.90.206.144 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-206-144.compute-1.amazonaws.com

reporting.agencyorquidea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
reporting.orquidea.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4006:814::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::15 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4006:809::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:811::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::e (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

rtb.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2406:2600:7:100::1f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

imageproxy.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:80a::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 imageproxy.as.criteo.net — Cisco Umbrella Rank: 16878 csm.as.criteo.net — Cisco Umbrella Rank: 16135	412 KB
11	googlesyndication.com 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	41 KB
10	kversemm.xyz 1 redirects one.kversemm.xyz	150 KB
5	criteo.com ads.as.criteo.com — Cisco Umbrella Rank: 15845 cat.sg1.as.criteo.com — Cisco Umbrella Rank: 15697 rtb.sg1.as.criteo.com — Cisco Umbrella Rank: 29660 rtb.jp2.as.criteo.com Failed	107 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209	188 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	10 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	131 KB
1	orquidea.ai reporting.orquidea.ai	18 KB
1	agencyorquidea.com 1 redirects reporting.agencyorquidea.com	174 B
1	gstatic.com fonts.gstatic.com	39 KB
1	worldglobalssp.xyz tags.worldglobalssp.xyz	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	889 B
96	12

	Domain	Requested by
21	static.criteo.net	ads.as.criteo.com cdnjs.cloudflare.com static.criteo.net
17	imageproxy.as.criteo.net	ads.as.criteo.com
10	one.kversemm.xyz	1 redirects one.kversemm.xyz
6	tpc.googlesyndication.com	69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
5	securepubads.g.doubleclick.net	one.kversemm.xyz securepubads.g.doubleclick.net 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
3	69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	pagead2.googlesyndication.com	www.googletagservices.com
2	csm.as.criteo.net	ads.as.criteo.com
2	cdnjs.cloudflare.com	ads.as.criteo.com
2	cat.sg1.as.criteo.com	ads.as.criteo.com
2	www.googletagservices.com	69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
2	ads.as.criteo.com	69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
1	rtb.sg1.as.criteo.com	69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
1	reporting.orquidea.ai	one.kversemm.xyz
1	reporting.agencyorquidea.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	tags.worldglobalssp.xyz	one.kversemm.xyz
1	fonts.googleapis.com	one.kversemm.xyz
0	rtb.jp2.as.criteo.com Failed	69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
96	19

This site contains links to these domains. Also see Links.

Domain
wordpress.org
ggadx.icu

Subject Issuer	Validity	Valid
kversemm.xyz GTS CA 1P5	`2024-01-07` - `2024-04-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tags.worldglobalssp.xyz Amazon RSA 2048 M01	`2023-02-23` - `2024-03-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-22` - `2024-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.sg1.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-02-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.as.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-31` - `2024-03-29`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://one.kversemm.xyz/
Frame ID: 50D122FCBC2051DD1A736B8C079B30D6
Requests: 18 HTTP requests in this frame

Frame: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2219CFF399944581108D097628005A3
Requests: 1 HTTP requests in this frame

Frame: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 794E150007125167F216DC7F9BEF84C1
Requests: 9 HTTP requests in this frame

Frame: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 03CCDF4968E5AC634206D442BD3E2C8E
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Zahs5AACrcoCrJLTAAl4K-IlE-UDd1plcHtd1w&u=%7COV3wiOsGB%2BlB8DEWC5s%2FZ3tdWSod3QCxHD%2FIklYbCQk%3D%7C&c1=s9Ouqadr9PM0NLbQX4cZx_DpvuZ9VdI-LbrO-VDb_8pRGfq_13G6WB1oTlEF-NFUsewjWRWr8P32MNELQtpJnTUslf1YQ3dXWDHBZ7i7DymfHl_sgxb71Y4QsqywIGOHCF89Vi9LOICbM0s0Tg5kGBcqiOph8DjztZsnWL3aJVCwojbkP1gHj4tygfLqWnalHSETM4XGA-JfQj91PibpVe-JqJBpTCKg4xiMMlsldhsHxk-8ZPPJtF3HMX2_Bjf5r9KKoYzj4pjtwN0jZMK9R6afOMdh6EQvHZbJKRYYSs-RhREYJUZxX_iLQXQOT5lVCj4fzKDbQEzXOgVWCTBJlsymVpPndZqfb4jkdr3M56xsyuouuu7KRx6aByKPTWz6tw2dk5oGH8Gc5SKR9wc2jolQlKeRvr9y_VUw61RL-de6zBVoYpvcOdGe7fgKbB5L_jckGqhRsPDlJKynxp0lOLCvl0_fKdlWVOjGnlghc4BsyA413Ur7-j6UJH4JQtTYomPyuwdGb503rqzj-0DjLcU68V1fAD2gAOc003htyf5EspzEBFPcoamh2B6d176-G43MuMY6eFZVdcMY802rvbGcjadkWSJlL6wyldDbepXdkpHYWSbJYUhKMQEkcQmcHUriR4_Z-8LcgTIfF4cS0InBylc-kBCfTLbQw7-wG77LydARCqpDgXpZaFIaqNBG3prd21RLv9s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNIP5GyoZcrbCtOlssUPq_ClgASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04MzYzNjUyMzI4MTI0MTIzyAEJqQJI4swVFf-lPuACAKgDAcgDAqoEmwJP0A8rDXOBlOcLSnXfNmTF9EL8orUSXXRzuq0v6YQjfvFd7kixcApjrg-gVNd2x3yIUIvIuOEBbmth6LwhsMHKPJVZTdmn6i4QM91RQLr0iy4msd5XrPoaWpi0jZ2BEQRruZJqt0I6yNz6oxN_YhDg19-aN3I8KA6_Evin3V_Y9zrUc1hl9HVr6ixu5ioGdFrTwfmXUAIJjkHSP2vBDvaTaGb1jZGap4rtW0W7Ht6oLyTbn0OfzJ8AGfLb3cly9GB1T9GjSXrtUNMLj2cSWvYw0RCQptweqv2t2ao3GcdvF53CzdCJQSupYPOJA0fjbOw7fAehHIZHhIbUi_Dm2CXZAeDDjPVvViVr8Pc2doitF4VspbwUP31hWEKh4AQBgAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYnvmwvNPlgwP6CwIIAYAMAeINEwjvwrG80-WDAxXTkqwCHSt4CUDQFQGAFwE%26num%3D1%26sig%3DAOD64_1wV1nXnQCzytgDEOJHEZBJ6rYv4A%26client%3Dca-pub-8363652328124123%26adurl%3D
Frame ID: BC9C37A637820F6A530C91C7BC95F53C
Requests: 20 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Zahs5AACrcsCrJLTAAl4K5zWdoSP5Dd2EPXCYw&u=%7COV3wiOsGB%2BlUlivjR0D0qHcN%2F%2BUOkhOpwjtIi5ZQxuU%3D%7C&c1=s9Ouqadr9PM0NLbQX4cZx_DpvuZ9VdI-LbrO-VDb_8pRGfq_13G6WB1oTlEF-NFUsewjWRWr8P32MNELQtpJnTUslf1YQ3dXWDHBZ7i7Dyl0AjM1HoOl75haxbCCwESSDZcT21685k0PwNPH_4m_YJFwK3u4mJMMH9sRptqTs8Hvr2KWDOo5JTtg0eF57rvsYuBQ5Ke1vwhjGi_VwZvX6nUolmXI54npYU9mcTyN8zeA1Ed7WWJjfm3o6FKhDMPSQ6MZYjqNs-4_ubr9RdxjZe4yxjgwwDPAUJCsEUjXEU32TXUs6jY6HendiLx2REhb8nqEtTy5JKoOo6iUPpP2JgeNgvEcSYbSd0A__bFJquQFEMZ4cHFT5z5RxRN-9hHcw7hetWKpm8CSL4FxBu56NtHkUiyigKqO0CORJHqVJEW_lvR8jcmL8JapCgLyYkBhQTUsbO02dLd78UaGiXT10d-d3WFqU5kM9sZ5MouQErDifbwA31eGuyjaJqalcaY46OoAjSO6-sOmmf0GtzCXmve1j0NJFrldgzo5TRzr5fbIdLu5h4Cui5KcSaZrzswOFcIRHWcH5L3ENFyOx6uc2D6kQ5iO3t0jW4LO4iZN17-lS0rnWSOk550mApL3MuvvK_5x8gVT7t2QaOor6vT6F8q-p-4b1v7XqzCvB-20t4P-ndcXBrjpsLqieAQun_o_cJGxTBhsIHM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuRFu5GyoZcvbCtOlssUPq_ClgASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04MzYzNjUyMzI4MTI0MTIzyAEJqQJI4swVFf-lPuACAKgDAcgDAqoEmQJP0CM8SLATyjNGo10YWDBuh-6V9WyMIlVhgzTvbfm_s9e-JoyflCqyYJzXIghG8ONV4xwBJnkWCR9Sq0-P_dfvLcKK9dMiF6oh8Jtnehhq8I6vhFMYciU9DpNNqN8Hi1_fGhbMcoGx7OHH8toN7YtTVG32Ioj_9DCnmdsfO67VHMjpvXZYK_3z63Qt8EoM1Zg_-i0BmcplRXb0ezRfuRwa57X7ehBbj9HbtMUO7bzVK5AZ6zZKnMaYbijfSR2fbNQl-sTlN_FwSVwDzswFQoQ4ilIxao8-nu6hpXSYhtDCEx-Rk_5OMJYAJa1FWcxzc7LPAipo-cMetiioDonkKkxbpud6NqV_jWED98lVCZk0VcP8933GVRIfX-AEAYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJ75sLzT5YMD-gsCCAGADAHiDRMI8MKxvNPlgwMV05KsAh0reAlA0BUBgBcB%26num%3D1%26sig%3DAOD64_0RtzJ0pLKX4SWRjdoSebPPzmN_ng%26client%3Dca-pub-8363652328124123%26adurl%3D
Frame ID: 120666B27F44432B7E09A9747B2803CC
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kverse One - LifeStyle & Tips

Page URL History Show full URLs

http://one.kversemm.xyz/ HTTP 301
https://one.kversemm.xyz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

96
Requests

80 %
HTTPS

89 %
IPv6

12
Domains

19
Subdomains

18
IPs

4
Countries

1098 kB
Transfer

2522 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: A WordPress Commenter

Search URL Search Domain Scan URL

URL: https://ggadx.icu/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://one.kversemm.xyz/ HTTP 301
https://one.kversemm.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://reporting.agencyorquidea.com/images/logos/ggadx_icon.jpg HTTP 301
https://reporting.orquidea.ai/images/logos/ggadx_icon.jpg

96 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
one.kversemm.xyz/
Redirect Chain

http://one.kversemm.xyz/
https://one.kversemm.xyz/

54 KB
12 KB

410ms
329ms

Document
text/html

2606:4700:3036::ac43:a308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://one.kversemm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9720ac3f5384d0f30d83ff1a858887091a4c3d0d9f88c5d5433a98e9d242dc29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8472a022bd6e1c5d-AKL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 00:12:18 GMT
link: <https://one.kversemm.xyz/index.php?rest_route=/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHm7oj8K1n36Jm0WXD0oRQtLAA7ctHZ%2FtdlFoE4j5Zv0Zc4fFbE6r9YheeZ8MFyy0ATovaEkJRsO96J0wPigSR98dUb1M6nLDz63gZHi2nGFG4bfBPc6qXt9PEmCTN83NvxVxK0D8IMscUeH3NKA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

CF-RAY: 8472a021d87e5521-SYD
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 18 Jan 2024 00:12:17 GMT
Expires: Thu, 18 Jan 2024 01:12:17 GMT
Location: https://one.kversemm.xyz/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7TKMs82yDv2i5%2FXk24NEMgzQdFFB2iDbg6mkDHtCy9FrAIFxjZRQy8tM3RqYBX%2B%2B6mDR8%2BdbCAc820BgyjC7RrZnrqMSaX7fdIPOTwx2gpr3OSvIni%2Fi1%2BdcizIetjROyJ%2BvJU5%2FHUYmzoPIFwe"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
one.kversemm.xyz/wp-includes/css/dist/block-library/ 107 KB
15 KB 340ms
336ms Stylesheet
text/css 2606:4700:3036::ac43:a308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://one.kversemm.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: one.kversemm.xyz
URL: https://one.kversemm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 22:40:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1add3-654abcd6-3caf6f;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqLIp%2FWCBuoGc9f%2FTFjJhWKB0htV%2BGeY1WOWKTTv4U8FAzOxf992u0DZUVbzr6yE7BryyVfCSKkw0O4HhMFfVq0pV0FTrLfz0KAnP1mHZbSc8uhqvpKQK8iJV1v2STsux0SGq6X76rRG13GSlVTt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8472a024da121c5d-AKL
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 00:12:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
889 B 648ms
247ms Stylesheet
text/css 2404:6800:4006:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C

Requested by

Host: one.kversemm.xyz
URL: https://one.kversemm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:812::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ffd688d0d932ddaa11047bac3784c8fcf32a2c51a4003f4a856ece7d027c0761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 00:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Thu, 18 Jan 2024 00:12:18 GMT

GET
H2 200 style.css
one.kversemm.xyz/wp-content/themes/superfast/ 67 KB
15 KB 340ms
338ms Stylesheet
text/css 2606:4700:3036::ac43:a308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://one.kversemm.xyz/wp-content/themes/superfast/style.css?ver=6.4.2
Requested by: Host: one.kversemm.xyz
URL: https://one.kversemm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bdf97b0b9f407b3db28d1e7540070425a68d18e65c6a480abaf7665cc03849e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 30 Sep 2022 16:19:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"10ad8-633716fe-823308;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smRwrhfp1e6RA1WtLr%2F9oi7YmoNW3BwiDD0F6vICefF4Gjb622eOKMtuaRBkmg1gkQmrISmb1V9qMDJKoyIrE1sRpB%2BPLt3nzkRcaE78Eax44rUNlh9n%2FGsjUfEZ%2FcCqWZLTFmpHUBE3mBSg0R15"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 8472a024da161c5d-AKL
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 00:12:18 GMT

GET
H2 200 jquery.min.js Show response
one.kversemm.xyz/wp-includes/js/jquery/ 86 KB
31 KB 326ms
325ms Script
application/x-javascript 2606:4700:3036::ac43:a308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://one.kversemm.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: one.kversemm.xyz
URL: https://one.kversemm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 22:40:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-654abcd6-820d2f;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FAanf78gea7F520tG33TaYZevvnhEFnCn00iYRZFQjz17%2BO3vRN125dLTOmSQ2fi4wLC%2FZqawoWgR3WMEegBr6ztDgGWcIxMBSQVPc4dXR1PLuPHD6LOy55KGStnc4YeuGwdAJzbNilSpFiRUF8"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 8472a024da1a1c5d-AKL
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 00:12:09 GMT

GET
H2 200 jquery-migrate.min.js Show response
one.kversemm.xyz/wp-includes/js/jquery/ 13 KB
5 KB 328ms
326ms Script
application/x-javascript 2606:4700:3036::ac43:a308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://one.kversemm.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: one.kversemm.xyz
URL: https://one.kversemm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Aug 2023 05:44:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-64d327c8-820d86;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMCud%2BNEG2MQI6o8FYLGwg4dcuQOFdhKpy5RcfiAR7FYEVlKFxJoYIt31klVh81YIYIotF%2FYr9HKcqD%2FU8Xs9tFKnPF0fyarqBZtg2gmEzK2pC1hRoy%2BgXfQbXvfeOp34myI%2B4nwewojIJ9mWpou"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 8472a024da1b1c5d-AKL
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 00:12:09 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 697ms
291ms Script
text/javascript 2404:6800:4006:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: one.kversemm.xyz
URL: https://one.kversemm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:813::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f45247f8b503043294a9fdb9465f237caeb703a5b2aa58bf693c588744a8f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29430
x-xss-protection: 0
server: cafe
etag: 200 / 19740 / 31080487 / config-hash: 3231436403185047581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 00:12:19 GMT

GET
H2 200 25387 Show response
tags.worldglobalssp.xyz/tag/ 2 KB
1 KB 976ms
621ms Script
text/javascript 2600:9000:2083:2600:0:4402:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.worldglobalssp.xyz/tag/25387

Requested by

Host: one.kversemm.xyz
URL: https://one.kversemm.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2083:2600:0:4402:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

df35905656196b606538f4c351b6ab522caa2b6c05b34e50e45aec2e90954028

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 f59bca6f088aed7c4e862f051be29532.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"8b1-dnk0OSyu7jxIfPd1K8R5iW8qb/w"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: E56UA8h-qcUQ4weOs1_fivLIdI396Xr5MhuZLC6U6OQrTM0YU5G5PQ==

GET
H2 200 jquery.sidr.min.js Show response
one.kversemm.xyz/wp-content/themes/superfast/js/ 7 KB
3 KB 325ms
324ms Script
application/x-javascript 2606:4700:3036::ac43:a308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://one.kversemm.xyz/wp-content/themes/superfast/js/jquery.sidr.min.js?ver=6.4.2
Requested by: Host: one.kversemm.xyz
URL: https://one.kversemm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Sep 2022 16:19:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1b36-633716fe-8232f6;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KlByCe9GXUqPM8POWq6rC1je1rMsURj98RMbm8WDNp0lM%2B0lseZ36c6whoNrHrHUtx9nUFiNMowMbkjiefTY%2BY4kNzO6M%2BQnSvcR1AalINoedjxQE1zFZsUi5ZKpgOs0sbd3Q3L%2FeO%2FcdzeKFZp"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 8472a024da1c1c5d-AKL
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 00:12:09 GMT

GET
H2 200 customscript.js Show response
one.kversemm.xyz/wp-content/themes/superfast/js/ 2 KB
1 KB 321ms
321ms Script
application/x-javascript 2606:4700:3036::ac43:a308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://one.kversemm.xyz/wp-content/themes/superfast/js/customscript.js?ver=6.4.2
Requested by: Host: one.kversemm.xyz
URL: https://one.kversemm.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 012d32fb12b5fcf890772ba8d8d5d1503a33076b94b99dbefb505f3c77740e80

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2594
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 30 Sep 2022 16:19:10 GMT
server: cloudflare
etag: W/"a22-633716fe-8232fc;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WP9ApMlyxo5aRT%2Bl8tBVxxJXAzwS%2Fhsd4yiWeV9rgS3xkW5efT1K2JcCEfSRiOUwN%2B7vCOaezNX7UP2F%2FsAMAk1W%2BP3IwkQyyYm9qz61klTMzhIHBH3h6FAkoMftorSXcYdqoPN8W%2FQ1EUm2kioG"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 8472a024da1e1c5d-AKL
expires: Thu, 25 Jan 2024 00:12:09 GMT

GET
BLOB 200
OK e86f0954-fec3-4149-a012-bb63d48782a9
https://one.kversemm.xyz/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://one.kversemm.xyz/e86f0954-fec3-4149-a012-bb63d48782a9
Requested by: Host: one.kversemm.xyz
URL: https://one.kversemm.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 ElegantIcons.woff
one.kversemm.xyz/wp-content/themes/superfast/fonts/ 62 KB
63 KB 362ms
361ms Font
application/font-woff 2606:4700:3036::ac43:a308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://one.kversemm.xyz/wp-content/themes/superfast/fonts/ElegantIcons.woff
Requested by: Host: one.kversemm.xyz
URL: https://one.kversemm.xyz/wp-content/themes/superfast/style.css?ver=6.4.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

Referer: https://one.kversemm.xyz/wp-content/themes/superfast/style.css?ver=6.4.2
Origin: https://one.kversemm.xyz
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 30 Sep 2022 16:19:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f8b0-633716fe-8232e7;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xnu19WLzknkymoh8tsD7%2FxyXjtnP0bzkvYSHTGYDDpasLlNy9sSkCjpo5QxDBPS%2FXD71JibLa1%2F92nKmdbNuEAeiEJQrLBVdybAY6g5yZEI8qni3E%2FRsInK046x3eiFEerN3Diu5trMBNjFdDoH1"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 8472a028fd7e725c-AKL
alt-svc: h3=":443"; ma=86400

GET
H2 200 XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 551ms
152ms Font
font/woff2 2404:6800:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaBTMnFcQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd1d87a3e43058c21090e00341b2ccce34653e9ca3e67c33e4ad7ac9ab6bc883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://one.kversemm.xyz
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 16 Jan 2024 02:31:08 GMT
x-content-type-options: nosniff
age: 164471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39188
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 02:31:08 GMT

GET
H2

200

ggadx_icon.jpg
reporting.orquidea.ai/images/logos/
Redirect Chain

https://reporting.agencyorquidea.com/images/logos/ggadx_icon.jpg
https://reporting.orquidea.ai/images/logos/ggadx_icon.jpg

18 KB
18 KB

464ms
455ms

Image
image/jpeg

3.90.206.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reporting.orquidea.ai/images/logos/ggadx_icon.jpg

Requested by

Host: one.kversemm.xyz
URL: https://one.kversemm.xyz/

Protocol

Server

3.90.206.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-90-206-144.compute-1.amazonaws.com

Software

nginx /

Resource Hash

aae9a83789c80d3818cdd5a93bd22811d35aa61603b5fb88b127dfb1517eb5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 Jul 2022 23:39:57 GMT
server: nginx
etag: "62d34c4d-48be"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
content-length: 18622
x-xss-protection: 1; mode=block

Redirect headers

date: Thu, 18 Jan 2024 00:12:19 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://reporting.orquidea.ai/images/logos/ggadx_icon.jpg
content-length: 162
x-xss-protection: 1; mode=block

GET
H3 200 wp-emoji-release.min.js Show response
one.kversemm.xyz/wp-includes/js/ 18 KB
5 KB 329ms
329ms Script
application/x-javascript 2606:4700:3036::ac43:a308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://one.kversemm.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: one.kversemm.xyz
URL: https://one.kversemm.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Mar 2023 03:28:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-642501e0-820da8;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGsnEyGQOQYw%2Fp2og8iO3jAb4qw%2BYLVqWGIquOrztcQoS%2F%2BaGARwJZPGbJaGWVLOgMvxMzZ5ITF7pwZ0gZ28iAdOSLLV30Bd89HWxbAGO84JiEgdM7XsvEGozZtnBZ3L8rzWSY%2BuyTN60XKupv26"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 8472a02baab8725c-AKL
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 00:12:19 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/ 430 KB
135 KB 153ms
152ms Script
text/javascript 2404:6800:4006:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:813::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8730aafbdb6d03c6d4a37f76ebf8d504d5706fbae56686399a4b198981a0b6be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Jan 2024 19:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16506
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138464
x-xss-protection: 0
server: cafe
etag: 13337571285874554267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 16 Jan 2025 19:37:13 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 200 KB
23 KB 624ms
624ms XHR
text/plain 2404:6800:4006:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1952695305384784&correlator=55863695581058&eid=31079956%2C31080156%2C31080258%2C31080487%2C95320512&output=ldjh&gdfp_req=1&vrg=202401110101&ptt=17&impl=fifs&iu_parts=22808884046%2Cone.kversemm.xyz_200x200%2Cone.kversemm.xyz_300x250%2Cone.kversemm.xyz_300x600%2Cone.kversemm.xyz_320x480%2Cone.kversemm.xyz_336x280%2Cone.kversemm.xyz_480x320%2Cone.kversemm.xyz_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=200x200%2C300x250%2C300x600%2C320x480%2C336x280%2C480x320%2C728x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705536740045&lmt=1705536740&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C320%2C0&adys=-9%2C-9%2C-9%2C-9%2C-9%2C312%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&tos=~~~~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=780&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fone.kversemm.xyz%2F&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C630x320%7C1600x1479&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C630x320%7C1600x90&fws=2%2C2%2C2%2C2%2C2%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=264073511.1705536740&ga_sid=1705536740&ga_hid=2144841206&ga_fc=false&dlt=1705536738027&idt=1982&adks=2035524545%2C1195869928%2C1538833482%2C2125204580%2C271381629%2C3258149678%2C263572579&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:813::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25a3141278c3e65cb7b2cc43fc423a166d26fdb82ca58783c51e1ebfcf6be5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23426
x-xss-protection: 0
google-lineitem-id: -1,-2,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://one.kversemm.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 567 B
309 B 276ms
275ms XHR
text/plain 2404:6800:4006:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4006:813::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

158f9690ca420511ebbe0b1f077ade1fd204d8a90930ce1af23f2dcec5fe8827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://one.kversemm.xyz/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://one.kversemm.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E221 6 KB
3 KB 657ms
250ms Document
text/html 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one.kversemm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 00:12:20 GMT
expires: Fri, 17 Jan 2025 00:12:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 794E 6 KB
3 KB 153ms
152ms Document
text/html 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one.kversemm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 00:12:20 GMT
expires: Fri, 17 Jan 2025 00:12:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 03CC 6 KB
3 KB 152ms
152ms Document
text/html 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://one.kversemm.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 00:12:20 GMT
expires: Fri, 17 Jan 2025 00:12:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame BC9C 128 KB
46 KB 902ms
319ms Document
text/html 2406:2600:7:100::15
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=Zahs5AACrcoCrJLTAAl4K-IlE-UDd1plcHtd1w&u=%7COV3wiOsGB%2BlB8DEWC5s%2FZ3tdWSod3QCxHD%2FIklYbCQk%3D%7C&c1=s9Ouqadr9PM0NLbQX4cZx_DpvuZ9VdI-LbrO-VDb_8pRGfq_13G6WB1oTlEF-NFUsewjWRWr8P32MNELQtpJnTUslf1YQ3dXWDHBZ7i7DymfHl_sgxb71Y4QsqywIGOHCF89Vi9LOICbM0s0Tg5kGBcqiOph8DjztZsnWL3aJVCwojbkP1gHj4tygfLqWnalHSETM4XGA-JfQj91PibpVe-JqJBpTCKg4xiMMlsldhsHxk-8ZPPJtF3HMX2_Bjf5r9KKoYzj4pjtwN0jZMK9R6afOMdh6EQvHZbJKRYYSs-RhREYJUZxX_iLQXQOT5lVCj4fzKDbQEzXOgVWCTBJlsymVpPndZqfb4jkdr3M56xsyuouuu7KRx6aByKPTWz6tw2dk5oGH8Gc5SKR9wc2jolQlKeRvr9y_VUw61RL-de6zBVoYpvcOdGe7fgKbB5L_jckGqhRsPDlJKynxp0lOLCvl0_fKdlWVOjGnlghc4BsyA413Ur7-j6UJH4JQtTYomPyuwdGb503rqzj-0DjLcU68V1fAD2gAOc003htyf5EspzEBFPcoamh2B6d176-G43MuMY6eFZVdcMY802rvbGcjadkWSJlL6wyldDbepXdkpHYWSbJYUhKMQEkcQmcHUriR4_Z-8LcgTIfF4cS0InBylc-kBCfTLbQw7-wG77LydARCqpDgXpZaFIaqNBG3prd21RLv9s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNIP5GyoZcrbCtOlssUPq_ClgASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04MzYzNjUyMzI4MTI0MTIzyAEJqQJI4swVFf-lPuACAKgDAcgDAqoEmwJP0A8rDXOBlOcLSnXfNmTF9EL8orUSXXRzuq0v6YQjfvFd7kixcApjrg-gVNd2x3yIUIvIuOEBbmth6LwhsMHKPJVZTdmn6i4QM91RQLr0iy4msd5XrPoaWpi0jZ2BEQRruZJqt0I6yNz6oxN_YhDg19-aN3I8KA6_Evin3V_Y9zrUc1hl9HVr6ixu5ioGdFrTwfmXUAIJjkHSP2vBDvaTaGb1jZGap4rtW0W7Ht6oLyTbn0OfzJ8AGfLb3cly9GB1T9GjSXrtUNMLj2cSWvYw0RCQptweqv2t2ao3GcdvF53CzdCJQSupYPOJA0fjbOw7fAehHIZHhIbUi_Dm2CXZAeDDjPVvViVr8Pc2doitF4VspbwUP31hWEKh4AQBgAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYnvmwvNPlgwP6CwIIAYAMAeINEwjvwrG80-WDAxXTkqwCHSt4CUDQFQGAFwE%26num%3D1%26sig%3DAOD64_1wV1nXnQCzytgDEOJHEZBJ6rYv4A%26client%3Dca-pub-8363652328124123%26adurl%3D

Requested by

Host: 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
URL: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

3c6db1d0de8dec1c55f480d5f5a0891f118795de337aca6cf4eba5649fc8e25e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 00:12:21 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=D_w4eas_HZuO6lAgnaU7AZ0ZwwY-a2b46G7TFTH5yUWMQ6sEY1FldNrBi3-7S9XifItzNZhpVbVj-0xFHIni-lXN42-hb09TQ8lz_iUcpY3JUXsM1JnIR6Lye82k6zcJjnqjo9sI_73avcj4kPRMcApnWI8izDqM5Nwa2es29UJCNklDcdcsVIRcSggQj2yzat1a7ID8XTqpPT00bdXf-DuCy7L_CnJpDkpOjM81-MCEM7OGQ8jUsHfsFCsXjitJTtl5xQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 60607651
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 794E 3 KB
1 KB 597ms
194ms Script
text/javascript 2404:6800:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/window_focus_fy2021.js

Requested by

Host: 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
URL: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Jan 2024 07:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 07:33:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 794E 20 KB
9 KB 555ms
152ms Script
text/javascript 2404:6800:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
URL: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Jan 2024 07:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 07:33:23 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 794E 24 KB
7 KB 705ms
303ms Script
text/javascript 2404:6800:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
URL: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Jan 2024 07:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 07:33:23 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 794E 206 KB
66 KB 734ms
331ms Script
text/javascript 2404:6800:4006:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
URL: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 00:12:21 GMT

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 1206 213 KB
60 KB 1316ms
746ms Document
text/html 2406:2600:7:100::15
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=Zahs5AACrcsCrJLTAAl4K5zWdoSP5Dd2EPXCYw&u=%7COV3wiOsGB%2BlUlivjR0D0qHcN%2F%2BUOkhOpwjtIi5ZQxuU%3D%7C&c1=s9Ouqadr9PM0NLbQX4cZx_DpvuZ9VdI-LbrO-VDb_8pRGfq_13G6WB1oTlEF-NFUsewjWRWr8P32MNELQtpJnTUslf1YQ3dXWDHBZ7i7Dyl0AjM1HoOl75haxbCCwESSDZcT21685k0PwNPH_4m_YJFwK3u4mJMMH9sRptqTs8Hvr2KWDOo5JTtg0eF57rvsYuBQ5Ke1vwhjGi_VwZvX6nUolmXI54npYU9mcTyN8zeA1Ed7WWJjfm3o6FKhDMPSQ6MZYjqNs-4_ubr9RdxjZe4yxjgwwDPAUJCsEUjXEU32TXUs6jY6HendiLx2REhb8nqEtTy5JKoOo6iUPpP2JgeNgvEcSYbSd0A__bFJquQFEMZ4cHFT5z5RxRN-9hHcw7hetWKpm8CSL4FxBu56NtHkUiyigKqO0CORJHqVJEW_lvR8jcmL8JapCgLyYkBhQTUsbO02dLd78UaGiXT10d-d3WFqU5kM9sZ5MouQErDifbwA31eGuyjaJqalcaY46OoAjSO6-sOmmf0GtzCXmve1j0NJFrldgzo5TRzr5fbIdLu5h4Cui5KcSaZrzswOFcIRHWcH5L3ENFyOx6uc2D6kQ5iO3t0jW4LO4iZN17-lS0rnWSOk550mApL3MuvvK_5x8gVT7t2QaOor6vT6F8q-p-4b1v7XqzCvB-20t4P-ndcXBrjpsLqieAQun_o_cJGxTBhsIHM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuRFu5GyoZcvbCtOlssUPq_ClgASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04MzYzNjUyMzI4MTI0MTIzyAEJqQJI4swVFf-lPuACAKgDAcgDAqoEmQJP0CM8SLATyjNGo10YWDBuh-6V9WyMIlVhgzTvbfm_s9e-JoyflCqyYJzXIghG8ONV4xwBJnkWCR9Sq0-P_dfvLcKK9dMiF6oh8Jtnehhq8I6vhFMYciU9DpNNqN8Hi1_fGhbMcoGx7OHH8toN7YtTVG32Ioj_9DCnmdsfO67VHMjpvXZYK_3z63Qt8EoM1Zg_-i0BmcplRXb0ezRfuRwa57X7ehBbj9HbtMUO7bzVK5AZ6zZKnMaYbijfSR2fbNQl-sTlN_FwSVwDzswFQoQ4ilIxao8-nu6hpXSYhtDCEx-Rk_5OMJYAJa1FWcxzc7LPAipo-cMetiioDonkKkxbpud6NqV_jWED98lVCZk0VcP8933GVRIfX-AEAYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJ75sLzT5YMD-gsCCAGADAHiDRMI8MKxvNPlgwMV05KsAh0reAlA0BUBgBcB%26num%3D1%26sig%3DAOD64_0RtzJ0pLKX4SWRjdoSebPPzmN_ng%26client%3Dca-pub-8363652328124123%26adurl%3D

Requested by

Host: 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
URL: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e7c0131935f621627614e48ff6021e0d916ab2e9430870de3756f0c8c436a549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 00:12:21 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=9vkww6s_HZuO6lAgChcV2x37w-rLacUHPtJQO7X3ibUP2tVdvW3eWtMzI_hZHUE8SkwqTfw2BhVSsvydGl-75CONCJTJs_pHBF3Jr5xo7Mfp315SEtuJa6KFNXGZTdBkcq5fVNr3o0syW1KPEqrU07m2JFm2GF2Qh_6oiGf7qf6kWeV7jmBDu7uRuYkdHa8ZNC7S1mijCneo3AINPqyqlPXKw5nVebgaSq62SjKkC28mA6thbHTGuJkYChEFfqSjjjr3hw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 69922827
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 03CC 3 KB
1 KB 593ms
202ms Script
text/javascript 2404:6800:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/window_focus_fy2021.js

Requested by

Host: 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
URL: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Jan 2024 07:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 07:33:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 03CC 20 KB
8 KB 562ms
171ms Script
text/javascript 2404:6800:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
URL: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Jan 2024 07:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 Jan 2024 07:33:23 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 03CC 24 KB
6 KB 711ms
321ms Script
text/javascript 2404:6800:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
URL: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Jan 2024 07:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 07:33:23 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 03CC 206 KB
65 KB 998ms
608ms Script
text/javascript 2404:6800:4006:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
URL: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 00:12:21 GMT

GET
DATA 200
OK truncated
/ Frame 794E 550 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a564c76e03e63c7d27ef06b34e62f219634c28c579efa79a360e9bd7f557e1e

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 03CC 438 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f65c1c59ee82c9f291a724e2cc76c75114576e670a3889e07eb4ab4183f6a234

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BC9C 2 KB
1 KB 727ms
241ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Zahs5AACrcoCrJLTAAl4K-IlE-UDd1plcHtd1w&u=%7COV3wiOsGB%2BlB8DEWC5s%2FZ3tdWSod3QCxHD%2FIklYbCQk%3D%7C&c1=s9Ouqadr9PM0NLbQX4cZx_DpvuZ9VdI-LbrO-VDb_8pRGfq_13G6WB1oTlEF-NFUsewjWRWr8P32MNELQtpJnTUslf1YQ3dXWDHBZ7i7DymfHl_sgxb71Y4QsqywIGOHCF89Vi9LOICbM0s0Tg5kGBcqiOph8DjztZsnWL3aJVCwojbkP1gHj4tygfLqWnalHSETM4XGA-JfQj91PibpVe-JqJBpTCKg4xiMMlsldhsHxk-8ZPPJtF3HMX2_Bjf5r9KKoYzj4pjtwN0jZMK9R6afOMdh6EQvHZbJKRYYSs-RhREYJUZxX_iLQXQOT5lVCj4fzKDbQEzXOgVWCTBJlsymVpPndZqfb4jkdr3M56xsyuouuu7KRx6aByKPTWz6tw2dk5oGH8Gc5SKR9wc2jolQlKeRvr9y_VUw61RL-de6zBVoYpvcOdGe7fgKbB5L_jckGqhRsPDlJKynxp0lOLCvl0_fKdlWVOjGnlghc4BsyA413Ur7-j6UJH4JQtTYomPyuwdGb503rqzj-0DjLcU68V1fAD2gAOc003htyf5EspzEBFPcoamh2B6d176-G43MuMY6eFZVdcMY802rvbGcjadkWSJlL6wyldDbepXdkpHYWSbJYUhKMQEkcQmcHUriR4_Z-8LcgTIfF4cS0InBylc-kBCfTLbQw7-wG77LydARCqpDgXpZaFIaqNBG3prd21RLv9s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNIP5GyoZcrbCtOlssUPq_ClgASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04MzYzNjUyMzI4MTI0MTIzyAEJqQJI4swVFf-lPuACAKgDAcgDAqoEmwJP0A8rDXOBlOcLSnXfNmTF9EL8orUSXXRzuq0v6YQjfvFd7kixcApjrg-gVNd2x3yIUIvIuOEBbmth6LwhsMHKPJVZTdmn6i4QM91RQLr0iy4msd5XrPoaWpi0jZ2BEQRruZJqt0I6yNz6oxN_YhDg19-aN3I8KA6_Evin3V_Y9zrUc1hl9HVr6ixu5ioGdFrTwfmXUAIJjkHSP2vBDvaTaGb1jZGap4rtW0W7Ht6oLyTbn0OfzJ8AGfLb3cly9GB1T9GjSXrtUNMLj2cSWvYw0RCQptweqv2t2ao3GcdvF53CzdCJQSupYPOJA0fjbOw7fAehHIZHhIbUi_Dm2CXZAeDDjPVvViVr8Pc2doitF4VspbwUP31hWEKh4AQBgAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYnvmwvNPlgwP6CwIIAYAMAeINEwjvwrG80-WDAxXTkqwCHSt4CUDQFQGAFwE%26num%3D1%26sig%3DAOD64_1wV1nXnQCzytgDEOJHEZBJ6rYv4A%26client%3Dca-pub-8363652328124123%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame BC9C 2 KB
1 KB 746ms
260ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BC9C 308 B
636 B 748ms
264ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BC9C 293 B
621 B 727ms
243ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame BC9C 43 B
348 B 467ms
156ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=GRuIwXG7LcP8glm00SM33-uh3g0v-Zcc6Yf481c09MYfX_XktPHOVh9Te7SUube_12GbQUq5tnq1i58RxbmYDNWTxTLy73uH8shASBIVnvWY2uy7HZvJNqxXtR9teXonNqb_0B1cxll9snC5KT-yeh59-AylsMTb7wjNX-MbLHxbu9FhNOyOXPqFolbLtgJcDNkuQTkt6Y7QHnpBbfj3XwX_BvxSobsVOZz1Y4R9yfnuGwT20bMHmRRGBcw32tLGHSEIvpu16l_stNaUP-X4pYADuToFAHe1QxmED-FhmtRv4N0lHvEewjBPjQt6cNelKYv_10BhpkYQ269Iy_bhYuFhC_sJNZ1fZpmzMFLW8q7CiKquVeewQIr5938Vh26hpFwjnsUPn981Tz6EeBgJ4ZWkSpW6GLiQvssxvk5ZFKlWTIaKrOGNroWXgUrI77LyxfRV9w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 00:12:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1683692
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame BC9C 12 KB
5 KB 125ms
49ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1421386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=suzy0r1EIqctJYvLIs3V6kys6dC4E0jX6fpWJIU8Dcw5hRJ6Mo57mp7R5Tq4O8cSK%2BqM1uZu1eobuQEFyceh5CKGH%2F8lyH5cIHRoRCOjz1ObTfeGZJ7e31Y3Joc7OXNZ6JNGfIid26Yp7bviGkayMi8N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8472a0418e851c5e-AKL
expires: Tue, 07 Jan 2025 00:12:22 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 03CC 0
0 291ms
291ms Image
text/html 2404:6800:4006:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLjNb5GyoZcvbCtOlssUPq_ClgASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04MzYzNjUyMzI4MTI0MTIzyAEJqQJI4swVFf-lPuACAKgDAcgDAqoElgJP0CM8SLATyjNGo10YWDBuh-6V9WyMIlVhgzTvbfm_s9e-JoyflCqyYJzXIghG8ONV4xwBJnkWCR9Sq0-P_dfvLcKK9dMiF6oh8Jtnehhq8I6vhFMYciU9DpNNqN8Hi1_fGhbMcoGx7OHH8toN7YtTVG32Ioj_9DCnmdsfO67VHMjpvXZYK_3z63Qt8EoM1Zg_-i0BmcplRXb0ezRfuRwa57X7ehBbj9HbtMUO7bzVK5AZ6zZKnMaYbijfSR2fbNQl-sTlN_FwSVwDzswFQoQ4ilIxao8-nu6hpXSYhtDCEx-Rk_5OMJYAJa1FWcxzc7KNAAv6HA2XyNchfxcPfNaYj_Nwoa9RlYmLBJ_PwCcqedsbHOy4quAEAYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJ75sLzT5YMDgAoD-gsCCAGADAHiDRMI8MKxvNPlgwMV05KsAh0reAlA0BUBgBcBshcdChsSFHB1Yi04MzYzNjUyMzI4MTI0MTIzGOmdiwE&sigh=LRZDul0UlDg&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_9xset-RGEdtkmB6uZgIKMhMpkGkEs9gM-bUIWgqFcIQgnv6UsetyE6emLijSgfAXSbn0u-7xcb21raqVkew651tMB7XT-szpUB0YAQ&cbvp=2&vis=1
Requested by: Host: 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
URL: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4006:813::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

GET
H2 200 notify
rtb.sg1.as.criteo.com/google/auction/ Frame 03CC 0
126 B 738ms
245ms Image
text/plain 2406:2600:7:100::e
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.sg1.as.criteo.com/google/auction/notify?profile=14&payload=kOX5GP_1BtgFWmL4LRICAAAAKEJrsX5zoQ4Q42yoZcimuOJrw1T7OIUAABIAAAoKQVFVQkRnRUJEZw&wp=Zahs5AACrcsCrJLTAAl4K5zWdoSP5Dd2EPXCYw&cbvp=2

Requested by

Host: 69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
URL: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 175470
server: Kestrel
content-length: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame BC9C 12 KB
6 KB 310ms
309ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame BC9C 14 KB
15 KB 1143ms
657ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?h=116&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F107460%2F4956229%2F37f41b7470574b1eb1804a5ec1a936a8_99bd55bd-21d2-4073-b945-08ff2f7c76c7.png&v=3&w=956&rid=4&s=NXfk94p_105H_gaPPQXvJBOj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

0bb92622362f436a4368024e962a5727d99a8043c6604d65113ed65c5b6943aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 14822
expires: Sun, 08 Dec 2024 02:28:47 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame BC9C 13 KB
13 KB 1245ms
759ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F9%2F2%2F92ab013d-6028-463a-a293-49c4e16d37f3-c7eb41695c76c2b81a820aff078808ca.jpeg&v=3&w=400&rid=4&s=oZnUZ3YIVDIDd2jCEyH4U-0_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

cd5b6c8e37bbf3bb3587d729b3cb960cc9339512b96a29f32bb946fe80bdc63e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 13252
expires: Tue, 17 Dec 2024 07:18:46 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame BC9C 7 KB
7 KB 1468ms
998ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FQ%2FQ%2FQQ__SET7I06EP6CD-98283250ac723d0c91684b2a581b8959_1.jpg&v=3&w=400&rid=4&s=KntdvsaoAr6w2auv2B9-N_6h&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

8a116f70928188044f07342d98850494a67077fbef277b0cab793415bc30c783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6944
expires: Tue, 10 Dec 2024 02:09:11 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame BC9C 8 KB
8 KB 946ms
478ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FH%2FB%2FHB21-EcoFlowDelta1300_200WSolarPanelCombo-027f4bb3726f984be0bbb6208c6b8a8b.jpg&v=3&w=400&rid=4&s=z_RLzwqn8_7x-LHz36gke4yI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

65528d8fd3d4681d77479653eee504d73006c82486de96776832fac4db0e20cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7692
expires: Mon, 30 Dec 2024 18:48:31 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame BC9C 0
128 B 728ms
242ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=D_w4eas_HZuO6lAgnaU7AZ0ZwwY-a2b46G7TFTH5yUWMQ6sEY1FldNrBi3-7S9XifItzNZhpVbVj-0xFHIni-lXN42-hb09TQ8lz_iUcpY3JUXsM1JnIR6Lye82k6zcJjnqjo9sI_73avcj4kPRMcApnWI8izDqM5Nwa2es29UJCNklDcdcsVIRcSggQj2yzat1a7ID8XTqpPT00bdXf-DuCy7L_CnJpDkpOjM81-MCEM7OGQ8jUsHfsFCsXjitJTtl5xQ&sds=2&rev=90272&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 00:12:22 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BC9C 2 KB
1 KB 309ms
308ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BC9C 2 KB
1 KB 309ms
309ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1206 2 KB
1 KB 296ms
242ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Zahs5AACrcsCrJLTAAl4K5zWdoSP5Dd2EPXCYw&u=%7COV3wiOsGB%2BlUlivjR0D0qHcN%2F%2BUOkhOpwjtIi5ZQxuU%3D%7C&c1=s9Ouqadr9PM0NLbQX4cZx_DpvuZ9VdI-LbrO-VDb_8pRGfq_13G6WB1oTlEF-NFUsewjWRWr8P32MNELQtpJnTUslf1YQ3dXWDHBZ7i7Dyl0AjM1HoOl75haxbCCwESSDZcT21685k0PwNPH_4m_YJFwK3u4mJMMH9sRptqTs8Hvr2KWDOo5JTtg0eF57rvsYuBQ5Ke1vwhjGi_VwZvX6nUolmXI54npYU9mcTyN8zeA1Ed7WWJjfm3o6FKhDMPSQ6MZYjqNs-4_ubr9RdxjZe4yxjgwwDPAUJCsEUjXEU32TXUs6jY6HendiLx2REhb8nqEtTy5JKoOo6iUPpP2JgeNgvEcSYbSd0A__bFJquQFEMZ4cHFT5z5RxRN-9hHcw7hetWKpm8CSL4FxBu56NtHkUiyigKqO0CORJHqVJEW_lvR8jcmL8JapCgLyYkBhQTUsbO02dLd78UaGiXT10d-d3WFqU5kM9sZ5MouQErDifbwA31eGuyjaJqalcaY46OoAjSO6-sOmmf0GtzCXmve1j0NJFrldgzo5TRzr5fbIdLu5h4Cui5KcSaZrzswOFcIRHWcH5L3ENFyOx6uc2D6kQ5iO3t0jW4LO4iZN17-lS0rnWSOk550mApL3MuvvK_5x8gVT7t2QaOor6vT6F8q-p-4b1v7XqzCvB-20t4P-ndcXBrjpsLqieAQun_o_cJGxTBhsIHM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuRFu5GyoZcvbCtOlssUPq_ClgASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04MzYzNjUyMzI4MTI0MTIzyAEJqQJI4swVFf-lPuACAKgDAcgDAqoEmQJP0CM8SLATyjNGo10YWDBuh-6V9WyMIlVhgzTvbfm_s9e-JoyflCqyYJzXIghG8ONV4xwBJnkWCR9Sq0-P_dfvLcKK9dMiF6oh8Jtnehhq8I6vhFMYciU9DpNNqN8Hi1_fGhbMcoGx7OHH8toN7YtTVG32Ioj_9DCnmdsfO67VHMjpvXZYK_3z63Qt8EoM1Zg_-i0BmcplRXb0ezRfuRwa57X7ehBbj9HbtMUO7bzVK5AZ6zZKnMaYbijfSR2fbNQl-sTlN_FwSVwDzswFQoQ4ilIxao8-nu6hpXSYhtDCEx-Rk_5OMJYAJa1FWcxzc7LPAipo-cMetiioDonkKkxbpud6NqV_jWED98lVCZk0VcP8933GVRIfX-AEAYAGnI3UkdWUuKgpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJ75sLzT5YMD-gsCCAGADAHiDRMI8MKxvNPlgwMV05KsAh0reAlA0BUBgBcB%26num%3D1%26sig%3DAOD64_0RtzJ0pLKX4SWRjdoSebPPzmN_ng%26client%3Dca-pub-8363652328124123%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1206 2 KB
1 KB 313ms
259ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1206 308 B
636 B 309ms
259ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1206 293 B
621 B 294ms
244ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 1206 43 B
347 B 156ms
155ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=D9DAOHPpIWMKm6CFiDlMNjLMJQj5D1ac1wMxU_kFevjzffJxlDRp-eAbBi2EfoK19HHnBAjP4mjQBU152s1ecwjtl7i475pSJ6FGa-PF8UQCyD1eLCUFuq-8ETdCqQ6511Q80z7u1MXlsKiUY-ywns5bMwxdS-fhR1ESelSSf2RTosMSxztCMyaJIq6fxbqmWibD-Gcn1Fr7ARZ7gxzjqS2dTIn3YirRADpe_4GP6cLbUNdvXaLySO_ZRm-J05WdHHvqTSJ-WKxye22gSX7V1y6CRxWEt27u0tiriCPICr9hn9fHMyMUHziBEE1zlvSZV53CNH_bv5MfIbKPwJ6AhXSsyNnhBDUEn39GvJmjIUsGofAcHfg-L3m8VRZcb5Xir9lDt-AsnpNVAFmePcy4LKv7NNzN49olFRUM1VaxU2QKsYqKXnNeKfPNIRnV3jQfaVKvYQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 00:12:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1736979
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1206 12 KB
5 KB 121ms
48ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1421386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PErQxTvZ3U1Vahv3Ttz4xIGi9hEjBAs3SKNS2nDTZYaEnbC%2BhPBBJfaYsRbPrpOjjB0lh9CPQUowkHX0e9Bq%2B3jSTszO0vb6KVNSznHw6PeRgXepgih85ekvKo2ICkUEC7p%2Bpkc8x2GMpeFIvCeyREIz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8472a0418e811c5e-AKL
expires: Tue, 07 Jan 2025 00:12:22 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1206 12 KB
6 KB 276ms
275ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1206 7 KB
7 KB 726ms
240ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FQ%2FQ%2FQQ__SET7I06EP6CD-98283250ac723d0c91684b2a581b8959_1.jpg&v=3&w=400&rid=4&s=KntdvsaoAr6w2auv2B9-N_6h&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

8a116f70928188044f07342d98850494a67077fbef277b0cab793415bc30c783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6944
expires: Tue, 10 Dec 2024 02:09:11 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1206 13 KB
14 KB 1428ms
942ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?h=176&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F107460%2F4943274%2F38f747cb775a4a9ab19ba6c9a29f6dc5_buy_kiwi_logo_white_text.png&v=3&w=256&rid=4&s=TnQuwM5lbByAPscAAVdPQ4l6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

22afb5aa82d321246fec17b86e2285a562eb96df9ccf4a384fcb8f0998a9470c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 13618
expires: Fri, 06 Dec 2024 09:36:12 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1206 15 KB
16 KB 1290ms
818ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fc%2Fb%2Fcbe5357d-dca7-404c-aab1-67d034078e8d-c14b96be6b4b8c281a36d4d893b8b64f.jpeg&v=3&w=400&rid=4&s=nyLcjhlpglfCtwWBKmHkKq7E&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

9164de11bbaee22f585ba75fefdef18f51f36f38dcf79457d4ed116257bc17cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 15746
expires: Thu, 12 Dec 2024 01:33:09 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1206 11 KB
11 KB 1358ms
887ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6330d22c-ab69-4d47-829c-23b81bbbaef0-6d24706661248346ba763224a74f2da5.jpg&v=3&w=400&rid=4&s=m0KPSriKdvcD0e-1LsKapd4w&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

f6d8318d3a43dd713cbad948860dc2080ed27ba4e5fbd80b1970caeedef3e09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11076
expires: Sat, 11 Jan 2025 17:01:47 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1206 13 KB
13 KB 1231ms
760ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F7%2F4%2F74a78f89-3be6-4818-bbc2-21a01031e85c-f2008fa6b235da2341a64a6c7b17c473.jpeg&v=3&w=400&rid=4&s=ADcTITHFQ9yv8RMd1F4O-lJg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

a30b1ed0079fa08121f6f164bb6aa4e7596d9f46909f2a1ceddab8154612b9c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 12876
expires: Thu, 12 Dec 2024 17:54:01 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1206 16 KB
17 KB 1041ms
570ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FI%2FM%2FIMG_20200407_152949-scaled-1-c619e3acb9b999ca49ee1b1c8783989f.png&v=3&w=400&rid=4&s=34bM_fnDI-vawfd6heFMQS-O&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

ba25c2cda467e9c75685c7d484b3e1912c01f0168aae726d3e4d3cdc5e945df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 16718
expires: Mon, 09 Dec 2024 21:51:48 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1206 7 KB
7 KB 250ms
250ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FH%2FE%2FHEASGW0045__1-36b4d84d70151a3e4a283b34ed76fc62.jpg&v=3&w=400&rid=4&s=xH1mEWaYcD5R8xG0K2dgEOT-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

441ba0b1ce78cc2ff5fce1cdec2584df3e8258da4625211eda8783cfc3a65ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7360
expires: Sun, 15 Dec 2024 21:52:01 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1206 70 KB
70 KB 285ms
285ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FW%2Fe%2FWeChat-Image_20210804215026-4023becaaf650b96d7a8dc9a6a402199.png&v=3&w=400&rid=4&s=w34TIbcPRVLGM8NrcOxPtSuo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

2e10146b69aafaa7f9e212b2f2079ec85b22c01c15a9c68b93cb392abad0507d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 71794
expires: Thu, 12 Dec 2024 21:54:06 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1206 19 KB
19 KB 385ms
385ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F2%2Fb%2F2b4a0cbd-ee05-4a30-a262-7ea12700b4d9-f74f684c3084b7dbbc4b91c43167f338.jpeg&v=3&w=400&rid=4&s=GWOPeAPnA7ERGReD77P-o8TB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

703ce4bc9178e224dc34533ff7bdbd70e1c82bc4802145f591564466426af88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 19172
expires: Mon, 30 Dec 2024 03:05:01 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1206 12 KB
12 KB 353ms
353ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fv%2F3%2Fv3newwithout-7fa717b85a42044e319efbbd88c0ca9d.jpg&v=3&w=400&rid=4&s=qGi5dhpGVGqGoudnmZUPDV6W&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

9151ca3018d23b8e4d4ffe61d4268fbc16c7db1730beccdc505ef92ffe59d401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11848
expires: Sun, 15 Dec 2024 21:51:18 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1206 62 KB
62 KB 320ms
319ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F7%2F5%2F75363-2-b2838b666044c4c3712de733476c4a33.png&v=3&w=400&rid=4&s=0n3TwHLZ6C8Fkpz3k_Y0u-7c&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

353c72ee9b3f03475b5ef8d8a0da88d4074da03d55c74fb607501cf2a5accc9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 63165
expires: Fri, 10 Jan 2025 16:50:47 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1206 11 KB
11 KB 290ms
289ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fb%2F8%2Fb84358220fcd3c91-60871baaf3a6a2b23528eccb7258ab39.jpg&v=3&w=400&rid=4&s=-Y70Xouw7W99HhjRVn5FK2ln&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

2009ed403e0621deeb9cd4d3b3778179aea5f5a23f91af12356d1fa6d0452dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11136
expires: Sun, 22 Dec 2024 10:54:14 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 1206 17 KB
17 KB 320ms
319ms Image
image/webp 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Ft%2Fo%2Ftop1-ce8858c66c92279cf6c32e31dba6ec12.jpg&v=3&w=400&rid=4&s=yEEGQGomcr6m8lYR5rImXBVE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

8a738513cf51b9e7149d7086e7bfa0cc2b7b41ace053b9ad8d618412bc4a388f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 17050
expires: Fri, 13 Dec 2024 22:22:12 GMT

GET img
imageproxy.as.criteo.net/img/ Frame 1206 0
0

POST all
csm.as.criteo.net/ Frame 1206 0
0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1206 2 KB
1 KB 242ms
242ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET privacy.svg
static.criteo.net/flash/icon/ Frame 1206 0
0

GET
H2 200 nunitosans-700.css
static.criteo.net/design/googlefont/nunitosans/ Frame 1206 2 KB
808 B 245ms
244ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f06a-67a"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 nunitosans-400.css
static.criteo.net/design/googlefont/nunitosans/ Frame 1206 2 KB
807 B 260ms
260ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f069-67a"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 nunitosans-700.css
static.criteo.net/design/googlefont/nunitosans/ Frame BC9C 2 KB
808 B 249ms
248ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f06a-67a"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 nunitosans-400.css
static.criteo.net/design/googlefont/nunitosans/ Frame BC9C 2 KB
807 B 249ms
249ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f069-67a"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:22 GMT

GET
H2 200 nunitosans-400-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame BC9C 17 KB
17 KB 1289ms
804ms Font
application/octet-stream 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Origin: https://ads.as.criteo.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f069-4254"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:23 GMT

GET
H2 200 nunitosans-700-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame BC9C 17 KB
17 KB 1074ms
593ms Font
application/octet-stream 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Origin: https://ads.as.criteo.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f06a-42dc"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:23 GMT

GET
H2 200 nunitosans-700-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 1206 17 KB
17 KB 1205ms
726ms Font
application/octet-stream 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-700.css
Origin: https://ads.as.criteo.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f06a-42dc"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:23 GMT

GET
H2 200 nunitosans-400-latin.woff2
static.criteo.net/design/googlefont/nunitosans/ Frame 1206 17 KB
17 KB 943ms
484ms Font
application/octet-stream 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/nunitosans/nunitosans-400.css
Origin: https://ads.as.criteo.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jan 2024 00:12:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:10:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f069-4254"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:12:23 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 794E 42 B
108 B 693ms
292ms Fetch
image/gif 2404:6800:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAxfpDB4yotA9MgCYgGQ8Ara3-PrQXRGr7sgyJ_N0PCmeNF5TYKSUvhoKZsy0-JIeNjC5Fg7NVlCfVGaIF06DjksO0EWz84glqOI7ABexQZSMyzjRgJ8sJ&sig=Cg0ArKJSzH4KaYy1smeREAE&id=lidar2&mcvt=1000&p=312,320,632,800&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3258149678&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705536740740&rpt=1260&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 00:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 03CC 42 B
404 B 600ms
292ms Fetch
image/gif 2404:6800:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGdKYmHddW05u0eU10CzgFfMRgQY6JyBWlJTRfkKhMS394qEU9205hyF8Y8Grc1AAo2fMTsCfDbEPqn8lGQsZpE1L_NMqMrt4SVVP1MXSGprfUC5quM_UP&sig=Cg0ArKJSzOmZIZIznAhqEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=263572579&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705536740754&rpt=1343&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 00:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame BC9C 0
127 B 242ms
242ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 00:12:23 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST all
csm.as.criteo.net/ Frame 1206 0
0

GET adview
securepubads.g.doubleclick.net/pagead/ Frame 794E 0
0

GET notify
rtb.jp2.as.criteo.com/google/auction/ Frame 794E 0
0

GET img
imageproxy.as.criteo.net/img/ Frame 1206 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: imageproxy.as.criteo.net
URL: https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F9%2F4%2F946bd97d-6aef-4912-9b01-c58ef9dc99c2-118cadd42641034773614ee28d2c7ae4.jpeg&v=3&w=400&rid=4&s=lmeZ21lExgZTsqWhTSpNqcLK&b=400

Domain: imageproxy.as.criteo.net
URL: https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fw%2Fw%2Fwwwwwwwwwwwwwww-6261fdc50cbb6be35100ecbe69862cd4.png&v=3&w=400&rid=4&s=EJOdhLpw5jbdXGbMTgHTVBn1&b=400

Domain: imageproxy.as.criteo.net
URL: https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FH%2F3%2FH3PS-2-6a68633b12dc987b2e269dd445151cf2.jpg&v=3&w=400&rid=4&s=Wfn95m4azOe1gxKfYYINCq-1&b=400

Domain: imageproxy.as.criteo.net
URL: https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FC%2FA%2FCABLI20018-53d2a5147a9d5842108fe653c9c968cf.png&v=3&w=400&rid=4&s=iPoQOq9_BonjGXK1UmF-osVK&b=400

Domain: imageproxy.as.criteo.net
URL: https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F8%2F1%2F816cca44-6d28-4175-ac6f-907313fd3b7d-277931b8d1cdb8b0b3f3ecfcf0db8518.png&v=3&w=400&rid=4&s=_hZRxCiaeWFl1u-RZujM7co3&b=400

Domain: imageproxy.as.criteo.net
URL: https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FU%2Fn%2FUntitled-design-11-1-264b27a616d8e4371a4a173ba7ccb185.png&v=3&w=400&rid=4&s=25ZJ7rLhrDYmx97nVCVhjgJo&b=400

Domain: imageproxy.as.criteo.net
URL: https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F7%2F4%2F74b0f225-4f36-41e8-abab-2e0a114adc0e-ab6ce31536e96eeb1e99b14ad33529f8_1.jpeg&v=3&w=400&rid=4&s=gVkyCnp_kdmjoz6W3FhKKeQN&b=400

Domain: imageproxy.as.criteo.net
URL: https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2FB%2Fe%2FBento_Lunch_Box_for_Kids_with_Ice_Pack_Blue_5_cc4055e7-d8b5-41fe-bd41-eedca7b77818-90f1a9eb096aa940c20c5c9bb4d499b4.jpg&v=3&w=400&rid=4&s=_CKobNdqxcu57b3Pll8fUAoU&b=400

Domain: imageproxy.as.criteo.net
URL: https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fs%2Fa%2Fsasssssssss-ee7a058861dba5af6dc7d10db0f501d3.png&v=3&w=400&rid=4&s=tm_O2h8Pl9nW8LfmusK3BAtO&b=400

Domain: csm.as.criteo.net
URL: https://csm.as.criteo.net/all?cppv=3&cpp=9vkww6s_HZuO6lAgChcV2x37w-rLacUHPtJQO7X3ibUP2tVdvW3eWtMzI_hZHUE8SkwqTfw2BhVSsvydGl-75CONCJTJs_pHBF3Jr5xo7Mfp315SEtuJa6KFNXGZTdBkcq5fVNr3o0syW1KPEqrU07m2JFm2GF2Qh_6oiGf7qf6kWeV7jmBDu7uRuYkdHa8ZNC7S1mijCneo3AINPqyqlPXKw5nVebgaSq62SjKkC28mA6thbHTGuJkYChEFfqSjjjr3hw&sds=2&rev=90272&sendBeacon=true

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/privacy.svg

Domain: csm.as.criteo.net
URL: https://csm.as.criteo.net/all?cppv=3&cpp=9vkww6s_HZuO6lAgChcV2x37w-rLacUHPtJQO7X3ibUP2tVdvW3eWtMzI_hZHUE8SkwqTfw2BhVSsvydGl-75CONCJTJs_pHBF3Jr5xo7Mfp315SEtuJa6KFNXGZTdBkcq5fVNr3o0syW1KPEqrU07m2JFm2GF2Qh_6oiGf7qf6kWeV7jmBDu7uRuYkdHa8ZNC7S1mijCneo3AINPqyqlPXKw5nVebgaSq62SjKkC28mA6thbHTGuJkYChEFfqSjjjr3hw&sds=2&rev=90272&sendBeacon=true

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkXl55GyoZcrbCtOlssUPq_ClgASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04MzYzNjUyMzI4MTI0MTIzyAEJqQJI4swVFf-lPuACAKgDAcgDAqoEmAJP0A8rDXOBlOcLSnXfNmTF9EL8orUSXXRzuq0v6YQjfvFd7kixcApjrg-gVNd2x3yIUIvIuOEBbmth6LwhsMHKPJVZTdmn6i4QM91RQLr0iy4msd5XrPoaWpi0jZ2BEQRruZJqt0I6yNz6oxN_YhDg19-aN3I8KA6_Evin3V_Y9zrUc1hl9HVr6ixu5ioGdFrTwfmXUAIJjkHSP2vBDvaTaGb1jZGap4rtW0W7Ht6oLyTbn0OfzJ8AGfLb3cly9GB1T9GjSXrtUNMLj2cSWvYw0RCQptweqv2t2ao3GcdvF53CzdCJQSupYPOJA0fjbOw7fEWjPRSiSg-qdHmXRs6PmyPqmP_4XAtzGH_FIBJkqZtAvVv_rgOe4AQBgAacjdSR1ZS4qCmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYnvmwvNPlgwOACgP6CwIIAYAMAeINEwjvwrG80-WDAxXTkqwCHSt4CUDQFQGAFwGyFx0KGxIUcHViLTgzNjM2NTIzMjgxMjQxMjMY6Z2LAQ&sigh=HLcVK1qZlcA&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_9xset-RGEdtkmB6uZgIKMhMpkGkEs9gM-bUIWgqFcIQgnv6UsetyE6emLijSgfAXSbn0u-7xcb21raqVkew651tMB7XT-szpUB0YAQ&cbvp=2&vis=1

Domain: rtb.jp2.as.criteo.com
URL: https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kOX5GMDwEeADwAJi-C0SAgAAAChCa7F-c6EOEONsqGU70VPTn4ynvJZ-AAASAAAKCkFRVUJEUUVCRFE&wp=Zahs5AACrcoCrJLTAAl4K-IlE-UDd1plcHtd1w&cbvp=2

Domain: imageproxy.as.criteo.net
URL: https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F7%2F5%2F75363-2-b2838b666044c4c3712de733476c4a33.png&v=3&w=400&rid=4&s=0n3TwHLZ6C8Fkpz3k_Y0u-7c&b=400

Domain: imageproxy.as.criteo.net
URL: https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fb%2F8%2Fb84358220fcd3c91-60871baaf3a6a2b23528eccb7258ab39.jpg&v=3&w=400&rid=4&s=-Y70Xouw7W99HhjRVn5FK2ln&b=400

Domain: imageproxy.as.criteo.net
URL: https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=107460&q=80&r=0&u=https%3A%2F%2Fwww.buykiwi.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Ft%2Fo%2Ftop1-ce8858c66c92279cf6c32e31dba6ec12.jpg&v=3&w=400&rid=4&s=yEEGQGomcr6m8lYR5rImXBVE&b=400

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 17:45:37	Name: test_cookie Value: CheckForPermission
.kversemm.xyz/	1970-01-21 03:07:12	Name: __gads Value: ID=f483524bca5b0dbd:T=1705536740:RT=1705536740:S=ALNI_MZeVu21_bh8z-hjfQCjAhItgNDpZw
.kversemm.xyz/	1970-01-21 03:07:12	Name: __gpi Value: UID=00000ce9b639b35e:T=1705536740:RT=1705536740:S=ALNI_MaWreqGslDE92MJioBN4Pzi8Q2sQA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

69da80a5ff5669d42ccca16c2d1457ae.safeframe.googlesyndication.com
ads.as.criteo.com
cat.sg1.as.criteo.com
cdnjs.cloudflare.com
csm.as.criteo.net
fonts.googleapis.com
fonts.gstatic.com
imageproxy.as.criteo.net
one.kversemm.xyz
pagead2.googlesyndication.com
reporting.agencyorquidea.com
reporting.orquidea.ai
rtb.jp2.as.criteo.com
rtb.sg1.as.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tags.worldglobalssp.xyz
tpc.googlesyndication.com
www.googletagservices.com
csm.as.criteo.net
imageproxy.as.criteo.net
rtb.jp2.as.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
182.161.73.132
2404:6800:4006:809::2001
2404:6800:4006:809::2003
2404:6800:4006:80a::2002
2404:6800:4006:811::2002
2404:6800:4006:812::200a
2404:6800:4006:813::2002
2404:6800:4006:814::2001
2406:2600:7:100::1
2406:2600:7:100::15
2406:2600:7:100::1f
2406:2600:7:100::e
2406:2600:7:100::f
2600:9000:2083:2600:0:4402:e8c0:93a1
2606:4700:3031::6815:2a94
2606:4700:3036::ac43:a308
2606:4700::6811:180e
3.90.206.144
012d32fb12b5fcf890772ba8d8d5d1503a33076b94b99dbefb505f3c77740e80
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0bb92622362f436a4368024e962a5727d99a8043c6604d65113ed65c5b6943aa
0c7f4920095694476c9df96d4a04c4b0bdb7e8c69cefe0e0e596939749508098
158f9690ca420511ebbe0b1f077ade1fd204d8a90930ce1af23f2dcec5fe8827
1f45247f8b503043294a9fdb9465f237caeb703a5b2aa58bf693c588744a8f27
2009ed403e0621deeb9cd4d3b3778179aea5f5a23f91af12356d1fa6d0452dde
22afb5aa82d321246fec17b86e2285a562eb96df9ccf4a384fcb8f0998a9470c
25a3141278c3e65cb7b2cc43fc423a166d26fdb82ca58783c51e1ebfcf6be5db
27a8c6042dcb878ffd6f98485b4f4a151217f31b344bcbdf7079a2dc30095776
2e10146b69aafaa7f9e212b2f2079ec85b22c01c15a9c68b93cb392abad0507d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
353c72ee9b3f03475b5ef8d8a0da88d4074da03d55c74fb607501cf2a5accc9d
3c6db1d0de8dec1c55f480d5f5a0891f118795de337aca6cf4eba5649fc8e25e
441ba0b1ce78cc2ff5fce1cdec2584df3e8258da4625211eda8783cfc3a65ed1
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a564c76e03e63c7d27ef06b34e62f219634c28c579efa79a360e9bd7f557e1e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
65528d8fd3d4681d77479653eee504d73006c82486de96776832fac4db0e20cd
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
703ce4bc9178e224dc34533ff7bdbd70e1c82bc4802145f591564466426af88d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
8730aafbdb6d03c6d4a37f76ebf8d504d5706fbae56686399a4b198981a0b6be
8a116f70928188044f07342d98850494a67077fbef277b0cab793415bc30c783
8a738513cf51b9e7149d7086e7bfa0cc2b7b41ace053b9ad8d618412bc4a388f
8ea45c4c4ef9081cfd5aac2cf039ce0a9e53650afcc63dd9f31924571a76aee2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9151ca3018d23b8e4d4ffe61d4268fbc16c7db1730beccdc505ef92ffe59d401
9164de11bbaee22f585ba75fefdef18f51f36f38dcf79457d4ed116257bc17cb
9720ac3f5384d0f30d83ff1a858887091a4c3d0d9f88c5d5433a98e9d242dc29
9bdf97b0b9f407b3db28d1e7540070425a68d18e65c6a480abaf7665cc03849e
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a30b1ed0079fa08121f6f164bb6aa4e7596d9f46909f2a1ceddab8154612b9c6
a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aae9a83789c80d3818cdd5a93bd22811d35aa61603b5fb88b127dfb1517eb5fa
ba25c2cda467e9c75685c7d484b3e1912c01f0168aae726d3e4d3cdc5e945df6
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd5b6c8e37bbf3bb3587d729b3cb960cc9339512b96a29f32bb946fe80bdc63e
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
dd1d87a3e43058c21090e00341b2ccce34653e9ca3e67c33e4ad7ac9ab6bc883
df35905656196b606538f4c351b6ab522caa2b6c05b34e50e45aec2e90954028
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c0131935f621627614e48ff6021e0d916ab2e9430870de3756f0c8c436a549
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f65c1c59ee82c9f291a724e2cc76c75114576e670a3889e07eb4ab4183f6a234
f6d8318d3a43dd713cbad948860dc2080ed27ba4e5fbd80b1970caeedef3e09f
f8a7a2c0722117661ca84a437b362e2bda0c1f88365c9f38993e4e166c8fd186
ffd688d0d932ddaa11047bac3784c8fcf32a2c51a4003f4a856ece7d027c0761

one.kversemm.xyz Open in urlscan Pro 2606:4700:3036::ac43:a308 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

80 %HTTPS

89 %IPv6

12 Domains

19 Subdomains

18 IPs

4 Countries

1098 kBTransfer

2522 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

one.kversemm.xyz Open in urlscan Pro
2606:4700:3036::ac43:a308 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

80 %
HTTPS

89 %
IPv6

12
Domains

19
Subdomains

18
IPs

4
Countries

1098 kB
Transfer

2522 kB
Size

3
Cookies

96 HTTP transactions
2 data transactions