urlscan.io logo urlscan.io
SecurityTrails logo

pastelink.net Open in urlscan Pro
89.35.29.15  Public Scan

Go To Rescan Add Verdict Report
URL: https://pastelink.net/jo38iwt7
Submission: On February 03 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 18 domains to perform 165 HTTP transactions. The main IP is 89.35.29.15, located in London, United Kingdom and belongs to BANDWIDTH-AS, GB. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 171647.
TLS certificate: Issued by R3 on December 2nd 2022. Valid for: 3 months.
This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 89.35.29.15 25369 (BANDWIDTH-AS)
2 142.250.4.95 15169 (GOOGLE)
1 69.16.175.42 20446 (STACKPATH...)
1 104.17.24.14 13335 (CLOUDFLAR...)
4 104.21.93.14 13335 (CLOUDFLAR...)
2 142.251.12.105 15169 (GOOGLE)
2 142.251.12.97 15169 (GOOGLE)
1 142.250.4.94 15169 (GOOGLE)
4 142.251.12.94 15169 (GOOGLE)
14 74.125.24.154 15169 (GOOGLE)
4 172.253.118.138 15169 (GOOGLE)
1 142.250.4.156 15169 (GOOGLE)
1 142.250.4.155 15169 (GOOGLE)
5 74.125.68.155 15169 (GOOGLE)
4 142.251.10.132 15169 (GOOGLE)
6 23.72.45.76 16625 (AKAMAI-AS)
5 172.217.194.154 15169 (GOOGLE)
11 74.125.68.132 15169 (GOOGLE)
3 182.161.74.19 55569 (CRITEO-AS...)
3 182.161.73.148 55569 (CRITEO-AS...)
23 182.161.73.129 55569 (CRITEO-AS...)
3 182.161.73.132 55569 (CRITEO-AS...)
5 182.161.73.135 ()
2 23.195.153.196 ()
165 25
12    89.35.29.15 (London, United Kingdom)

ASN25369 (BANDWIDTH-AS, GB)
PTR: 15.29.35.89.baremetal.zare.com
pastelink.net
2    142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net
fonts.googleapis.com
1    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    104.21.93.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.adligature.com
2    142.251.12.105 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f105.1e100.net
www.google.com
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
1    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
www.gstatic.com
4    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
fonts.gstatic.com
14    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
securepubads.g.doubleclick.net
4    172.253.118.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f138.1e100.net
www.google-analytics.com
1    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
adservice.google.co.nz
1    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
adservice.google.com
5    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
pagead2.googlesyndication.com
4    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
6    23.72.45.76 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-45-76.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
5    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
www.googletagservices.com
11    74.125.68.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f132.1e100.net
tpc.googlesyndication.com
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
3    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
23    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
3    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
5    182.161.73.135 (None, )

ASN- ()
pix.as.criteo.net
2    23.195.153.196 (None, )

ASN- ()
tcheck.outbrainimg.com
Apex Domain
Subdomains		 Transfer
28 criteo.net
static.criteo.net — Cisco Umbrella Rank: 647
pix.as.criteo.net
csm.as.criteo.net Failed
130 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
96 KB
14 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
207 KB
12 pastelink.net
pastelink.net — Cisco Umbrella Rank: 171647
219 KB
9 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 26616
ads.as.criteo.com — Cisco Umbrella Rank: 19417
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 20735
162 KB
6 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1279
widget-pixels.outbrain.com
odb.outbrain.com Failed
152 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
241 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
202 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
4 adligature.com
cdn.adligature.com — Cisco Umbrella Rank: 79079
144 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
2 KB
2 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com Failed
924 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
143 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
2 KB
1 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 122321
531 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 198
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 673
31 KB
0 ip-api.com Failed
pro.ip-api.com Failed
165 18
Domain Requested by
23 static.criteo.net ads.as.criteo.com
static.criteo.net
14 securepubads.g.doubleclick.net cdn.adligature.com
securepubads.g.doubleclick.net
pastelink.net
12 pastelink.net pastelink.net
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 pix.as.criteo.net ads.as.criteo.com
5 www.googletagservices.com securepubads.g.doubleclick.net
610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
4 widgets.outbrain.com securepubads.g.doubleclick.net
widgets.outbrain.com
4 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 fonts.gstatic.com fonts.googleapis.com
4 cdn.adligature.com pastelink.net
cdn.adligature.com
3 cat.sg1.as.criteo.com ads.as.criteo.com
3 ads.as.criteo.com 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
3 rtb.jp2.as.criteo.com pastelink.net
2 widget-pixels.outbrain.com pastelink.net
widgets.outbrain.com
2 tcheck.outbrainimg.com widgets.outbrain.com
2 www.googletagmanager.com pastelink.net
www.googletagmanager.com
2 www.google.com pastelink.net
tpc.googlesyndication.com
2 fonts.googleapis.com pastelink.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.co.nz securepubads.g.doubleclick.net
1 www.gstatic.com www.google.com
1 cdnjs.cloudflare.com pastelink.net
1 code.jquery.com pastelink.net
0 log.outbrainimg.com Failed widgets.outbrain.com
0 odb.outbrain.com Failed widgets.outbrain.com
0 csm.as.criteo.net Failed ads.as.criteo.com
0 pro.ip-api.com Failed cdn.adligature.com
165 29
Subject Issuer Validity Valid
pastelink.net
R3		 2022-12-02 -
2023-03-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-24 -
2023-03-26		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-20 -
2023-03-18		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-21		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-19 -
2023-04-16		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh

This page contains 12 frames:

Primary Page: https://pastelink.net/jo38iwt7
Frame ID: 8C776C714D990C96CD1A861865122A0E
Requests: 48 HTTP requests in this frame

Frame: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DE7A221F75AA5A841237CC27939EC347
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstHuEly96ofaN3Li_RLI03-bfu-EuALD9mZc7kWEkti7VZ5q2yp2VgrPF2Fs-W7Xtvmjv7d6hPJmJijEXE8Kc6M4yeaHtXWa2GJr8TorpRUKbwx_HDWtw69u0qbRZ3tnBAO7i5qUhuiW2j3Wofn0EFWUNmBvsTuoEgLqVNcP9PUKtVMrpovMBsCmcwMThYOGfIEqmPM4c4Go2ILz0cqrQn8sHxx1Tn4vqKprYnawv-Vhidhlct4VpH4d3_LEz8G40Am_gnNuN-Jx3ptEZVdSt2XIIMNbQjPuBHpW5VFdRurkpZ2xS7uyJnNk7lUSUsgx43LqKQ9WI3naomYDxM1nB2tp62p4ycoA&sai=AMfl-YTsE6ADsO93-LyET59yw3j6fyOjBpTcZNS3ciK0dbpcGm38-Hs6u0V4tNc1lDDn8S82o3l0Yei1lQz87zlFTWzYShM1mdKl-RyEBPC_aDcoRnH1iWXru6Y8ST9JauHw96ZlKwRszYcefSsikmmi&sig=Cg0ArKJSzLxUOkTpPnZYEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 20635146CE57A9E3A47BCD1039094B54
Requests: 9 HTTP requests in this frame

Frame: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 23A19F1E936DD045B8E737E7B3299B22
Requests: 9 HTTP requests in this frame

Frame: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7B2B139D2031B77E13CFC83115439298
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw&u=%7CK2WKD9YNtdJ%2BAhyq4p7xIDbZwthVVWlCf%2F0nnqTqxnw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17ZQoVvAuJn96lQ0OMldXHMkQB2VnCIEjLiHMibh9FfVQmqSVhFILBAtd7PGGceBKH6eVo_FvdEycFvJGNp3pFo1rw7ucOEla8g4n2dfgG1vOiIUQI8P296rG4LflUxDZIKIsPHVR0YIfa5wCGkhQIY3DbbrLvK3Q7jGzikF9VFprm16SV05JXCx8rZYrhx_Sq6LqtxCIffPYCPSe88MxFH7-dR9K8NP-qEp_e0EIdPpdNw5IdlhpUzntJm29oyhSzU1fF-qMXZ_mWP4hW8jyvMpMOkFoI_yWcr4UI9pwn2ED1w3lPZs0pW8j5u8f-dvRB3KepFDEnAaV5vT63SPNGyDdlW1vpVbzSIT18WzJscLkqNAMuSHtkK_symCCeplP3OVvARX2X3n_BjcXbtFzZKB7j6GuIJ5xktezi8lRzd1NFlQb4qMI38ZFhrvs42O5g1bFGRv1dhVBLptQdxtck4qxLzot__kDMg40eim69xfDBvYqUBZUFYHYGYfyF4hG22LexQjbBsJKTesd7hmeBer&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJFWGK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgwJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfUZaV9TOCEVJkaTBwbILqUvGQVzj2vl4Z5kJI7ts65jADDRED2AlSvLb4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqlfHYVH0CEns0TxGO75rWbQPWA%26client%3Dca-pub-9602519502618262%26adurl%3D
Frame ID: C602198DB9172029EA69C9F900414A95
Requests: 28 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAHQIwKK0rIAAUbrX7HXEQBoKL6Vypxlw&u=%7CK2WKD9YNtdI1GGfiMDkXTvGap7Xm2IieGvaikBTHuKc%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17Zx54SgB-jhHCZ0QL_txak9jztzuyeBRCLzP48FwoLcvn9_gd7Vmr-5HMvUgl_PJDdPGAP_bb8OQ3B9gyr51FEmBW-2XpX-N5tBltmcFDzDE1k-3Jor7rBlXCsCdrvh_7de0oGyQg2N5T2hEyAcV6aKWZwdKI44h3OdMwKlHxetin2sp-E5n3osbonzmzxD3LNCNegAclpPxuIPZ3rkkOfoEVMuoV757LOMTi75C-5wMyfzfFm7ey4v4MogNspTDtd7E7U8y2w6btgv8lw-u4mh2PDo-6Z-7RNVK8n-UrtVHcxl32RYgplOIu7X6HhFGCA0pRaTfMrfPq0A3fZOOCF3wHFtu85U6oiSay_3WY1nyscoS_trHXnz9n_1AQLwTvl5Wk2v2FoFpP-6yQS_-sKRv8p7tC7gWdD6kAH-nPtDwWPWeaEKVT3IhZlFOTDLqs2EeDTSzrx74wmiea73GsQrRkM9jbK6WjL2sMNnRLqL7gbQwh_tqn9HCgKzEfdHNakW-6QuRmxT0s6Le9y1FiWX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFhniK3fcY4yBHciVrQGtt5TIDJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAofQl3pbvqc-4AIAqAMBqgSFAk_QWEN2UO_UbkwNl1Wz_QnVnwsTTnn--omWbRGd9kfmFFqjVVtW497W_ihtlMblWGIjSOp4781-X4wAk9Y0Rk03sR6Y_OPlQu2jxU5_g7Bl9TLzkjaS64UA8REVL_uP7CV5An3ii3HLDAlAzPD8uvsxwL66WwwiG-wPXQRWc3lWW2l1x3TnVNvaTsLWi0Lyh2ePH3u7eAqi_cCC5C_YCqZYN8rwWu14v6h2pkn7RDke-XKJyDHNY_8ZOMVg3719eRA_xwaN_xS2A46kXA_AlCr0-0-j-VyX90OJ85CVqLts32kKKbdIVwJcPHR7L3jESDjZ1pl-JqY0BiBGPUJ-9eOjmSAow-AEAYAG1MPjwJC7t4NEoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gj18ATyzTHtRaWwTdZgvPcJb3eg%26client%3Dca-pub-9602519502618262%26adurl%3D
Frame ID: F8A25BC6D29053C9870A9F840DA49C83
Requests: 25 HTTP requests in this frame

Frame: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 914320614A08721DE5429C6825334D8D
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYaQ3A85qfnjHMXDyKZrGxrqrVd9nvrYBbHnBC-ikiqZ4gysAynsUlvypcfGqWLxQ81i6QNPqKvYvcgXSwGBPpFaUOFn2wqCkuJDaiVKJ0qeskoG-xmq66qkDhiVqEsHmltGJmlUCGKsVlattOMwIxx9gSDmo6aYobRDqbn2eZUw1TKOAUXRgCLkKZ_3zPmwm6nXoOlkZHelwva1IZh7srKeA_XkgcCUHZ2q9Trqrdm8VCzr4Ge4mQNXIg5m5w1NK1PeXMQ2dd-fqKSKLaBK3w8JtpEbdjoso2FyXruhhn2VsbcSw20PQCJuJkkOgDmeE3rV4MtNPR6eF8y4bukQ&sai=AMfl-YSmwUuFk4QD97Letxetpbo2uY1d-EfwYMl7CYdt3tNQYVF0AXuw9h7OH9SC4W8YRxeTwS3Yi4V0MSoCxc6zQSGow0h6NgF8T9oVg7DqFhat59fO638YswlJ4x_Dx0JQD8bMa4jYac5j4QBC4zyC&sig=Cg0ArKJSzLwFbulBmrAmEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E1FD4A4FB31AE8CCAD28300CA30CA0E4
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAMsMkFS4JXAAsfRnehItg4YdLGXoLh2w&u=%7CK2WKD9YNtdIeQjIPNISZ9iWeAToKd%2BNe0fIod6WITgs%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17aCGQdE8bNId4PEqU_srBfdyjnDfVxze9OICclnp3qkfbhz4nJSm6KMqSGT2uIfxTTz5w_qazhr6JLbAmvxZ2UFP-wr9u6ntGi1DRu6HQnUymBeqth1n9DV74BW1C3VtUkNGqF_BMpQaABTOwOsOkaUiA_a1A9e1ctzwa3CuVJaPoCvhxkyx61iKrNikvlZmlnq8AjgtTwmGG_2N4KxTsRU9pJlJm4961EebOq-NqeGl-MTO9ISuOanzv03XnYKy1gqoDSFU7rYq-zhLlB35luVXAdcX2YjcLkwNhEJ1TUYkhV16Ci-kC3vNmSETv-14EWjebP1QcSsDw0bpx42T6Pqv5ZQgOr69DnRzPerOdyANLQCcm8BWT4duuTggZ73qD7afHq9Brf1mFpe9lw-zmZk_tzIZQQa_s66nplECOyYAkt-PMctmVBdULf3bF2RAvRIKlCFWc-DumVjJ2tmZVV1-xdZCRrzOODlKW6rrSJiqI8QW3y-qGINbJLXAkXBFaxgNo6A9oCPQvVC3uaZ1AgJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHoUK3fcY8nhMteErtoPxr6s-AWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQKH0Jd6W76nPuACAKgDAaoEgwJP0IWqB9CCoYViUOYL3gIvHzpNmmu-xAg2JBGz0VJMbfOeXL1wIg63HXGG5ube5oLrA-oaJbQwTZPepM_Tri-p0QAljGIwJOKOitI5g_odlG_rDi9BbnzL3M8GtNTrFiX0H7GH0Vij9-muDNjDQrgOyuXDXjwaRv2auICIOsN0Iud2lF_QqauLHAdShy9eB9rlJgdvcGua9man87oU6A1mGpEJbENMN9FWhLc09X7bZFT3ltV8CmkqxYVp-gBP4HliL4SzXON6vV_J2eAqWHk_crG7rD19IobAQyeG3kenfo6i8O4CtdydvL0wYBvewEntFoswfGOVgBKhSXyfeucOSQJE4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Vxpaiku3lOcu8CTc_4MITC5j0Gg%26client%3Dca-pub-9602519502618262%26adurl%3D
Frame ID: B69F5278490D2DE9C39D6112B65806D2
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CD6D5D460495AF8BD2C9C2ED3BA4A4AA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9FE217B031A9AE984E06F6DC19A2385
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Diet Plans For Muscle Building - Pastelink.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

165
Requests

72 %
HTTPS

0 %
IPv6

18
Domains

29
Subdomains

25
IPs

4
Countries

1752 kB
Transfer

4475 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

165 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jo38iwt7
pastelink.net/ 		25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
f6991bb6b4b957f7398c31a035bf07c8a6a51d2689e6b5470db91f1a354ec351
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 02:53:26 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/ 		5 KB
773 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
ebfd96030683611d9ed054682f1ddf8b9098bc7d10105602b338605b0ae82a9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Feb 2023 02:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 02:53:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Feb 2023 02:53:26 GMT
styles.css
pastelink.net/assets/css/ 		121 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/css/styles.css?q=35
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
db2363029b4f54378ff6662b39bc15138122f515494fc54048fd89a70485fe55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/jo38iwt7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 06 Jan 2023 14:09:07 GMT
server
nginx
etag
"63b82b83-1e279"
content-type
text/css
accept-ranges
bytes
content-length
123513
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:27 GMT
content-encoding
gzip
x-sp-metadata
HS256.CLeK8p4GEogBCiQ1YzA4NjU3Ni1jMDdlLTQxZTUtOGI5Zi0yOTNlY2E4YmFlYjgQ+OiCoKvU+wIaBgin7vGeBiINMTE2LjkwLjc0LjIwMyjYvAMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGZlNjU1YzhjLWY3MzYtNGJkZi05Y2Q3LTJlODczOTAyZjk5OBib8QEiGAgCEhRjZHMyNjcubGEzLmh3Y2RuLm5ldA==.phTUo9gYRHcLn2+DnZ7uxVM4ojwE9ufOWk9VRN33gJM=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1675392807.dop212.la3.t,1675392807.cds009.la3.hn,1675392807.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
script.min.js
pastelink.net/assets/js/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/script.min.js?q=35
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/jo38iwt7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 17 Nov 2022 12:00:15 GMT
server
nginx
etag
"6376224f-a225"
content-type
application/javascript
accept-ranges
bytes
content-length
41509
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10095879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
772
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-6d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywfDAC7w5o1hyIgYeEm%2Bf6hRKmx1ye5BtRuiKNSwkrBGj1I2MQ1%2BSRKnZ8B%2FyFpXjZQnqwaagcgcNRlOiOs6S6SffTcdDTvN0tKc3b838ZDRxnjSHc8eefzRWukmGeBlsgYdHUgR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7937e0513cceeea2-AKL
expires
Wed, 24 Jan 2024 02:53:26 GMT
rules.js
cdn.adligature.com/pl/prod/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/pl/prod/rules.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.93.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c36492a8f4f52f916f38368d77be0f0944fa0304b5981dac5fac0cfd71b3280

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
386
cf-polished
origSize=29775
x-guploader-uploadid
ADPycds3LUCEID6PRZiGG0XVT4ogyeUYyWIiYFa_UdTvsEUjV6hiHJujeSrefuoGmcCSMoF6hOsIAJpsln0jeNpI_z1fIw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 30 Jan 2023 21:40:11 GMT
server
cloudflare
etag
W/"d056be6a027ac96037775cb0ef442c8e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675114811074467
content-type
application/javascript
x-goog-hash
crc32c=wVZtCQ==, md5=0Fa+agJ6yWA3d1yw70Qsjg==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvZyDrpxLP3ugmZNDhdNMV%2B44WHbrXKctfJLA3Fa6a2KVB3l3hD3hZBmsGhPDwNOk1I0c2W1DYJztVY5qsEv7iz%2F7QjG4nX3%2Fl2rUsZO9PcnpUtx2GIzQyRDNJbThzMkI7NNeHk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
29775
cf-ray
7937e0533e281c5d-AKL
expires
Fri, 03 Feb 2023 02:56:59 GMT
css2
fonts.googleapis.com/ 		1 KB
886 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Georama:wght@400&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
dc5cd273567cdb37d8a124ffbe5601f684cd87b4a4fa0203f4625eb68b8848da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Feb 2023 02:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 02:53:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Feb 2023 02:53:26 GMT
api.js
www.google.com/recaptcha/ 		906 B
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
56e73bc3c154b44d86813c0345ff992da7f8d68e93504ccccd273d359a773e85
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
571
x-xss-protection
1; mode=block
expires
Fri, 03 Feb 2023 02:53:26 GMT
gtm.js
www.googletagmanager.com/ 		185 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
efbbc0c530804b54cf89a96964b7c8f1ab1c12f979cde4fe693815a584dae9d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67368
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 01:40:14 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Feb 2023 02:53:28 GMT
advally-5.6.0.js
cdn.adligature.com/rules.js/ 		109 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/rules.js/advally-5.6.0.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/rules.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.93.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc512301255515966a31281192fd886494b8ff8a8ce75ecba79d13b1b50e2f96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4178
cf-polished
origSize=178816
x-guploader-uploadid
ADPycds0C0NTzQZj8XNu6ruj9OBYf9ylWdXPSIEnmOWHYo8E97TMUUU0yVvqfaBiXFE0O9IsF8mJcQJve8oypPwO7CArqA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 14 Dec 2022 18:36:31 GMT
server
cloudflare
etag
W/"93d406c6937e7a8018d85789ad1193d5"
vary
Accept-Encoding
x-goog-generation
1671042991645353
content-type
application/javascript
x-goog-hash
crc32c=n6grAA==, md5=k9QGxpN+eoAY2FeJrRGT1Q==
cache-control
public, max-age=7200, s-maxage=7200, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZOIHDUuTpoyrZniBUBRAeAv5p984miz6cT0bGhxC4cbEZWXyim7KuwQ0qqKmoMK5QGTYm8qingeqpPjCF3L7Zd87wdc0%2B2bOD44Wyp8qKeItP9Daa7l%2BOkJ4nHRQP3cQraRaKA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
178816
cf-ray
7937e057c8a11c5d-AKL
expires
Fri, 03 Feb 2023 03:43:49 GMT
rules.css
cdn.adligature.com/pl/prod/ 		212 B
686 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/pl/prod/rules.css
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/rules.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.93.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01894c475661e9e96bf36907c597f61284ab29d4d654e4c72fbd024664447738

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
386
x-guploader-uploadid
ADPycdvm8NcZmOi3KuDlruX3UEBwSOT95vj5zlW30_ys6nHMunzWkioMlqWYQQl93e--AMwS5O6Fpp2b8hS0vgLxcJx9o36MuBlx
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 30 Jan 2023 21:40:10 GMT
server
cloudflare
etag
W/"08ea8c3add92f19bdd3dc8ebabc350d9"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675114810025849
content-type
text/css
x-goog-hash
crc32c=ARUBlw==, md5=COqMOt2S8ZvdPcjrq8NQ2Q==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIi%2FPxRL81dAWabeZcO8Z5ssEKKVZT%2BRQzc8UyqdOOZOikcvOt5d7bK9lDHVYSA9tmXAUHjQFpcL0w6xac4K9cT%2FMdGKbSJ1SXD7Pho%2FmlkydgUS7D%2FDvCKjF9qHyZO%2BfGzdojM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
212
cf-ray
7937e057c89e1c5d-AKL
expires
Fri, 03 Feb 2023 02:57:01 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 		402 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 17:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163841
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 17:01:03 GMT
debut_light.png
pastelink.net/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/debut_light.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-10c8"
content-type
image/png
accept-ranges
bytes
content-length
4296
pastelink-logo.svg
pastelink.net/assets/images/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-d3d"
content-type
image/svg+xml
accept-ranges
bytes
content-length
3389
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
arrow-down-blue.svg
pastelink.net/assets/images/ 		239 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/arrow-down-blue.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-ef"
content-type
image/svg+xml
accept-ranges
bytes
content-length
239
moon.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/moon.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-62e"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1582
public-black.svg
pastelink.net/assets/images/ 		578 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/public-black.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-242"
content-type
image/svg+xml
accept-ranges
bytes
content-length
578
social-spritesheet.png
pastelink.net/assets/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/social-spritesheet.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-70de"
content-type
image/png
accept-ranges
bytes
content-length
28894
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:43:09 GMT
x-content-type-options
nosniff
age
295819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 16:43:09 GMT
MCo5zAn438bIEyxFf6swMnNpvPcUwW4u4yRcDh-ZjxApn9K5GvgdngEK.woff2
fonts.gstatic.com/s/georama/v8/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/georama/v8/MCo5zAn438bIEyxFf6swMnNpvPcUwW4u4yRcDh-ZjxApn9K5GvgdngEK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Georama:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
197fae860dffcf520a5c68d66e3f9b0a55e7d845871e919eb8bb3969bd242cca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 10:44:35 GMT
x-content-type-options
nosniff
age
230933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17548
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:49:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 10:44:35 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 09:44:22 GMT
x-content-type-options
nosniff
age
407346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 09:44:22 GMT
logo-bg-90-tl.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-bg-90-tl.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-933"
content-type
image/svg+xml
accept-ranges
bytes
content-length
2355
pastelink-logo-contrast.svg
pastelink.net/assets/images/logo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-contrast.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-e31"
content-type
image/svg+xml
accept-ranges
bytes
content-length
3633
logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-11c0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
4544
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:34:53 GMT
x-content-type-options
nosniff
age
321515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 09:34:53 GMT
/
pro.ip-api.com/json/ 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
7214340be8d3056311050126062812a56269e125420c4ba757608e0391bdc8e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27228
x-xss-protection
0
server
sffe
etag
"1471 / 424 of 1000 / last-modified: 1675379379"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Feb 2023 02:53:29 GMT
prebid-7.25.0.js
cdn.adligature.com/pl/prod/ 		343 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/pl/prod/prebid-7.25.0.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.93.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194e559f51337bc74515628e683e9ae1fc897207cf9ce2dc12eaeab520fb3c76

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=352333
x-guploader-uploadid
ADPycduTQhWB-hDt0EnhDmbg5LHFD2gnBigSGB1sB0cOJ9A1Cd-levVcZQkBwKEpZl0Dmy6xV5wYPW50slPA7P_iiHKqGA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 30 Jan 2023 21:40:09 GMT
server
cloudflare
etag
W/"deafa7e2ba5ddfa8759a8859e6676108"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675114808910975
content-type
application/javascript
x-goog-hash
crc32c=+uvSMg==, md5=3q+n4rpd36h1mohZ5mdhCA==
cache-control
public, max-age=900, s-maxage=300, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MO3shp1tMTBxDXdcL0emX0qSO0gFoKn4Ql4pL1CsHtdBzMVQyHX0nf8gS2LEIU%2FJk0gTmkuLIcS7b%2BmWhFN1%2FHgi%2BAGfJ1mKJBXYEUQuLu7PgmiRf1z2tCgP%2Bv2g%2F1cpA4GKlc0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
352333
cf-ray
7937e05f4b36fb80-AKL
expires
Fri, 03 Feb 2023 02:58:14 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 01:56:26 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3423
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 03 Feb 2023 03:56:26 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
9a81c4b9e8dc8a2499466cff86f589e0cc3d26f6d84e590012cb30c0f58f3908
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78534
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Feb 2023 02:53:29 GMT
collect
www.google-analytics.com/g/ 		0
169 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je3210&_p=554764126&cid=1400987578.1675392809&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675392809&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fjo38iwt7&dt=Diet%20Plans%20For%20Muscle%20Building%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:53:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=554764126&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fjo38iwt7&ul=en-us&de=UTF-8&dt=Diet%20Plans%20For%20Muscle%20Building%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=631016185&gjid=327132061&cid=1400987578.1675392809&tid=UA-55088947-2&_gid=1983480105.1675392810&_r=1&_slc=1&gtm=45He3210n8155WHPWQ&z=1599627136
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:53:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2023013001.js
securepubads.g.doubleclick.net/gpt/ 		386 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
31f3e28cb913fc9229304149e55fc4cabf206f707d068f05554692f38ea2f358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:30:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
296593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133639
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 09:35:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Jan 2024 16:30:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		73 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pastelink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
c64cda3c1c7c935b57b27894caec3b370b98d70011c8e5ea2f31691be13c8fe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60
x-xss-protection
0
expires
Fri, 03 Feb 2023 02:53:30 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=554764126&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fjo38iwt7&ul=en-us&de=UTF-8&dt=Diet%20Plans%20For%20Muscle%20Building%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=40534793&gjid=99969540&cid=1400987578.1675392809&tid=UA-197326395-9&_gid=1983480105.1675392810&_r=1&_slc=1&z=48902673
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:53:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.co.nz/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=pastelink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pastelink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3525526750775539&correlator=2549061930997246&eid=31071826%2C31072023%2C31072029%2C31072038%2C31072040%2C44761477%2C31071432&output=ldjh&gdfp_req=1&vrg=2023013001&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CBottom_adhesion_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=759513158&sfv=1-0-40&prev_scp=rand_key%3D38&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1675392810912&lmt=1675392810&dlt=1675392806291&idt=4538&adxs=436&adys=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fjo38iwt7&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=1400987578.1675392809&ga_sid=1675392811&ga_hid=554764126&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
99573f838bdd796418ebcb6b6eea425c4e3f0950b65d06abf78c39d96fced8f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9687
x-xss-protection
0
google-lineitem-id
6050546567
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138396499933
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3525526750775539&correlator=2549061930997246&eid=31071826%2C31072023%2C31072029%2C31072038%2C31072040%2C44761477%2C31071432&output=ldjh&gdfp_req=1&vrg=2023013001&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CTop_leaderboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=2&adks=2603746535&sfv=1-0-40&prev_scp=rand_key%3D38&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1675392810921&lmt=1675392810&dlt=1675392806291&idt=4538&adxs=310&adys=317&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fjo38iwt7&frm=20&vis=1&psz=705x146&msz=705x0&fws=4&ohw=1600&ga_vid=1400987578.1675392809&ga_sid=1675392811&ga_hid=554764126&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
8d4fed648bc1ca358ff10bbe206d951f835017104243827784f99539cf627910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10290
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3525526750775539&correlator=2549061930997246&eid=31071826%2C31072023%2C31072029%2C31072038%2C31072040%2C44761477%2C31071432&output=ldjh&gdfp_req=1&vrg=2023013001&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CInline_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=3&adks=245733266&sfv=1-0-40&prev_scp=rand_key%3D38&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1675392810927&lmt=1675392810&dlt=1675392806291&idt=4538&adxs=513&adys=538&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fjo38iwt7&frm=20&vis=1&psz=665x0&msz=300x0&fws=4&ohw=1600&ga_vid=1400987578.1675392809&ga_sid=1675392811&ga_hid=554764126&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9ec1b156a4da96888ff25aed81932c41430ad953502be5fb6f6465e23892d784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10272
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3525526750775539&correlator=2549061930997246&eid=31071826%2C31072023%2C31072029%2C31072038%2C31072040%2C44761477%2C31071432&output=ldjh&gdfp_req=1&vrg=2023013001&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CInline_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=4&adks=719487818&sfv=1-0-40&prev_scp=rand_key%3D38&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1675392810929&lmt=1675392810&dlt=1675392806291&idt=4538&adxs=513&adys=757&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fjo38iwt7&frm=20&vis=1&psz=665x0&msz=300x0&fws=4&ohw=1600&ga_vid=1400987578.1675392809&ga_sid=1675392811&ga_hid=554764126&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
64e5af2cd0b350ad3b3307757bee155f5e39f4f1ada61e50324e96b974070057
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9570
x-xss-protection
0
google-lineitem-id
6050546567
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138395899325
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3525526750775539&correlator=2549061930997246&eid=31071826%2C31072023%2C31072029%2C31072038%2C31072040%2C44761477%2C31071432&output=ldjh&gdfp_req=1&vrg=2023013001&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CInline_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=5&adks=2453252592&sfv=1-0-40&prev_scp=rand_key%3D38&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1675392810933&lmt=1675392810&dlt=1675392806291&idt=4538&adxs=513&adys=995&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fjo38iwt7&frm=20&vis=1&psz=665x0&msz=300x0&fws=4&ohw=1600&ga_vid=1400987578.1675392809&ga_sid=1675392811&ga_hid=554764126&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
2e917526e2a06884d0ff22fc60f4b89f569ff0bc0546e8439030348e5b180648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10276
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		548 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3525526750775539&correlator=2549061930997246&eid=31071826%2C31072023%2C31072029%2C31072038%2C31072040%2C44761477%2C31071432&output=ldjh&gdfp_req=1&vrg=2023013001&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CSidebar_MPU&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=6&adks=3854452215&sfv=1-0-40&prev_scp=rand_key%3D38&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1675392810937&lmt=1675392810&dlt=1675392806291&idt=4538&adxs=1071&adys=521&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fjo38iwt7&frm=20&vis=1&psz=168x607&msz=160x-1&fws=4&ohw=1600&ga_vid=1400987578.1675392809&ga_sid=1675392811&ga_hid=554764126&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ad4cc1ac47104d7d5a6bd0070ddf6cde2fe6ffeeb1b3062ad4c2c4c5449dd1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
280
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
b21db9a0933a44b0ec6b5ab1cdb13d3d2ea068d5bc76e7c84f4b4bebbc8f6cf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12608
x-xss-protection
0
container.html
610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE7A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:53:31 GMT
expires
Sat, 03 Feb 2024 02:53:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2063 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstHuEly96ofaN3Li_RLI03-bfu-EuALD9mZc7kWEkti7VZ5q2yp2VgrPF2Fs-W7Xtvmjv7d6hPJmJijEXE8Kc6M4yeaHtXWa2GJr8TorpRUKbwx_HDWtw69u0qbRZ3tnBAO7i5qUhuiW2j3Wofn0EFWUNmBvsTuoEgLqVNcP9PUKtVMrpovMBsCmcwMThYOGfIEqmPM4c4Go2ILz0cqrQn8sHxx1Tn4vqKprYnawv-Vhidhlct4VpH4d3_LEz8G40Am_gnNuN-Jx3ptEZVdSt2XIIMNbQjPuBHpW5VFdRurkpZ2xS7uyJnNk7lUSUsgx43LqKQ9WI3naomYDxM1nB2tp62p4ycoA&sai=AMfl-YTsE6ADsO93-LyET59yw3j6fyOjBpTcZNS3ciK0dbpcGm38-Hs6u0V4tNc1lDDn8S82o3l0Yei1lQz87zlFTWzYShM1mdKl-RyEBPC_aDcoRnH1iWXru6Y8ST9JauHw96ZlKwRszYcefSsikmmi&sig=Cg0ArKJSzLxUOkTpPnZYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 03 Feb 2023 02:53:31 GMT
outbrain.js
widgets.outbrain.com/ Frame 2063 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.45.76 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7b624576673db56a254ac196222eb86d59d5ffffc6098e7c9c99589d5d8dd04b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:32 GMT
content-encoding
gzip
last-modified
Wed, 01 Feb 2023 13:36:31 GMT
etag
"18-ea2Ja2Ghagr00O5yx4HIN95+HKI"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
b81c3cdf3bbcd7f52185460b6cfb959b
timing-allow-origin
*, *
content-length
76271
access-control-request-headers
X-OB-STG,X-OB-PRD
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2063 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:53:32 GMT
container.html
610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 23A1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:53:31 GMT
expires
Sat, 03 Feb 2024 02:53:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:53:32 GMT
container.html
610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B2B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:53:31 GMT
expires
Sat, 03 Feb 2024 02:53:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 23A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CovALK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgAJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfQRYdkYrxsw3bi2wX1ldM4jvVVZ00NdgjxH6dSGlVYbsFNOvnh7a4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05NjAyNTE5NTAyNjE4MjYyGPrefA&sigh=uQL4cMZikg0&uach_m=[UACH]&cid=CAQSSwDUE5ym2Oun3LzQz9UF5svI_bpQPvnYU4f52GiMZIUP-H6Rieulz4LTwRwG3ec0fNTgvAtKlYIcM9QvfTy6_A5SbpeNciuxUVHEOhgB
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 23A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kO3gCfz1BqwC-gFi-C0SAgAAADJCIdTnX8kaECt33GMqVAAltOgrpDdXrAASAAAKDkFRVUREUVlCRFFFQkRR&wp=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
163516
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame C602 		153 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw&u=%7CK2WKD9YNtdJ%2BAhyq4p7xIDbZwthVVWlCf%2F0nnqTqxnw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17ZQoVvAuJn96lQ0OMldXHMkQB2VnCIEjLiHMibh9FfVQmqSVhFILBAtd7PGGceBKH6eVo_FvdEycFvJGNp3pFo1rw7ucOEla8g4n2dfgG1vOiIUQI8P296rG4LflUxDZIKIsPHVR0YIfa5wCGkhQIY3DbbrLvK3Q7jGzikF9VFprm16SV05JXCx8rZYrhx_Sq6LqtxCIffPYCPSe88MxFH7-dR9K8NP-qEp_e0EIdPpdNw5IdlhpUzntJm29oyhSzU1fF-qMXZ_mWP4hW8jyvMpMOkFoI_yWcr4UI9pwn2ED1w3lPZs0pW8j5u8f-dvRB3KepFDEnAaV5vT63SPNGyDdlW1vpVbzSIT18WzJscLkqNAMuSHtkK_symCCeplP3OVvARX2X3n_BjcXbtFzZKB7j6GuIJ5xktezi8lRzd1NFlQb4qMI38ZFhrvs42O5g1bFGRv1dhVBLptQdxtck4qxLzot__kDMg40eim69xfDBvYqUBZUFYHYGYfyF4hG22LexQjbBsJKTesd7hmeBer&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJFWGK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgwJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfUZaV9TOCEVJkaTBwbILqUvGQVzj2vl4Z5kJI7ts65jADDRED2AlSvLb4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqlfHYVH0CEns0TxGO75rWbQPWA%26client%3Dca-pub-9602519502618262%26adurl%3D
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
58569e727c468f7c3c28e3c4d4f7bb71fc7417484d743aaf754c9b4c82ff8936
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:53:32 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=zYfCCcGANlJHskykefUL8o7RJU9mve730ZpKYYaOM5B--OumZRxKpY5YPIzpfLmy84a1Wc8RGlXcEFyzjwRo8TXFtJ3-vIb3jOd3FG16HjB0N9yDQvdYzUAg08wXC3vOjZ4pqpBP2hFmxQF3lJeK4Z-gBrtwFeDJ6rZUicUyoMRkSfBa3DBBHWNTMRXVYlcnTCvHBLynAZfnoI7g97DFalvcuWbE-rfd3frXIYEMbt5UkdBVJIKx7h4bS9ck2Wz-IU6QKg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
74107814
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 23A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
21905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 23A1 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
21905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 23A1 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 21:56:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
277018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Jan 2024 21:56:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 23A1 		157 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:53:32 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7B2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cg-yJK3fcY4yBHciVrQGtt5TIDJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAofQl3pbvqc-4AIAqAMBqgSCAk_QWEN2UO_UbkwNl1Wz_QnVnwsTTnn--omWbRGd9kfmFFqjVVtW497W_ihtlMblWGIjSOp4781-X4wAk9Y0Rk03sR6Y_OPlQu2jxU5_g7Bl9TLzkjaS64UA8REVL_uP7CV5An3ii3HLDAlAzPD8uvsxwL66WwwiG-wPXQRWc3lWW2l1x3TnVNvaTsLWi0Lyh2ePH3u7eAqi_cCC5C_YCqZYN8rwWu14v6h2pkn7RDke-XKJyDHNY_8ZOMVg3719eRA_xwaN_xS2A46kXA_AlCr0-0-j-VyX90OJ85DXqpr-OqeDV0jBJpy3au64BmzO3zL3znH21fCuz55YEVqZHnLdZuAEAYAG1MPjwJC7t4NEoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTYwMjUxOTUwMjYxODI2Mhj63nw&sigh=dn4EHFHpsHM&uach_m=[UACH]&cid=CAQSTADUE5ym_SQPZ-86x_DoNQx0e7ARFEnSRc14TykzXOzLhkdzeGuspeM7SXn6ZhNy8BsfZuAymIaUjNGWaUiL2_QKPSTmss8991qMGxcYAQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 7B2B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kO3gCfz1BqwC-gFi-C0SAgAAADJCIdTnX8kaECt33GNiVyZW_F4afyZd_AASAAAKDkFRVUJEUVlCRFFFQkRR&wp=Y9x3KwAHQIwKK0rIAAUbrX7HXEQBoKL6Vypxlw
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:32 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
183633
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame F8A2 		218 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAHQIwKK0rIAAUbrX7HXEQBoKL6Vypxlw&u=%7CK2WKD9YNtdI1GGfiMDkXTvGap7Xm2IieGvaikBTHuKc%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17Zx54SgB-jhHCZ0QL_txak9jztzuyeBRCLzP48FwoLcvn9_gd7Vmr-5HMvUgl_PJDdPGAP_bb8OQ3B9gyr51FEmBW-2XpX-N5tBltmcFDzDE1k-3Jor7rBlXCsCdrvh_7de0oGyQg2N5T2hEyAcV6aKWZwdKI44h3OdMwKlHxetin2sp-E5n3osbonzmzxD3LNCNegAclpPxuIPZ3rkkOfoEVMuoV757LOMTi75C-5wMyfzfFm7ey4v4MogNspTDtd7E7U8y2w6btgv8lw-u4mh2PDo-6Z-7RNVK8n-UrtVHcxl32RYgplOIu7X6HhFGCA0pRaTfMrfPq0A3fZOOCF3wHFtu85U6oiSay_3WY1nyscoS_trHXnz9n_1AQLwTvl5Wk2v2FoFpP-6yQS_-sKRv8p7tC7gWdD6kAH-nPtDwWPWeaEKVT3IhZlFOTDLqs2EeDTSzrx74wmiea73GsQrRkM9jbK6WjL2sMNnRLqL7gbQwh_tqn9HCgKzEfdHNakW-6QuRmxT0s6Le9y1FiWX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFhniK3fcY4yBHciVrQGtt5TIDJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAofQl3pbvqc-4AIAqAMBqgSFAk_QWEN2UO_UbkwNl1Wz_QnVnwsTTnn--omWbRGd9kfmFFqjVVtW497W_ihtlMblWGIjSOp4781-X4wAk9Y0Rk03sR6Y_OPlQu2jxU5_g7Bl9TLzkjaS64UA8REVL_uP7CV5An3ii3HLDAlAzPD8uvsxwL66WwwiG-wPXQRWc3lWW2l1x3TnVNvaTsLWi0Lyh2ePH3u7eAqi_cCC5C_YCqZYN8rwWu14v6h2pkn7RDke-XKJyDHNY_8ZOMVg3719eRA_xwaN_xS2A46kXA_AlCr0-0-j-VyX90OJ85CVqLts32kKKbdIVwJcPHR7L3jESDjZ1pl-JqY0BiBGPUJ-9eOjmSAow-AEAYAG1MPjwJC7t4NEoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gj18ATyzTHtRaWwTdZgvPcJb3eg%26client%3Dca-pub-9602519502618262%26adurl%3D
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
7cfc76a8654b5253ce6055cfdc7a952a8715e651c49de0fccca18520758dcf13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:53:32 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=46DJl8GANlJHskykUxqrTPAxN5x6iBcrWQxSvC04o4vrHzj-SZSt6v1F-qTEy7MtdIX9owiGkbeKjXtQ5RcduYdLr7aomV2dIrTHyzCZ1T0VdyPRn-XnV7GseQ7x8j6wVzL0SDuQCwF963XJg9Wvyz_T4cpF3cjJayOpcNoluRVuPJkp9PfHWklMJuoHOzGOTsNxUGK-UlgbONihuVuallROqMHk9iTIaNI8LPGFRYKLUSdQcVWtGStM-6ZdlanGjCFlQ6JLs7x0Lhpm"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
95479426
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 7B2B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
21905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 7B2B 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
21905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7B2B 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 21:56:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
277018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Jan 2024 21:56:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7B2B 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:53:32 GMT
container.html
610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9143 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:53:31 GMT
expires
Sat, 03 Feb 2024 02:53:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame E1FD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYaQ3A85qfnjHMXDyKZrGxrqrVd9nvrYBbHnBC-ikiqZ4gysAynsUlvypcfGqWLxQ81i6QNPqKvYvcgXSwGBPpFaUOFn2wqCkuJDaiVKJ0qeskoG-xmq66qkDhiVqEsHmltGJmlUCGKsVlattOMwIxx9gSDmo6aYobRDqbn2eZUw1TKOAUXRgCLkKZ_3zPmwm6nXoOlkZHelwva1IZh7srKeA_XkgcCUHZ2q9Trqrdm8VCzr4Ge4mQNXIg5m5w1NK1PeXMQ2dd-fqKSKLaBK3w8JtpEbdjoso2FyXruhhn2VsbcSw20PQCJuJkkOgDmeE3rV4MtNPR6eF8y4bukQ&sai=AMfl-YSmwUuFk4QD97Letxetpbo2uY1d-EfwYMl7CYdt3tNQYVF0AXuw9h7OH9SC4W8YRxeTwS3Yi4V0MSoCxc6zQSGow0h6NgF8T9oVg7DqFhat59fO638YswlJ4x_Dx0JQD8bMa4jYac5j4QBC4zyC&sig=Cg0ArKJSzLwFbulBmrAmEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
outbrain.js
widgets.outbrain.com/ Frame E1FD 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.45.76 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7b624576673db56a254ac196222eb86d59d5ffffc6098e7c9c99589d5d8dd04b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
last-modified
Wed, 01 Feb 2023 13:36:31 GMT
etag
"18-ea2Ja2Ghagr00O5yx4HIN95+HKI"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
b81c3cdf3bbcd7f52185460b6cfb959b
timing-allow-origin
*, *
content-length
76271
access-control-request-headers
X-OB-STG,X-OB-PRD
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E1FD 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:53:32 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9143 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwltlK3fcY8nhMteErtoPxr6s-AWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQKH0Jd6W76nPuACAKgDAaoEgAJP0IWqB9CCoYViUOYL3gIvHzpNmmu-xAg2JBGz0VJMbfOeXL1wIg63HXGG5ube5oLrA-oaJbQwTZPepM_Tri-p0QAljGIwJOKOitI5g_odlG_rDi9BbnzL3M8GtNTrFiX0H7GH0Vij9-muDNjDQrgOyuXDXjwaRv2auICIOsN0Iud2lF_QqauLHAdShy9eB9rlJgdvcGua9man87oU6A1mGpEJbENMN9FWhLc09X7bZFT3ltV8CmkqxYVp-gBP4HliL4SzXON6vV_J2eAqWHk_crG7rD19IobAQ2WE_9VCsAfcD2dzKzfLJn4ZdBFJymf1_gPDKvlcPgyNUZt065nx4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05NjAyNTE5NTAyNjE4MjYyGPrefA&sigh=82gHd6Q0cOM&uach_m=[UACH]&cid=CAQSTADUE5ym0DFPVMJrBGBf4xotkbTyP2u8oMwJnVo4_ohF6CWafbAWmDsrzoGyogJa8Cn2n7_9CUZzixV3OVbUAKh-AtIzZHnKihJv0yMYAQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 9143 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kO3gCfz1BqwC-gFi-C0SAgAAADJCIdTnX8kaECt33GP0Hy49nwof3LF2twASAAAKDkFRVUJEUVlCRFFFUERR&wp=Y9x3KwAMsMkFS4JXAAsfRnehItg4YdLGXoLh2w
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:32 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
174309
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame B69F 		181 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAMsMkFS4JXAAsfRnehItg4YdLGXoLh2w&u=%7CK2WKD9YNtdIeQjIPNISZ9iWeAToKd%2BNe0fIod6WITgs%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17aCGQdE8bNId4PEqU_srBfdyjnDfVxze9OICclnp3qkfbhz4nJSm6KMqSGT2uIfxTTz5w_qazhr6JLbAmvxZ2UFP-wr9u6ntGi1DRu6HQnUymBeqth1n9DV74BW1C3VtUkNGqF_BMpQaABTOwOsOkaUiA_a1A9e1ctzwa3CuVJaPoCvhxkyx61iKrNikvlZmlnq8AjgtTwmGG_2N4KxTsRU9pJlJm4961EebOq-NqeGl-MTO9ISuOanzv03XnYKy1gqoDSFU7rYq-zhLlB35luVXAdcX2YjcLkwNhEJ1TUYkhV16Ci-kC3vNmSETv-14EWjebP1QcSsDw0bpx42T6Pqv5ZQgOr69DnRzPerOdyANLQCcm8BWT4duuTggZ73qD7afHq9Brf1mFpe9lw-zmZk_tzIZQQa_s66nplECOyYAkt-PMctmVBdULf3bF2RAvRIKlCFWc-DumVjJ2tmZVV1-xdZCRrzOODlKW6rrSJiqI8QW3y-qGINbJLXAkXBFaxgNo6A9oCPQvVC3uaZ1AgJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHoUK3fcY8nhMteErtoPxr6s-AWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQKH0Jd6W76nPuACAKgDAaoEgwJP0IWqB9CCoYViUOYL3gIvHzpNmmu-xAg2JBGz0VJMbfOeXL1wIg63HXGG5ube5oLrA-oaJbQwTZPepM_Tri-p0QAljGIwJOKOitI5g_odlG_rDi9BbnzL3M8GtNTrFiX0H7GH0Vij9-muDNjDQrgOyuXDXjwaRv2auICIOsN0Iud2lF_QqauLHAdShy9eB9rlJgdvcGua9man87oU6A1mGpEJbENMN9FWhLc09X7bZFT3ltV8CmkqxYVp-gBP4HliL4SzXON6vV_J2eAqWHk_crG7rD19IobAQyeG3kenfo6i8O4CtdydvL0wYBvewEntFoswfGOVgBKhSXyfeucOSQJE4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Vxpaiku3lOcu8CTc_4MITC5j0Gg%26client%3Dca-pub-9602519502618262%26adurl%3D
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
28e3e3001edea4154dea2ebdd82415dfbf74f9f7a441cbf4475ab215eedbdca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:53:32 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=Y0fV9MGANlJHskykm0aU0TKukvY7s-xtGaj7HcEk1lJslqh1zTPAEKbx8ti_ke1Ssmw1G6N5kdl9n6EExJBsJgv0VRsOsqHFFdd8xxjUZP5k_Cy2E9REII3epTFdpEzWbr4hNzTISgbGgejE965IGeeMzIzzSQfvfFSevGQaNnBUFo-OThl6T0_OcY9dqAbfE_TMEyKJEdETwm2tB-GlPiyYbzyCthYziX1WUowqt5khjyHFIQPtfvxFL0a_OLfl-QVEnA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
101288942
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 9143 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
21905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 9143 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
21905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9143 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 21:56:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
277018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Jan 2024 21:56:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9143 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:53:32 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame C602 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw&u=%7CK2WKD9YNtdJ%2BAhyq4p7xIDbZwthVVWlCf%2F0nnqTqxnw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17ZQoVvAuJn96lQ0OMldXHMkQB2VnCIEjLiHMibh9FfVQmqSVhFILBAtd7PGGceBKH6eVo_FvdEycFvJGNp3pFo1rw7ucOEla8g4n2dfgG1vOiIUQI8P296rG4LflUxDZIKIsPHVR0YIfa5wCGkhQIY3DbbrLvK3Q7jGzikF9VFprm16SV05JXCx8rZYrhx_Sq6LqtxCIffPYCPSe88MxFH7-dR9K8NP-qEp_e0EIdPpdNw5IdlhpUzntJm29oyhSzU1fF-qMXZ_mWP4hW8jyvMpMOkFoI_yWcr4UI9pwn2ED1w3lPZs0pW8j5u8f-dvRB3KepFDEnAaV5vT63SPNGyDdlW1vpVbzSIT18WzJscLkqNAMuSHtkK_symCCeplP3OVvARX2X3n_BjcXbtFzZKB7j6GuIJ5xktezi8lRzd1NFlQb4qMI38ZFhrvs42O5g1bFGRv1dhVBLptQdxtck4qxLzot__kDMg40eim69xfDBvYqUBZUFYHYGYfyF4hG22LexQjbBsJKTesd7hmeBer&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJFWGK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgwJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfUZaV9TOCEVJkaTBwbILqUvGQVzj2vl4Z5kJI7ts65jADDRED2AlSvLb4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqlfHYVH0CEns0TxGO75rWbQPWA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame C602 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw&u=%7CK2WKD9YNtdJ%2BAhyq4p7xIDbZwthVVWlCf%2F0nnqTqxnw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17ZQoVvAuJn96lQ0OMldXHMkQB2VnCIEjLiHMibh9FfVQmqSVhFILBAtd7PGGceBKH6eVo_FvdEycFvJGNp3pFo1rw7ucOEla8g4n2dfgG1vOiIUQI8P296rG4LflUxDZIKIsPHVR0YIfa5wCGkhQIY3DbbrLvK3Q7jGzikF9VFprm16SV05JXCx8rZYrhx_Sq6LqtxCIffPYCPSe88MxFH7-dR9K8NP-qEp_e0EIdPpdNw5IdlhpUzntJm29oyhSzU1fF-qMXZ_mWP4hW8jyvMpMOkFoI_yWcr4UI9pwn2ED1w3lPZs0pW8j5u8f-dvRB3KepFDEnAaV5vT63SPNGyDdlW1vpVbzSIT18WzJscLkqNAMuSHtkK_symCCeplP3OVvARX2X3n_BjcXbtFzZKB7j6GuIJ5xktezi8lRzd1NFlQb4qMI38ZFhrvs42O5g1bFGRv1dhVBLptQdxtck4qxLzot__kDMg40eim69xfDBvYqUBZUFYHYGYfyF4hG22LexQjbBsJKTesd7hmeBer&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJFWGK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgwJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfUZaV9TOCEVJkaTBwbILqUvGQVzj2vl4Z5kJI7ts65jADDRED2AlSvLb4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqlfHYVH0CEns0TxGO75rWbQPWA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C602 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw&u=%7CK2WKD9YNtdJ%2BAhyq4p7xIDbZwthVVWlCf%2F0nnqTqxnw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17ZQoVvAuJn96lQ0OMldXHMkQB2VnCIEjLiHMibh9FfVQmqSVhFILBAtd7PGGceBKH6eVo_FvdEycFvJGNp3pFo1rw7ucOEla8g4n2dfgG1vOiIUQI8P296rG4LflUxDZIKIsPHVR0YIfa5wCGkhQIY3DbbrLvK3Q7jGzikF9VFprm16SV05JXCx8rZYrhx_Sq6LqtxCIffPYCPSe88MxFH7-dR9K8NP-qEp_e0EIdPpdNw5IdlhpUzntJm29oyhSzU1fF-qMXZ_mWP4hW8jyvMpMOkFoI_yWcr4UI9pwn2ED1w3lPZs0pW8j5u8f-dvRB3KepFDEnAaV5vT63SPNGyDdlW1vpVbzSIT18WzJscLkqNAMuSHtkK_symCCeplP3OVvARX2X3n_BjcXbtFzZKB7j6GuIJ5xktezi8lRzd1NFlQb4qMI38ZFhrvs42O5g1bFGRv1dhVBLptQdxtck4qxLzot__kDMg40eim69xfDBvYqUBZUFYHYGYfyF4hG22LexQjbBsJKTesd7hmeBer&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJFWGK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgwJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfUZaV9TOCEVJkaTBwbILqUvGQVzj2vl4Z5kJI7ts65jADDRED2AlSvLb4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqlfHYVH0CEns0TxGO75rWbQPWA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 29 Jan 2024 02:53:33 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C602 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw&u=%7CK2WKD9YNtdJ%2BAhyq4p7xIDbZwthVVWlCf%2F0nnqTqxnw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17ZQoVvAuJn96lQ0OMldXHMkQB2VnCIEjLiHMibh9FfVQmqSVhFILBAtd7PGGceBKH6eVo_FvdEycFvJGNp3pFo1rw7ucOEla8g4n2dfgG1vOiIUQI8P296rG4LflUxDZIKIsPHVR0YIfa5wCGkhQIY3DbbrLvK3Q7jGzikF9VFprm16SV05JXCx8rZYrhx_Sq6LqtxCIffPYCPSe88MxFH7-dR9K8NP-qEp_e0EIdPpdNw5IdlhpUzntJm29oyhSzU1fF-qMXZ_mWP4hW8jyvMpMOkFoI_yWcr4UI9pwn2ED1w3lPZs0pW8j5u8f-dvRB3KepFDEnAaV5vT63SPNGyDdlW1vpVbzSIT18WzJscLkqNAMuSHtkK_symCCeplP3OVvARX2X3n_BjcXbtFzZKB7j6GuIJ5xktezi8lRzd1NFlQb4qMI38ZFhrvs42O5g1bFGRv1dhVBLptQdxtck4qxLzot__kDMg40eim69xfDBvYqUBZUFYHYGYfyF4hG22LexQjbBsJKTesd7hmeBer&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJFWGK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgwJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfUZaV9TOCEVJkaTBwbILqUvGQVzj2vl4Z5kJI7ts65jADDRED2AlSvLb4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqlfHYVH0CEns0TxGO75rWbQPWA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 29 Jan 2024 02:53:33 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame C602 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=cklOHiqv98XlwcaED8si394oxGmQrXKW2-2dCJSAJw3NlupdcKLrJhEMJM-GbbWpHWLLDMzOFhG4b8SBdkn7xGv71pizG-8bVTspW1L-j2ZfgMLn9_-rzzlPZqrSSWKwFvXLATbFy4btx_wrjNiFjauqXTf15r14pVNUFHDmr7PPdGhXrql4G6T-OzPT7VKdLz8TV12BEp8w-4Rpx02gtwgkxbmfDVBXqKRfWzdZs4dAQxdAYA-0S8zhR30w21eIIMJmcB9_WDFOymsItrHk-eaWB_Kd_fnE7FyBKgkeLiqB55PN9zydakS1oSaYkH3BzrDiGWq7qiC-iB1FhMM6lk-0QIyNpgh5zU687x4HhuYLM_YD2Ko3JQ7VzW9i8A17Ga0JZUWwuoeSfElLoNFAE5bC9Dqz3vIJdLsUP5RAWoX7nkQw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw&u=%7CK2WKD9YNtdJ%2BAhyq4p7xIDbZwthVVWlCf%2F0nnqTqxnw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17ZQoVvAuJn96lQ0OMldXHMkQB2VnCIEjLiHMibh9FfVQmqSVhFILBAtd7PGGceBKH6eVo_FvdEycFvJGNp3pFo1rw7ucOEla8g4n2dfgG1vOiIUQI8P296rG4LflUxDZIKIsPHVR0YIfa5wCGkhQIY3DbbrLvK3Q7jGzikF9VFprm16SV05JXCx8rZYrhx_Sq6LqtxCIffPYCPSe88MxFH7-dR9K8NP-qEp_e0EIdPpdNw5IdlhpUzntJm29oyhSzU1fF-qMXZ_mWP4hW8jyvMpMOkFoI_yWcr4UI9pwn2ED1w3lPZs0pW8j5u8f-dvRB3KepFDEnAaV5vT63SPNGyDdlW1vpVbzSIT18WzJscLkqNAMuSHtkK_symCCeplP3OVvARX2X3n_BjcXbtFzZKB7j6GuIJ5xktezi8lRzd1NFlQb4qMI38ZFhrvs42O5g1bFGRv1dhVBLptQdxtck4qxLzot__kDMg40eim69xfDBvYqUBZUFYHYGYfyF4hG22LexQjbBsJKTesd7hmeBer&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJFWGK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgwJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfUZaV9TOCEVJkaTBwbILqUvGQVzj2vl4Z5kJI7ts65jADDRED2AlSvLb4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqlfHYVH0CEns0TxGO75rWbQPWA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:53:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1759696
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 2063 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8febb4e50970e5b0766a727dd1114505a726abac6b828b02b63839677e69be89

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame C602 		2 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw&u=%7CK2WKD9YNtdJ%2BAhyq4p7xIDbZwthVVWlCf%2F0nnqTqxnw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17ZQoVvAuJn96lQ0OMldXHMkQB2VnCIEjLiHMibh9FfVQmqSVhFILBAtd7PGGceBKH6eVo_FvdEycFvJGNp3pFo1rw7ucOEla8g4n2dfgG1vOiIUQI8P296rG4LflUxDZIKIsPHVR0YIfa5wCGkhQIY3DbbrLvK3Q7jGzikF9VFprm16SV05JXCx8rZYrhx_Sq6LqtxCIffPYCPSe88MxFH7-dR9K8NP-qEp_e0EIdPpdNw5IdlhpUzntJm29oyhSzU1fF-qMXZ_mWP4hW8jyvMpMOkFoI_yWcr4UI9pwn2ED1w3lPZs0pW8j5u8f-dvRB3KepFDEnAaV5vT63SPNGyDdlW1vpVbzSIT18WzJscLkqNAMuSHtkK_symCCeplP3OVvARX2X3n_BjcXbtFzZKB7j6GuIJ5xktezi8lRzd1NFlQb4qMI38ZFhrvs42O5g1bFGRv1dhVBLptQdxtck4qxLzot__kDMg40eim69xfDBvYqUBZUFYHYGYfyF4hG22LexQjbBsJKTesd7hmeBer&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJFWGK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgwJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfUZaV9TOCEVJkaTBwbILqUvGQVzj2vl4Z5kJI7ts65jADDRED2AlSvLb4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqlfHYVH0CEns0TxGO75rWbQPWA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
truncated
/ Frame 23A1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d9828b637fb2daa38f1b1374faacea1c3e3f900b3db46a171a346810391ff7b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame C602 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw&u=%7CK2WKD9YNtdJ%2BAhyq4p7xIDbZwthVVWlCf%2F0nnqTqxnw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17ZQoVvAuJn96lQ0OMldXHMkQB2VnCIEjLiHMibh9FfVQmqSVhFILBAtd7PGGceBKH6eVo_FvdEycFvJGNp3pFo1rw7ucOEla8g4n2dfgG1vOiIUQI8P296rG4LflUxDZIKIsPHVR0YIfa5wCGkhQIY3DbbrLvK3Q7jGzikF9VFprm16SV05JXCx8rZYrhx_Sq6LqtxCIffPYCPSe88MxFH7-dR9K8NP-qEp_e0EIdPpdNw5IdlhpUzntJm29oyhSzU1fF-qMXZ_mWP4hW8jyvMpMOkFoI_yWcr4UI9pwn2ED1w3lPZs0pW8j5u8f-dvRB3KepFDEnAaV5vT63SPNGyDdlW1vpVbzSIT18WzJscLkqNAMuSHtkK_symCCeplP3OVvARX2X3n_BjcXbtFzZKB7j6GuIJ5xktezi8lRzd1NFlQb4qMI38ZFhrvs42O5g1bFGRv1dhVBLptQdxtck4qxLzot__kDMg40eim69xfDBvYqUBZUFYHYGYfyF4hG22LexQjbBsJKTesd7hmeBer&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJFWGK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgwJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfUZaV9TOCEVJkaTBwbILqUvGQVzj2vl4Z5kJI7ts65jADDRED2AlSvLb4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqlfHYVH0CEns0TxGO75rWbQPWA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
img
pix.as.criteo.net/img/ Frame C602 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=76&m=0&partner=52913&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F15516%2F190213%2F86f0f1f708604b2d82f69cc681c004dd_untitled-1.png&v=3&w=596&s=ywrMWPeHbKxpAJ0LjoX1w9JJ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw&u=%7CK2WKD9YNtdJ%2BAhyq4p7xIDbZwthVVWlCf%2F0nnqTqxnw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17ZQoVvAuJn96lQ0OMldXHMkQB2VnCIEjLiHMibh9FfVQmqSVhFILBAtd7PGGceBKH6eVo_FvdEycFvJGNp3pFo1rw7ucOEla8g4n2dfgG1vOiIUQI8P296rG4LflUxDZIKIsPHVR0YIfa5wCGkhQIY3DbbrLvK3Q7jGzikF9VFprm16SV05JXCx8rZYrhx_Sq6LqtxCIffPYCPSe88MxFH7-dR9K8NP-qEp_e0EIdPpdNw5IdlhpUzntJm29oyhSzU1fF-qMXZ_mWP4hW8jyvMpMOkFoI_yWcr4UI9pwn2ED1w3lPZs0pW8j5u8f-dvRB3KepFDEnAaV5vT63SPNGyDdlW1vpVbzSIT18WzJscLkqNAMuSHtkK_symCCeplP3OVvARX2X3n_BjcXbtFzZKB7j6GuIJ5xktezi8lRzd1NFlQb4qMI38ZFhrvs42O5g1bFGRv1dhVBLptQdxtck4qxLzot__kDMg40eim69xfDBvYqUBZUFYHYGYfyF4hG22LexQjbBsJKTesd7hmeBer&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJFWGK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgwJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfUZaV9TOCEVJkaTBwbILqUvGQVzj2vl4Z5kJI7ts65jADDRED2AlSvLb4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqlfHYVH0CEns0TxGO75rWbQPWA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28342993
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32923
expires
Thu, 28 Dec 2023 03:56:48 GMT
img
pix.as.criteo.net/img/ Frame C602 		0
0
img
pix.as.criteo.net/img/ Frame C602 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmaca-3200-mg-per-serving-120-quick-release-capsules-1981.jpg&v=3&w=400&s=r58xDfT548ktOiHO9-uOj8Y3&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw&u=%7CK2WKD9YNtdJ%2BAhyq4p7xIDbZwthVVWlCf%2F0nnqTqxnw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17ZQoVvAuJn96lQ0OMldXHMkQB2VnCIEjLiHMibh9FfVQmqSVhFILBAtd7PGGceBKH6eVo_FvdEycFvJGNp3pFo1rw7ucOEla8g4n2dfgG1vOiIUQI8P296rG4LflUxDZIKIsPHVR0YIfa5wCGkhQIY3DbbrLvK3Q7jGzikF9VFprm16SV05JXCx8rZYrhx_Sq6LqtxCIffPYCPSe88MxFH7-dR9K8NP-qEp_e0EIdPpdNw5IdlhpUzntJm29oyhSzU1fF-qMXZ_mWP4hW8jyvMpMOkFoI_yWcr4UI9pwn2ED1w3lPZs0pW8j5u8f-dvRB3KepFDEnAaV5vT63SPNGyDdlW1vpVbzSIT18WzJscLkqNAMuSHtkK_symCCeplP3OVvARX2X3n_BjcXbtFzZKB7j6GuIJ5xktezi8lRzd1NFlQb4qMI38ZFhrvs42O5g1bFGRv1dhVBLptQdxtck4qxLzot__kDMg40eim69xfDBvYqUBZUFYHYGYfyF4hG22LexQjbBsJKTesd7hmeBer&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJFWGK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgwJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfUZaV9TOCEVJkaTBwbILqUvGQVzj2vl4Z5kJI7ts65jADDRED2AlSvLb4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqlfHYVH0CEns0TxGO75rWbQPWA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
2a472551ae09f481c7426f490f9c2779cb544922f8dc3aa466534769d1abf0e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29926461
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9048
expires
Mon, 15 Jan 2024 11:47:55 GMT
img
pix.as.criteo.net/img/ Frame C602 		0
0
img
pix.as.criteo.net/img/ Frame C602 		0
0
img
pix.as.criteo.net/img/ Frame C602 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-fast-dissolve-12-mg-180-fast-dissolve-tablets-7391.jpg&v=3&w=400&s=ISqsuddOqfn3DiL7VHTgtt0b&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw&u=%7CK2WKD9YNtdJ%2BAhyq4p7xIDbZwthVVWlCf%2F0nnqTqxnw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17ZQoVvAuJn96lQ0OMldXHMkQB2VnCIEjLiHMibh9FfVQmqSVhFILBAtd7PGGceBKH6eVo_FvdEycFvJGNp3pFo1rw7ucOEla8g4n2dfgG1vOiIUQI8P296rG4LflUxDZIKIsPHVR0YIfa5wCGkhQIY3DbbrLvK3Q7jGzikF9VFprm16SV05JXCx8rZYrhx_Sq6LqtxCIffPYCPSe88MxFH7-dR9K8NP-qEp_e0EIdPpdNw5IdlhpUzntJm29oyhSzU1fF-qMXZ_mWP4hW8jyvMpMOkFoI_yWcr4UI9pwn2ED1w3lPZs0pW8j5u8f-dvRB3KepFDEnAaV5vT63SPNGyDdlW1vpVbzSIT18WzJscLkqNAMuSHtkK_symCCeplP3OVvARX2X3n_BjcXbtFzZKB7j6GuIJ5xktezi8lRzd1NFlQb4qMI38ZFhrvs42O5g1bFGRv1dhVBLptQdxtck4qxLzot__kDMg40eim69xfDBvYqUBZUFYHYGYfyF4hG22LexQjbBsJKTesd7hmeBer&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJFWGK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgwJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfUZaV9TOCEVJkaTBwbILqUvGQVzj2vl4Z5kJI7ts65jADDRED2AlSvLb4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqlfHYVH0CEns0TxGO75rWbQPWA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
39e4688dedfe0092b93ee22ca85d9c8560d96b6e8392cb84b55945be68e1c61e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29433394
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9920
expires
Tue, 09 Jan 2024 18:50:08 GMT
img
pix.as.criteo.net/img/ Frame C602 		0
0
img
pix.as.criteo.net/img/ Frame C602 		0
0
img
pix.as.criteo.net/img/ Frame C602 		0
0
img
pix.as.criteo.net/img/ Frame C602 		0
0
img
pix.as.criteo.net/img/ Frame C602 		0
0
img
pix.as.criteo.net/img/ Frame C602 		0
0
img
pix.as.criteo.net/img/ Frame C602 		0
0
img
pix.as.criteo.net/img/ Frame C602 		0
0
all
csm.as.criteo.net/ Frame C602 		0
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C602 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAEJ5MFS4qeAApNT2CvZkrelgNCW8xYTw&u=%7CK2WKD9YNtdJ%2BAhyq4p7xIDbZwthVVWlCf%2F0nnqTqxnw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17ZQoVvAuJn96lQ0OMldXHMkQB2VnCIEjLiHMibh9FfVQmqSVhFILBAtd7PGGceBKH6eVo_FvdEycFvJGNp3pFo1rw7ucOEla8g4n2dfgG1vOiIUQI8P296rG4LflUxDZIKIsPHVR0YIfa5wCGkhQIY3DbbrLvK3Q7jGzikF9VFprm16SV05JXCx8rZYrhx_Sq6LqtxCIffPYCPSe88MxFH7-dR9K8NP-qEp_e0EIdPpdNw5IdlhpUzntJm29oyhSzU1fF-qMXZ_mWP4hW8jyvMpMOkFoI_yWcr4UI9pwn2ED1w3lPZs0pW8j5u8f-dvRB3KepFDEnAaV5vT63SPNGyDdlW1vpVbzSIT18WzJscLkqNAMuSHtkK_symCCeplP3OVvARX2X3n_BjcXbtFzZKB7j6GuIJ5xktezi8lRzd1NFlQb4qMI38ZFhrvs42O5g1bFGRv1dhVBLptQdxtck4qxLzot__kDMg40eim69xfDBvYqUBZUFYHYGYfyF4hG22LexQjbBsJKTesd7hmeBer&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJFWGK3fcY5PPEJ6VrtoPz5qpwA-Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQJnytVgxbinPuACAKgDAaoEgwJP0FXvAvvWZGuiYikY2YehEwqdhLZJYX6rcFprmV15qh8Oc_kTXq75ua9NGXuHrhtoxQh626wB10enFUtpIXLBDBw1XmUtFah3ID4sUakhUSfgw6NwsrsZ2F9ZYfDcE4shTL8KtHAwI8JGhj1XNh9ieBa2qwtjdQEuX3eWNHNuyBM1SgQ_tZkl37X4kw82zj2Yzh7hJMQtixJNtPz_I_3qTG_WuQ-EUhVWN7Kea13FUteESsrnwlxElwIEFBsyjbvG-Fa9WExapQARSO4JywRrVD1D2L9_YRTEfUZaV9TOCEVJkaTBwbILqUvGQVzj2vl4Z5kJI7ts65jADDRED2AlSvLb4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqlfHYVH0CEns0TxGO75rWbQPWA%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C602 		0
0
truncated
/ Frame 7B2B 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1a87df2d9b8b8e0f3f6bb834e8e73e25ba233ddaa3599fef3cbc53af901a0a3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E1FD 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
748b2953317de435bc1ee6777b8674765941a2a0d93582fa3fe682f6053fbd1d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CD6D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
400678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 11:35:35 GMT
expires
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B9FE 		783 B
918 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
668a42f73b42585d562e3a18c03f20a63b83c6023083884c535dc62a16854e22
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tSKVhU4wMlkxYrd6D6nmYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-tSKVhU4wMlkxYrd6D6nmYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:53:33 GMT
expires
Fri, 03 Feb 2023 02:53:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
privacy_small.svg
static.criteo.net/flash/icon/ Frame F8A2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAHQIwKK0rIAAUbrX7HXEQBoKL6Vypxlw&u=%7CK2WKD9YNtdI1GGfiMDkXTvGap7Xm2IieGvaikBTHuKc%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17Zx54SgB-jhHCZ0QL_txak9jztzuyeBRCLzP48FwoLcvn9_gd7Vmr-5HMvUgl_PJDdPGAP_bb8OQ3B9gyr51FEmBW-2XpX-N5tBltmcFDzDE1k-3Jor7rBlXCsCdrvh_7de0oGyQg2N5T2hEyAcV6aKWZwdKI44h3OdMwKlHxetin2sp-E5n3osbonzmzxD3LNCNegAclpPxuIPZ3rkkOfoEVMuoV757LOMTi75C-5wMyfzfFm7ey4v4MogNspTDtd7E7U8y2w6btgv8lw-u4mh2PDo-6Z-7RNVK8n-UrtVHcxl32RYgplOIu7X6HhFGCA0pRaTfMrfPq0A3fZOOCF3wHFtu85U6oiSay_3WY1nyscoS_trHXnz9n_1AQLwTvl5Wk2v2FoFpP-6yQS_-sKRv8p7tC7gWdD6kAH-nPtDwWPWeaEKVT3IhZlFOTDLqs2EeDTSzrx74wmiea73GsQrRkM9jbK6WjL2sMNnRLqL7gbQwh_tqn9HCgKzEfdHNakW-6QuRmxT0s6Le9y1FiWX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFhniK3fcY4yBHciVrQGtt5TIDJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAofQl3pbvqc-4AIAqAMBqgSFAk_QWEN2UO_UbkwNl1Wz_QnVnwsTTnn--omWbRGd9kfmFFqjVVtW497W_ihtlMblWGIjSOp4781-X4wAk9Y0Rk03sR6Y_OPlQu2jxU5_g7Bl9TLzkjaS64UA8REVL_uP7CV5An3ii3HLDAlAzPD8uvsxwL66WwwiG-wPXQRWc3lWW2l1x3TnVNvaTsLWi0Lyh2ePH3u7eAqi_cCC5C_YCqZYN8rwWu14v6h2pkn7RDke-XKJyDHNY_8ZOMVg3719eRA_xwaN_xS2A46kXA_AlCr0-0-j-VyX90OJ85CVqLts32kKKbdIVwJcPHR7L3jESDjZ1pl-JqY0BiBGPUJ-9eOjmSAow-AEAYAG1MPjwJC7t4NEoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gj18ATyzTHtRaWwTdZgvPcJb3eg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame F8A2 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAHQIwKK0rIAAUbrX7HXEQBoKL6Vypxlw&u=%7CK2WKD9YNtdI1GGfiMDkXTvGap7Xm2IieGvaikBTHuKc%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17Zx54SgB-jhHCZ0QL_txak9jztzuyeBRCLzP48FwoLcvn9_gd7Vmr-5HMvUgl_PJDdPGAP_bb8OQ3B9gyr51FEmBW-2XpX-N5tBltmcFDzDE1k-3Jor7rBlXCsCdrvh_7de0oGyQg2N5T2hEyAcV6aKWZwdKI44h3OdMwKlHxetin2sp-E5n3osbonzmzxD3LNCNegAclpPxuIPZ3rkkOfoEVMuoV757LOMTi75C-5wMyfzfFm7ey4v4MogNspTDtd7E7U8y2w6btgv8lw-u4mh2PDo-6Z-7RNVK8n-UrtVHcxl32RYgplOIu7X6HhFGCA0pRaTfMrfPq0A3fZOOCF3wHFtu85U6oiSay_3WY1nyscoS_trHXnz9n_1AQLwTvl5Wk2v2FoFpP-6yQS_-sKRv8p7tC7gWdD6kAH-nPtDwWPWeaEKVT3IhZlFOTDLqs2EeDTSzrx74wmiea73GsQrRkM9jbK6WjL2sMNnRLqL7gbQwh_tqn9HCgKzEfdHNakW-6QuRmxT0s6Le9y1FiWX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFhniK3fcY4yBHciVrQGtt5TIDJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAofQl3pbvqc-4AIAqAMBqgSFAk_QWEN2UO_UbkwNl1Wz_QnVnwsTTnn--omWbRGd9kfmFFqjVVtW497W_ihtlMblWGIjSOp4781-X4wAk9Y0Rk03sR6Y_OPlQu2jxU5_g7Bl9TLzkjaS64UA8REVL_uP7CV5An3ii3HLDAlAzPD8uvsxwL66WwwiG-wPXQRWc3lWW2l1x3TnVNvaTsLWi0Lyh2ePH3u7eAqi_cCC5C_YCqZYN8rwWu14v6h2pkn7RDke-XKJyDHNY_8ZOMVg3719eRA_xwaN_xS2A46kXA_AlCr0-0-j-VyX90OJ85CVqLts32kKKbdIVwJcPHR7L3jESDjZ1pl-JqY0BiBGPUJ-9eOjmSAow-AEAYAG1MPjwJC7t4NEoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gj18ATyzTHtRaWwTdZgvPcJb3eg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame F8A2 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAHQIwKK0rIAAUbrX7HXEQBoKL6Vypxlw&u=%7CK2WKD9YNtdI1GGfiMDkXTvGap7Xm2IieGvaikBTHuKc%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17Zx54SgB-jhHCZ0QL_txak9jztzuyeBRCLzP48FwoLcvn9_gd7Vmr-5HMvUgl_PJDdPGAP_bb8OQ3B9gyr51FEmBW-2XpX-N5tBltmcFDzDE1k-3Jor7rBlXCsCdrvh_7de0oGyQg2N5T2hEyAcV6aKWZwdKI44h3OdMwKlHxetin2sp-E5n3osbonzmzxD3LNCNegAclpPxuIPZ3rkkOfoEVMuoV757LOMTi75C-5wMyfzfFm7ey4v4MogNspTDtd7E7U8y2w6btgv8lw-u4mh2PDo-6Z-7RNVK8n-UrtVHcxl32RYgplOIu7X6HhFGCA0pRaTfMrfPq0A3fZOOCF3wHFtu85U6oiSay_3WY1nyscoS_trHXnz9n_1AQLwTvl5Wk2v2FoFpP-6yQS_-sKRv8p7tC7gWdD6kAH-nPtDwWPWeaEKVT3IhZlFOTDLqs2EeDTSzrx74wmiea73GsQrRkM9jbK6WjL2sMNnRLqL7gbQwh_tqn9HCgKzEfdHNakW-6QuRmxT0s6Le9y1FiWX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFhniK3fcY4yBHciVrQGtt5TIDJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAofQl3pbvqc-4AIAqAMBqgSFAk_QWEN2UO_UbkwNl1Wz_QnVnwsTTnn--omWbRGd9kfmFFqjVVtW497W_ihtlMblWGIjSOp4781-X4wAk9Y0Rk03sR6Y_OPlQu2jxU5_g7Bl9TLzkjaS64UA8REVL_uP7CV5An3ii3HLDAlAzPD8uvsxwL66WwwiG-wPXQRWc3lWW2l1x3TnVNvaTsLWi0Lyh2ePH3u7eAqi_cCC5C_YCqZYN8rwWu14v6h2pkn7RDke-XKJyDHNY_8ZOMVg3719eRA_xwaN_xS2A46kXA_AlCr0-0-j-VyX90OJ85CVqLts32kKKbdIVwJcPHR7L3jESDjZ1pl-JqY0BiBGPUJ-9eOjmSAow-AEAYAG1MPjwJC7t4NEoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gj18ATyzTHtRaWwTdZgvPcJb3eg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 29 Jan 2024 02:53:33 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame F8A2 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAHQIwKK0rIAAUbrX7HXEQBoKL6Vypxlw&u=%7CK2WKD9YNtdI1GGfiMDkXTvGap7Xm2IieGvaikBTHuKc%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17Zx54SgB-jhHCZ0QL_txak9jztzuyeBRCLzP48FwoLcvn9_gd7Vmr-5HMvUgl_PJDdPGAP_bb8OQ3B9gyr51FEmBW-2XpX-N5tBltmcFDzDE1k-3Jor7rBlXCsCdrvh_7de0oGyQg2N5T2hEyAcV6aKWZwdKI44h3OdMwKlHxetin2sp-E5n3osbonzmzxD3LNCNegAclpPxuIPZ3rkkOfoEVMuoV757LOMTi75C-5wMyfzfFm7ey4v4MogNspTDtd7E7U8y2w6btgv8lw-u4mh2PDo-6Z-7RNVK8n-UrtVHcxl32RYgplOIu7X6HhFGCA0pRaTfMrfPq0A3fZOOCF3wHFtu85U6oiSay_3WY1nyscoS_trHXnz9n_1AQLwTvl5Wk2v2FoFpP-6yQS_-sKRv8p7tC7gWdD6kAH-nPtDwWPWeaEKVT3IhZlFOTDLqs2EeDTSzrx74wmiea73GsQrRkM9jbK6WjL2sMNnRLqL7gbQwh_tqn9HCgKzEfdHNakW-6QuRmxT0s6Le9y1FiWX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFhniK3fcY4yBHciVrQGtt5TIDJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAofQl3pbvqc-4AIAqAMBqgSFAk_QWEN2UO_UbkwNl1Wz_QnVnwsTTnn--omWbRGd9kfmFFqjVVtW497W_ihtlMblWGIjSOp4781-X4wAk9Y0Rk03sR6Y_OPlQu2jxU5_g7Bl9TLzkjaS64UA8REVL_uP7CV5An3ii3HLDAlAzPD8uvsxwL66WwwiG-wPXQRWc3lWW2l1x3TnVNvaTsLWi0Lyh2ePH3u7eAqi_cCC5C_YCqZYN8rwWu14v6h2pkn7RDke-XKJyDHNY_8ZOMVg3719eRA_xwaN_xS2A46kXA_AlCr0-0-j-VyX90OJ85CVqLts32kKKbdIVwJcPHR7L3jESDjZ1pl-JqY0BiBGPUJ-9eOjmSAow-AEAYAG1MPjwJC7t4NEoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gj18ATyzTHtRaWwTdZgvPcJb3eg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 29 Jan 2024 02:53:33 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame F8A2 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=-gEZYSqv98XlwcaED8si394oxGn_hSpjZPn2uXQGnJaiEswdftowCVs0oXzAWWDh28FNAlPxu1RHmfdheCUHMEIervLz8qhV0XsXCExvHgUFvhwzWENsfc0qP3WGqH82ICTYd5EvMEERaZ9yWUzkqLDABbgiUfyCJJFLXUacg1kFjZfKSDYPH51NAvxuWxoRBgaYjSZCaf-686t-Ihx2F6fWC0xIfyktqqprBcdK8Zp52nplQ0H87seguZf2_ZigvwOWuNxQnkV05jgoqNcpQhaHsjYELbslO5zYiJVOwydpCCflIkknEalTuPgdr3zb48nt9inQkihjmSTH9LG5-i5BG9po1u0I--ZxdOx0nQHXeHzSJtwTmVM1puD58b5ro1o5WBqc6Q9_lHMW6gRGBLGgpayapMteN-Mn9dLf9IAySzRW
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAHQIwKK0rIAAUbrX7HXEQBoKL6Vypxlw&u=%7CK2WKD9YNtdI1GGfiMDkXTvGap7Xm2IieGvaikBTHuKc%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17Zx54SgB-jhHCZ0QL_txak9jztzuyeBRCLzP48FwoLcvn9_gd7Vmr-5HMvUgl_PJDdPGAP_bb8OQ3B9gyr51FEmBW-2XpX-N5tBltmcFDzDE1k-3Jor7rBlXCsCdrvh_7de0oGyQg2N5T2hEyAcV6aKWZwdKI44h3OdMwKlHxetin2sp-E5n3osbonzmzxD3LNCNegAclpPxuIPZ3rkkOfoEVMuoV757LOMTi75C-5wMyfzfFm7ey4v4MogNspTDtd7E7U8y2w6btgv8lw-u4mh2PDo-6Z-7RNVK8n-UrtVHcxl32RYgplOIu7X6HhFGCA0pRaTfMrfPq0A3fZOOCF3wHFtu85U6oiSay_3WY1nyscoS_trHXnz9n_1AQLwTvl5Wk2v2FoFpP-6yQS_-sKRv8p7tC7gWdD6kAH-nPtDwWPWeaEKVT3IhZlFOTDLqs2EeDTSzrx74wmiea73GsQrRkM9jbK6WjL2sMNnRLqL7gbQwh_tqn9HCgKzEfdHNakW-6QuRmxT0s6Le9y1FiWX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFhniK3fcY4yBHciVrQGtt5TIDJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAofQl3pbvqc-4AIAqAMBqgSFAk_QWEN2UO_UbkwNl1Wz_QnVnwsTTnn--omWbRGd9kfmFFqjVVtW497W_ihtlMblWGIjSOp4781-X4wAk9Y0Rk03sR6Y_OPlQu2jxU5_g7Bl9TLzkjaS64UA8REVL_uP7CV5An3ii3HLDAlAzPD8uvsxwL66WwwiG-wPXQRWc3lWW2l1x3TnVNvaTsLWi0Lyh2ePH3u7eAqi_cCC5C_YCqZYN8rwWu14v6h2pkn7RDke-XKJyDHNY_8ZOMVg3719eRA_xwaN_xS2A46kXA_AlCr0-0-j-VyX90OJ85CVqLts32kKKbdIVwJcPHR7L3jESDjZ1pl-JqY0BiBGPUJ-9eOjmSAow-AEAYAG1MPjwJC7t4NEoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gj18ATyzTHtRaWwTdZgvPcJb3eg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:53:32 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2824352
expires
Mon, 26 Jul 1997 05:00:00 GMT
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame F8A2 		2 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAHQIwKK0rIAAUbrX7HXEQBoKL6Vypxlw&u=%7CK2WKD9YNtdI1GGfiMDkXTvGap7Xm2IieGvaikBTHuKc%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17Zx54SgB-jhHCZ0QL_txak9jztzuyeBRCLzP48FwoLcvn9_gd7Vmr-5HMvUgl_PJDdPGAP_bb8OQ3B9gyr51FEmBW-2XpX-N5tBltmcFDzDE1k-3Jor7rBlXCsCdrvh_7de0oGyQg2N5T2hEyAcV6aKWZwdKI44h3OdMwKlHxetin2sp-E5n3osbonzmzxD3LNCNegAclpPxuIPZ3rkkOfoEVMuoV757LOMTi75C-5wMyfzfFm7ey4v4MogNspTDtd7E7U8y2w6btgv8lw-u4mh2PDo-6Z-7RNVK8n-UrtVHcxl32RYgplOIu7X6HhFGCA0pRaTfMrfPq0A3fZOOCF3wHFtu85U6oiSay_3WY1nyscoS_trHXnz9n_1AQLwTvl5Wk2v2FoFpP-6yQS_-sKRv8p7tC7gWdD6kAH-nPtDwWPWeaEKVT3IhZlFOTDLqs2EeDTSzrx74wmiea73GsQrRkM9jbK6WjL2sMNnRLqL7gbQwh_tqn9HCgKzEfdHNakW-6QuRmxT0s6Le9y1FiWX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFhniK3fcY4yBHciVrQGtt5TIDJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAofQl3pbvqc-4AIAqAMBqgSFAk_QWEN2UO_UbkwNl1Wz_QnVnwsTTnn--omWbRGd9kfmFFqjVVtW497W_ihtlMblWGIjSOp4781-X4wAk9Y0Rk03sR6Y_OPlQu2jxU5_g7Bl9TLzkjaS64UA8REVL_uP7CV5An3ii3HLDAlAzPD8uvsxwL66WwwiG-wPXQRWc3lWW2l1x3TnVNvaTsLWi0Lyh2ePH3u7eAqi_cCC5C_YCqZYN8rwWu14v6h2pkn7RDke-XKJyDHNY_8ZOMVg3719eRA_xwaN_xS2A46kXA_AlCr0-0-j-VyX90OJ85CVqLts32kKKbdIVwJcPHR7L3jESDjZ1pl-JqY0BiBGPUJ-9eOjmSAow-AEAYAG1MPjwJC7t4NEoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gj18ATyzTHtRaWwTdZgvPcJb3eg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
truncated
/ Frame 9143 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36a746b831b69aaa4854f09290733a28fa13ca3938f8c9ebdd19faaa4e926002

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame F8A2 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAHQIwKK0rIAAUbrX7HXEQBoKL6Vypxlw&u=%7CK2WKD9YNtdI1GGfiMDkXTvGap7Xm2IieGvaikBTHuKc%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17Zx54SgB-jhHCZ0QL_txak9jztzuyeBRCLzP48FwoLcvn9_gd7Vmr-5HMvUgl_PJDdPGAP_bb8OQ3B9gyr51FEmBW-2XpX-N5tBltmcFDzDE1k-3Jor7rBlXCsCdrvh_7de0oGyQg2N5T2hEyAcV6aKWZwdKI44h3OdMwKlHxetin2sp-E5n3osbonzmzxD3LNCNegAclpPxuIPZ3rkkOfoEVMuoV757LOMTi75C-5wMyfzfFm7ey4v4MogNspTDtd7E7U8y2w6btgv8lw-u4mh2PDo-6Z-7RNVK8n-UrtVHcxl32RYgplOIu7X6HhFGCA0pRaTfMrfPq0A3fZOOCF3wHFtu85U6oiSay_3WY1nyscoS_trHXnz9n_1AQLwTvl5Wk2v2FoFpP-6yQS_-sKRv8p7tC7gWdD6kAH-nPtDwWPWeaEKVT3IhZlFOTDLqs2EeDTSzrx74wmiea73GsQrRkM9jbK6WjL2sMNnRLqL7gbQwh_tqn9HCgKzEfdHNakW-6QuRmxT0s6Le9y1FiWX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFhniK3fcY4yBHciVrQGtt5TIDJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAofQl3pbvqc-4AIAqAMBqgSFAk_QWEN2UO_UbkwNl1Wz_QnVnwsTTnn--omWbRGd9kfmFFqjVVtW497W_ihtlMblWGIjSOp4781-X4wAk9Y0Rk03sR6Y_OPlQu2jxU5_g7Bl9TLzkjaS64UA8REVL_uP7CV5An3ii3HLDAlAzPD8uvsxwL66WwwiG-wPXQRWc3lWW2l1x3TnVNvaTsLWi0Lyh2ePH3u7eAqi_cCC5C_YCqZYN8rwWu14v6h2pkn7RDke-XKJyDHNY_8ZOMVg3719eRA_xwaN_xS2A46kXA_AlCr0-0-j-VyX90OJ85CVqLts32kKKbdIVwJcPHR7L3jESDjZ1pl-JqY0BiBGPUJ-9eOjmSAow-AEAYAG1MPjwJC7t4NEoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gj18ATyzTHtRaWwTdZgvPcJb3eg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
img
pix.as.criteo.net/img/ Frame F8A2 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=76&m=0&partner=52913&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F15516%2F190213%2F86f0f1f708604b2d82f69cc681c004dd_untitled-1.png&v=3&w=596&s=ywrMWPeHbKxpAJ0LjoX1w9JJ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAHQIwKK0rIAAUbrX7HXEQBoKL6Vypxlw&u=%7CK2WKD9YNtdI1GGfiMDkXTvGap7Xm2IieGvaikBTHuKc%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17Zx54SgB-jhHCZ0QL_txak9jztzuyeBRCLzP48FwoLcvn9_gd7Vmr-5HMvUgl_PJDdPGAP_bb8OQ3B9gyr51FEmBW-2XpX-N5tBltmcFDzDE1k-3Jor7rBlXCsCdrvh_7de0oGyQg2N5T2hEyAcV6aKWZwdKI44h3OdMwKlHxetin2sp-E5n3osbonzmzxD3LNCNegAclpPxuIPZ3rkkOfoEVMuoV757LOMTi75C-5wMyfzfFm7ey4v4MogNspTDtd7E7U8y2w6btgv8lw-u4mh2PDo-6Z-7RNVK8n-UrtVHcxl32RYgplOIu7X6HhFGCA0pRaTfMrfPq0A3fZOOCF3wHFtu85U6oiSay_3WY1nyscoS_trHXnz9n_1AQLwTvl5Wk2v2FoFpP-6yQS_-sKRv8p7tC7gWdD6kAH-nPtDwWPWeaEKVT3IhZlFOTDLqs2EeDTSzrx74wmiea73GsQrRkM9jbK6WjL2sMNnRLqL7gbQwh_tqn9HCgKzEfdHNakW-6QuRmxT0s6Le9y1FiWX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFhniK3fcY4yBHciVrQGtt5TIDJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAofQl3pbvqc-4AIAqAMBqgSFAk_QWEN2UO_UbkwNl1Wz_QnVnwsTTnn--omWbRGd9kfmFFqjVVtW497W_ihtlMblWGIjSOp4781-X4wAk9Y0Rk03sR6Y_OPlQu2jxU5_g7Bl9TLzkjaS64UA8REVL_uP7CV5An3ii3HLDAlAzPD8uvsxwL66WwwiG-wPXQRWc3lWW2l1x3TnVNvaTsLWi0Lyh2ePH3u7eAqi_cCC5C_YCqZYN8rwWu14v6h2pkn7RDke-XKJyDHNY_8ZOMVg3719eRA_xwaN_xS2A46kXA_AlCr0-0-j-VyX90OJ85CVqLts32kKKbdIVwJcPHR7L3jESDjZ1pl-JqY0BiBGPUJ-9eOjmSAow-AEAYAG1MPjwJC7t4NEoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gj18ATyzTHtRaWwTdZgvPcJb3eg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
8adfe9068b6f9cc594b1d0ce23e9185785920812b8c9ff3cb7524fc03a022def
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28342993
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32923
expires
Thu, 28 Dec 2023 03:56:48 GMT
img
pix.as.criteo.net/img/ Frame F8A2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Felderberries-whole-european-organic-1-lb-454-g-bag-40586.jpg&v=3&w=400&s=CqgfnZitbVqJydH1ic6Ceacw&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAHQIwKK0rIAAUbrX7HXEQBoKL6Vypxlw&u=%7CK2WKD9YNtdI1GGfiMDkXTvGap7Xm2IieGvaikBTHuKc%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17Zx54SgB-jhHCZ0QL_txak9jztzuyeBRCLzP48FwoLcvn9_gd7Vmr-5HMvUgl_PJDdPGAP_bb8OQ3B9gyr51FEmBW-2XpX-N5tBltmcFDzDE1k-3Jor7rBlXCsCdrvh_7de0oGyQg2N5T2hEyAcV6aKWZwdKI44h3OdMwKlHxetin2sp-E5n3osbonzmzxD3LNCNegAclpPxuIPZ3rkkOfoEVMuoV757LOMTi75C-5wMyfzfFm7ey4v4MogNspTDtd7E7U8y2w6btgv8lw-u4mh2PDo-6Z-7RNVK8n-UrtVHcxl32RYgplOIu7X6HhFGCA0pRaTfMrfPq0A3fZOOCF3wHFtu85U6oiSay_3WY1nyscoS_trHXnz9n_1AQLwTvl5Wk2v2FoFpP-6yQS_-sKRv8p7tC7gWdD6kAH-nPtDwWPWeaEKVT3IhZlFOTDLqs2EeDTSzrx74wmiea73GsQrRkM9jbK6WjL2sMNnRLqL7gbQwh_tqn9HCgKzEfdHNakW-6QuRmxT0s6Le9y1FiWX&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFhniK3fcY4yBHciVrQGtt5TIDJj80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAofQl3pbvqc-4AIAqAMBqgSFAk_QWEN2UO_UbkwNl1Wz_QnVnwsTTnn--omWbRGd9kfmFFqjVVtW497W_ihtlMblWGIjSOp4781-X4wAk9Y0Rk03sR6Y_OPlQu2jxU5_g7Bl9TLzkjaS64UA8REVL_uP7CV5An3ii3HLDAlAzPD8uvsxwL66WwwiG-wPXQRWc3lWW2l1x3TnVNvaTsLWi0Lyh2ePH3u7eAqi_cCC5C_YCqZYN8rwWu14v6h2pkn7RDke-XKJyDHNY_8ZOMVg3719eRA_xwaN_xS2A46kXA_AlCr0-0-j-VyX90OJ85CVqLts32kKKbdIVwJcPHR7L3jESDjZ1pl-JqY0BiBGPUJ-9eOjmSAow-AEAYAG1MPjwJC7t4NEoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gj18ATyzTHtRaWwTdZgvPcJb3eg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
b6906582be82dac89e4bd0491e2a1705892bb3d97e7a2eff5ea15d22c82b5d29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29400634
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11482
expires
Tue, 09 Jan 2024 09:44:08 GMT
img
pix.as.criteo.net/img/ Frame F8A2 		0
0
img
pix.as.criteo.net/img/ Frame F8A2 		0
0
img
pix.as.criteo.net/img/ Frame F8A2 		0
0
img
pix.as.criteo.net/img/ Frame F8A2 		0
0
img
pix.as.criteo.net/img/ Frame F8A2 		0
0
img
pix.as.criteo.net/img/ Frame F8A2 		0
0
img
pix.as.criteo.net/img/ Frame F8A2 		0
0
img
pix.as.criteo.net/img/ Frame F8A2 		0
0
all
csm.as.criteo.net/ Frame F8A2 		0
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F8A2 		0
0
privacy.svg
static.criteo.net/flash/icon/ Frame F8A2 		0
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame B69F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAMsMkFS4JXAAsfRnehItg4YdLGXoLh2w&u=%7CK2WKD9YNtdIeQjIPNISZ9iWeAToKd%2BNe0fIod6WITgs%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17aCGQdE8bNId4PEqU_srBfdyjnDfVxze9OICclnp3qkfbhz4nJSm6KMqSGT2uIfxTTz5w_qazhr6JLbAmvxZ2UFP-wr9u6ntGi1DRu6HQnUymBeqth1n9DV74BW1C3VtUkNGqF_BMpQaABTOwOsOkaUiA_a1A9e1ctzwa3CuVJaPoCvhxkyx61iKrNikvlZmlnq8AjgtTwmGG_2N4KxTsRU9pJlJm4961EebOq-NqeGl-MTO9ISuOanzv03XnYKy1gqoDSFU7rYq-zhLlB35luVXAdcX2YjcLkwNhEJ1TUYkhV16Ci-kC3vNmSETv-14EWjebP1QcSsDw0bpx42T6Pqv5ZQgOr69DnRzPerOdyANLQCcm8BWT4duuTggZ73qD7afHq9Brf1mFpe9lw-zmZk_tzIZQQa_s66nplECOyYAkt-PMctmVBdULf3bF2RAvRIKlCFWc-DumVjJ2tmZVV1-xdZCRrzOODlKW6rrSJiqI8QW3y-qGINbJLXAkXBFaxgNo6A9oCPQvVC3uaZ1AgJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHoUK3fcY8nhMteErtoPxr6s-AWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQKH0Jd6W76nPuACAKgDAaoEgwJP0IWqB9CCoYViUOYL3gIvHzpNmmu-xAg2JBGz0VJMbfOeXL1wIg63HXGG5ube5oLrA-oaJbQwTZPepM_Tri-p0QAljGIwJOKOitI5g_odlG_rDi9BbnzL3M8GtNTrFiX0H7GH0Vij9-muDNjDQrgOyuXDXjwaRv2auICIOsN0Iud2lF_QqauLHAdShy9eB9rlJgdvcGua9man87oU6A1mGpEJbENMN9FWhLc09X7bZFT3ltV8CmkqxYVp-gBP4HliL4SzXON6vV_J2eAqWHk_crG7rD19IobAQyeG3kenfo6i8O4CtdydvL0wYBvewEntFoswfGOVgBKhSXyfeucOSQJE4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Vxpaiku3lOcu8CTc_4MITC5j0Gg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame B69F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAMsMkFS4JXAAsfRnehItg4YdLGXoLh2w&u=%7CK2WKD9YNtdIeQjIPNISZ9iWeAToKd%2BNe0fIod6WITgs%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17aCGQdE8bNId4PEqU_srBfdyjnDfVxze9OICclnp3qkfbhz4nJSm6KMqSGT2uIfxTTz5w_qazhr6JLbAmvxZ2UFP-wr9u6ntGi1DRu6HQnUymBeqth1n9DV74BW1C3VtUkNGqF_BMpQaABTOwOsOkaUiA_a1A9e1ctzwa3CuVJaPoCvhxkyx61iKrNikvlZmlnq8AjgtTwmGG_2N4KxTsRU9pJlJm4961EebOq-NqeGl-MTO9ISuOanzv03XnYKy1gqoDSFU7rYq-zhLlB35luVXAdcX2YjcLkwNhEJ1TUYkhV16Ci-kC3vNmSETv-14EWjebP1QcSsDw0bpx42T6Pqv5ZQgOr69DnRzPerOdyANLQCcm8BWT4duuTggZ73qD7afHq9Brf1mFpe9lw-zmZk_tzIZQQa_s66nplECOyYAkt-PMctmVBdULf3bF2RAvRIKlCFWc-DumVjJ2tmZVV1-xdZCRrzOODlKW6rrSJiqI8QW3y-qGINbJLXAkXBFaxgNo6A9oCPQvVC3uaZ1AgJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHoUK3fcY8nhMteErtoPxr6s-AWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQKH0Jd6W76nPuACAKgDAaoEgwJP0IWqB9CCoYViUOYL3gIvHzpNmmu-xAg2JBGz0VJMbfOeXL1wIg63HXGG5ube5oLrA-oaJbQwTZPepM_Tri-p0QAljGIwJOKOitI5g_odlG_rDi9BbnzL3M8GtNTrFiX0H7GH0Vij9-muDNjDQrgOyuXDXjwaRv2auICIOsN0Iud2lF_QqauLHAdShy9eB9rlJgdvcGua9man87oU6A1mGpEJbENMN9FWhLc09X7bZFT3ltV8CmkqxYVp-gBP4HliL4SzXON6vV_J2eAqWHk_crG7rD19IobAQyeG3kenfo6i8O4CtdydvL0wYBvewEntFoswfGOVgBKhSXyfeucOSQJE4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Vxpaiku3lOcu8CTc_4MITC5j0Gg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B69F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAMsMkFS4JXAAsfRnehItg4YdLGXoLh2w&u=%7CK2WKD9YNtdIeQjIPNISZ9iWeAToKd%2BNe0fIod6WITgs%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17aCGQdE8bNId4PEqU_srBfdyjnDfVxze9OICclnp3qkfbhz4nJSm6KMqSGT2uIfxTTz5w_qazhr6JLbAmvxZ2UFP-wr9u6ntGi1DRu6HQnUymBeqth1n9DV74BW1C3VtUkNGqF_BMpQaABTOwOsOkaUiA_a1A9e1ctzwa3CuVJaPoCvhxkyx61iKrNikvlZmlnq8AjgtTwmGG_2N4KxTsRU9pJlJm4961EebOq-NqeGl-MTO9ISuOanzv03XnYKy1gqoDSFU7rYq-zhLlB35luVXAdcX2YjcLkwNhEJ1TUYkhV16Ci-kC3vNmSETv-14EWjebP1QcSsDw0bpx42T6Pqv5ZQgOr69DnRzPerOdyANLQCcm8BWT4duuTggZ73qD7afHq9Brf1mFpe9lw-zmZk_tzIZQQa_s66nplECOyYAkt-PMctmVBdULf3bF2RAvRIKlCFWc-DumVjJ2tmZVV1-xdZCRrzOODlKW6rrSJiqI8QW3y-qGINbJLXAkXBFaxgNo6A9oCPQvVC3uaZ1AgJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHoUK3fcY8nhMteErtoPxr6s-AWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQKH0Jd6W76nPuACAKgDAaoEgwJP0IWqB9CCoYViUOYL3gIvHzpNmmu-xAg2JBGz0VJMbfOeXL1wIg63HXGG5ube5oLrA-oaJbQwTZPepM_Tri-p0QAljGIwJOKOitI5g_odlG_rDi9BbnzL3M8GtNTrFiX0H7GH0Vij9-muDNjDQrgOyuXDXjwaRv2auICIOsN0Iud2lF_QqauLHAdShy9eB9rlJgdvcGua9man87oU6A1mGpEJbENMN9FWhLc09X7bZFT3ltV8CmkqxYVp-gBP4HliL4SzXON6vV_J2eAqWHk_crG7rD19IobAQyeG3kenfo6i8O4CtdydvL0wYBvewEntFoswfGOVgBKhSXyfeucOSQJE4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Vxpaiku3lOcu8CTc_4MITC5j0Gg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 29 Jan 2024 02:53:33 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame B69F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAMsMkFS4JXAAsfRnehItg4YdLGXoLh2w&u=%7CK2WKD9YNtdIeQjIPNISZ9iWeAToKd%2BNe0fIod6WITgs%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17aCGQdE8bNId4PEqU_srBfdyjnDfVxze9OICclnp3qkfbhz4nJSm6KMqSGT2uIfxTTz5w_qazhr6JLbAmvxZ2UFP-wr9u6ntGi1DRu6HQnUymBeqth1n9DV74BW1C3VtUkNGqF_BMpQaABTOwOsOkaUiA_a1A9e1ctzwa3CuVJaPoCvhxkyx61iKrNikvlZmlnq8AjgtTwmGG_2N4KxTsRU9pJlJm4961EebOq-NqeGl-MTO9ISuOanzv03XnYKy1gqoDSFU7rYq-zhLlB35luVXAdcX2YjcLkwNhEJ1TUYkhV16Ci-kC3vNmSETv-14EWjebP1QcSsDw0bpx42T6Pqv5ZQgOr69DnRzPerOdyANLQCcm8BWT4duuTggZ73qD7afHq9Brf1mFpe9lw-zmZk_tzIZQQa_s66nplECOyYAkt-PMctmVBdULf3bF2RAvRIKlCFWc-DumVjJ2tmZVV1-xdZCRrzOODlKW6rrSJiqI8QW3y-qGINbJLXAkXBFaxgNo6A9oCPQvVC3uaZ1AgJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHoUK3fcY8nhMteErtoPxr6s-AWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQKH0Jd6W76nPuACAKgDAaoEgwJP0IWqB9CCoYViUOYL3gIvHzpNmmu-xAg2JBGz0VJMbfOeXL1wIg63HXGG5ube5oLrA-oaJbQwTZPepM_Tri-p0QAljGIwJOKOitI5g_odlG_rDi9BbnzL3M8GtNTrFiX0H7GH0Vij9-muDNjDQrgOyuXDXjwaRv2auICIOsN0Iud2lF_QqauLHAdShy9eB9rlJgdvcGua9man87oU6A1mGpEJbENMN9FWhLc09X7bZFT3ltV8CmkqxYVp-gBP4HliL4SzXON6vV_J2eAqWHk_crG7rD19IobAQyeG3kenfo6i8O4CtdydvL0wYBvewEntFoswfGOVgBKhSXyfeucOSQJE4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Vxpaiku3lOcu8CTc_4MITC5j0Gg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 29 Jan 2024 02:53:33 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame B69F 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=Kjc3zyqv98XlwcaED8si394oxGk4wfIJXkY25e4GfwzavGhl9fV0WP9gpzNtZj7KPXDM-a3fp_va8Wvjk8bqaEbVCjh1njwIbvlxdzuHRllojP2owFNttUw0qQr4RabMPx5Sv-XOyplMGMbOXEBM5j7UOK5ftbeCawJ2IkilXEyBEqOtN8X68k9LUszRW4cJwcsptdFAVwNJkj43swIiu5jRauxtNKadlQfEVoBNSxMrqm09XqFTCn0rKPCPG-1w-HxRUMzHqsWy7N4m9-K7nmpIZ7thaicV_vA1otzI-N9BpWAxAdxA2ho5BNHzWdE3dxAktq7OR-56T_YxnHpltkZnHpxuACBSGAanFpDf0w1uoWuYlecBBtV08Ortd2s_b2AELuOEaEZrOMqKmEiRu3bBYYPVgKBBzL2VkGAwHDH6_k1c
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAMsMkFS4JXAAsfRnehItg4YdLGXoLh2w&u=%7CK2WKD9YNtdIeQjIPNISZ9iWeAToKd%2BNe0fIod6WITgs%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17aCGQdE8bNId4PEqU_srBfdyjnDfVxze9OICclnp3qkfbhz4nJSm6KMqSGT2uIfxTTz5w_qazhr6JLbAmvxZ2UFP-wr9u6ntGi1DRu6HQnUymBeqth1n9DV74BW1C3VtUkNGqF_BMpQaABTOwOsOkaUiA_a1A9e1ctzwa3CuVJaPoCvhxkyx61iKrNikvlZmlnq8AjgtTwmGG_2N4KxTsRU9pJlJm4961EebOq-NqeGl-MTO9ISuOanzv03XnYKy1gqoDSFU7rYq-zhLlB35luVXAdcX2YjcLkwNhEJ1TUYkhV16Ci-kC3vNmSETv-14EWjebP1QcSsDw0bpx42T6Pqv5ZQgOr69DnRzPerOdyANLQCcm8BWT4duuTggZ73qD7afHq9Brf1mFpe9lw-zmZk_tzIZQQa_s66nplECOyYAkt-PMctmVBdULf3bF2RAvRIKlCFWc-DumVjJ2tmZVV1-xdZCRrzOODlKW6rrSJiqI8QW3y-qGINbJLXAkXBFaxgNo6A9oCPQvVC3uaZ1AgJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHoUK3fcY8nhMteErtoPxr6s-AWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQKH0Jd6W76nPuACAKgDAaoEgwJP0IWqB9CCoYViUOYL3gIvHzpNmmu-xAg2JBGz0VJMbfOeXL1wIg63HXGG5ube5oLrA-oaJbQwTZPepM_Tri-p0QAljGIwJOKOitI5g_odlG_rDi9BbnzL3M8GtNTrFiX0H7GH0Vij9-muDNjDQrgOyuXDXjwaRv2auICIOsN0Iud2lF_QqauLHAdShy9eB9rlJgdvcGua9man87oU6A1mGpEJbENMN9FWhLc09X7bZFT3ltV8CmkqxYVp-gBP4HliL4SzXON6vV_J2eAqWHk_crG7rD19IobAQyeG3kenfo6i8O4CtdydvL0wYBvewEntFoswfGOVgBKhSXyfeucOSQJE4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Vxpaiku3lOcu8CTc_4MITC5j0Gg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:53:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3365148
expires
Mon, 26 Jul 1997 05:00:00 GMT
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame B69F 		2 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAMsMkFS4JXAAsfRnehItg4YdLGXoLh2w&u=%7CK2WKD9YNtdIeQjIPNISZ9iWeAToKd%2BNe0fIod6WITgs%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17aCGQdE8bNId4PEqU_srBfdyjnDfVxze9OICclnp3qkfbhz4nJSm6KMqSGT2uIfxTTz5w_qazhr6JLbAmvxZ2UFP-wr9u6ntGi1DRu6HQnUymBeqth1n9DV74BW1C3VtUkNGqF_BMpQaABTOwOsOkaUiA_a1A9e1ctzwa3CuVJaPoCvhxkyx61iKrNikvlZmlnq8AjgtTwmGG_2N4KxTsRU9pJlJm4961EebOq-NqeGl-MTO9ISuOanzv03XnYKy1gqoDSFU7rYq-zhLlB35luVXAdcX2YjcLkwNhEJ1TUYkhV16Ci-kC3vNmSETv-14EWjebP1QcSsDw0bpx42T6Pqv5ZQgOr69DnRzPerOdyANLQCcm8BWT4duuTggZ73qD7afHq9Brf1mFpe9lw-zmZk_tzIZQQa_s66nplECOyYAkt-PMctmVBdULf3bF2RAvRIKlCFWc-DumVjJ2tmZVV1-xdZCRrzOODlKW6rrSJiqI8QW3y-qGINbJLXAkXBFaxgNo6A9oCPQvVC3uaZ1AgJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHoUK3fcY8nhMteErtoPxr6s-AWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQKH0Jd6W76nPuACAKgDAaoEgwJP0IWqB9CCoYViUOYL3gIvHzpNmmu-xAg2JBGz0VJMbfOeXL1wIg63HXGG5ube5oLrA-oaJbQwTZPepM_Tri-p0QAljGIwJOKOitI5g_odlG_rDi9BbnzL3M8GtNTrFiX0H7GH0Vij9-muDNjDQrgOyuXDXjwaRv2auICIOsN0Iud2lF_QqauLHAdShy9eB9rlJgdvcGua9man87oU6A1mGpEJbENMN9FWhLc09X7bZFT3ltV8CmkqxYVp-gBP4HliL4SzXON6vV_J2eAqWHk_crG7rD19IobAQyeG3kenfo6i8O4CtdydvL0wYBvewEntFoswfGOVgBKhSXyfeucOSQJE4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Vxpaiku3lOcu8CTc_4MITC5j0Gg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
animejs.js
static.criteo.net/animejs/ Frame B69F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAMsMkFS4JXAAsfRnehItg4YdLGXoLh2w&u=%7CK2WKD9YNtdIeQjIPNISZ9iWeAToKd%2BNe0fIod6WITgs%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17aCGQdE8bNId4PEqU_srBfdyjnDfVxze9OICclnp3qkfbhz4nJSm6KMqSGT2uIfxTTz5w_qazhr6JLbAmvxZ2UFP-wr9u6ntGi1DRu6HQnUymBeqth1n9DV74BW1C3VtUkNGqF_BMpQaABTOwOsOkaUiA_a1A9e1ctzwa3CuVJaPoCvhxkyx61iKrNikvlZmlnq8AjgtTwmGG_2N4KxTsRU9pJlJm4961EebOq-NqeGl-MTO9ISuOanzv03XnYKy1gqoDSFU7rYq-zhLlB35luVXAdcX2YjcLkwNhEJ1TUYkhV16Ci-kC3vNmSETv-14EWjebP1QcSsDw0bpx42T6Pqv5ZQgOr69DnRzPerOdyANLQCcm8BWT4duuTggZ73qD7afHq9Brf1mFpe9lw-zmZk_tzIZQQa_s66nplECOyYAkt-PMctmVBdULf3bF2RAvRIKlCFWc-DumVjJ2tmZVV1-xdZCRrzOODlKW6rrSJiqI8QW3y-qGINbJLXAkXBFaxgNo6A9oCPQvVC3uaZ1AgJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHoUK3fcY8nhMteErtoPxr6s-AWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQKH0Jd6W76nPuACAKgDAaoEgwJP0IWqB9CCoYViUOYL3gIvHzpNmmu-xAg2JBGz0VJMbfOeXL1wIg63HXGG5ube5oLrA-oaJbQwTZPepM_Tri-p0QAljGIwJOKOitI5g_odlG_rDi9BbnzL3M8GtNTrFiX0H7GH0Vij9-muDNjDQrgOyuXDXjwaRv2auICIOsN0Iud2lF_QqauLHAdShy9eB9rlJgdvcGua9man87oU6A1mGpEJbENMN9FWhLc09X7bZFT3ltV8CmkqxYVp-gBP4HliL4SzXON6vV_J2eAqWHk_crG7rD19IobAQyeG3kenfo6i8O4CtdydvL0wYBvewEntFoswfGOVgBKhSXyfeucOSQJE4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Vxpaiku3lOcu8CTc_4MITC5j0Gg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
img
pix.as.criteo.net/img/ Frame B69F 		0
0
img
pix.as.criteo.net/img/ Frame B69F 		0
0
img
pix.as.criteo.net/img/ Frame B69F 		0
0
img
pix.as.criteo.net/img/ Frame B69F 		0
0
img
pix.as.criteo.net/img/ Frame B69F 		0
0
img
pix.as.criteo.net/img/ Frame B69F 		0
0
img
pix.as.criteo.net/img/ Frame B69F 		0
0
img
pix.as.criteo.net/img/ Frame B69F 		0
0
img
pix.as.criteo.net/img/ Frame B69F 		0
0
img
pix.as.criteo.net/img/ Frame B69F 		0
0
all
csm.as.criteo.net/ Frame B69F 		0
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B69F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAMsMkFS4JXAAsfRnehItg4YdLGXoLh2w&u=%7CK2WKD9YNtdIeQjIPNISZ9iWeAToKd%2BNe0fIod6WITgs%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17aCGQdE8bNId4PEqU_srBfdyjnDfVxze9OICclnp3qkfbhz4nJSm6KMqSGT2uIfxTTz5w_qazhr6JLbAmvxZ2UFP-wr9u6ntGi1DRu6HQnUymBeqth1n9DV74BW1C3VtUkNGqF_BMpQaABTOwOsOkaUiA_a1A9e1ctzwa3CuVJaPoCvhxkyx61iKrNikvlZmlnq8AjgtTwmGG_2N4KxTsRU9pJlJm4961EebOq-NqeGl-MTO9ISuOanzv03XnYKy1gqoDSFU7rYq-zhLlB35luVXAdcX2YjcLkwNhEJ1TUYkhV16Ci-kC3vNmSETv-14EWjebP1QcSsDw0bpx42T6Pqv5ZQgOr69DnRzPerOdyANLQCcm8BWT4duuTggZ73qD7afHq9Brf1mFpe9lw-zmZk_tzIZQQa_s66nplECOyYAkt-PMctmVBdULf3bF2RAvRIKlCFWc-DumVjJ2tmZVV1-xdZCRrzOODlKW6rrSJiqI8QW3y-qGINbJLXAkXBFaxgNo6A9oCPQvVC3uaZ1AgJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHoUK3fcY8nhMteErtoPxr6s-AWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQKH0Jd6W76nPuACAKgDAaoEgwJP0IWqB9CCoYViUOYL3gIvHzpNmmu-xAg2JBGz0VJMbfOeXL1wIg63HXGG5ube5oLrA-oaJbQwTZPepM_Tri-p0QAljGIwJOKOitI5g_odlG_rDi9BbnzL3M8GtNTrFiX0H7GH0Vij9-muDNjDQrgOyuXDXjwaRv2auICIOsN0Iud2lF_QqauLHAdShy9eB9rlJgdvcGua9man87oU6A1mGpEJbENMN9FWhLc09X7bZFT3ltV8CmkqxYVp-gBP4HliL4SzXON6vV_J2eAqWHk_crG7rD19IobAQyeG3kenfo6i8O4CtdydvL0wYBvewEntFoswfGOVgBKhSXyfeucOSQJE4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Vxpaiku3lOcu8CTc_4MITC5j0Gg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:33 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame B69F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y9x3KwAMsMkFS4JXAAsfRnehItg4YdLGXoLh2w&u=%7CK2WKD9YNtdIeQjIPNISZ9iWeAToKd%2BNe0fIod6WITgs%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2u1J-FbDXxhoKBXhCprrp3AVXEi6bBI2oIQNhJK24F17aCGQdE8bNId4PEqU_srBfdyjnDfVxze9OICclnp3qkfbhz4nJSm6KMqSGT2uIfxTTz5w_qazhr6JLbAmvxZ2UFP-wr9u6ntGi1DRu6HQnUymBeqth1n9DV74BW1C3VtUkNGqF_BMpQaABTOwOsOkaUiA_a1A9e1ctzwa3CuVJaPoCvhxkyx61iKrNikvlZmlnq8AjgtTwmGG_2N4KxTsRU9pJlJm4961EebOq-NqeGl-MTO9ISuOanzv03XnYKy1gqoDSFU7rYq-zhLlB35luVXAdcX2YjcLkwNhEJ1TUYkhV16Ci-kC3vNmSETv-14EWjebP1QcSsDw0bpx42T6Pqv5ZQgOr69DnRzPerOdyANLQCcm8BWT4duuTggZ73qD7afHq9Brf1mFpe9lw-zmZk_tzIZQQa_s66nplECOyYAkt-PMctmVBdULf3bF2RAvRIKlCFWc-DumVjJ2tmZVV1-xdZCRrzOODlKW6rrSJiqI8QW3y-qGINbJLXAkXBFaxgNo6A9oCPQvVC3uaZ1AgJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHoUK3fcY8nhMteErtoPxr6s-AWY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi05NjAyNTE5NTAyNjE4MjYyyAEJqQKH0Jd6W76nPuACAKgDAaoEgwJP0IWqB9CCoYViUOYL3gIvHzpNmmu-xAg2JBGz0VJMbfOeXL1wIg63HXGG5ube5oLrA-oaJbQwTZPepM_Tri-p0QAljGIwJOKOitI5g_odlG_rDi9BbnzL3M8GtNTrFiX0H7GH0Vij9-muDNjDQrgOyuXDXjwaRv2auICIOsN0Iud2lF_QqauLHAdShy9eB9rlJgdvcGua9man87oU6A1mGpEJbENMN9FWhLc09X7bZFT3ltV8CmkqxYVp-gBP4HliL4SzXON6vV_J2eAqWHk_crG7rD19IobAQyeG3kenfo6i8O4CtdydvL0wYBvewEntFoswfGOVgBKhSXyfeucOSQJE4AQBgAbUw-PAkLu3g0SgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Vxpaiku3lOcu8CTc_4MITC5j0Gg%26client%3Dca-pub-9602519502618262%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:34 GMT
roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame C602 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-3d80"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:34 GMT
cGFzdGVsaW5rLm5ldA==
tcheck.outbrainimg.com/tcheck/check/ Frame 2063 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/cGFzdGVsaW5rLm5ldA==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 02:53:34 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=37969
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
ee6a59d42dcc7327544c100943f76c72
Content-Length
15
Expires
Fri, 03 Feb 2023 13:26:23 GMT
notOutbrain.js
widgets.outbrain.com/nanoWidget/2010130/module/ Frame 2063 		1 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010130/module/notOutbrain.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.45.76 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 03 Feb 2023 02:53:34 GMT
content-encoding
gzip
content-length
21
last-modified
Wed, 01 Feb 2023 13:35:09 GMT
server
AkamaiNetStorage
etag
"68b329da9893e34099c7d8ad5cb9c940:1675260300.524279"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 10 Feb 2023 02:53:34 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 2063 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/jo38iwt7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.45.76 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 05 Mar 2023 02:53:33 GMT
date
Fri, 03 Feb 2023 02:53:33 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
sodar
pagead2.googlesyndication.com/pagead/ Frame B9FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023013001&jk=3525526750775539&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
pagead2.googlesyndication.com/bg/ Frame CD6D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 20:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
194620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14413
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Jan 2024 20:49:54 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame E1FD 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.45.76 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 05 Mar 2023 02:53:33 GMT
date
Fri, 03 Feb 2023 02:53:33 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
cGFzdGVsaW5rLm5ldA==
tcheck.outbrainimg.com/tcheck/check/ Frame E1FD 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/cGFzdGVsaW5rLm5ldA==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 02:53:34 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=37969
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
ee6a59d42dcc7327544c100943f76c72
Content-Length
15
Expires
Fri, 03 Feb 2023 13:26:23 GMT
notOutbrain.js
widgets.outbrain.com/nanoWidget/2010130/module/ Frame E1FD 		1 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010130/module/notOutbrain.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.45.76 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 03 Feb 2023 02:53:34 GMT
content-encoding
gzip
content-length
21
last-modified
Wed, 01 Feb 2023 13:35:09 GMT
server
AkamaiNetStorage
etag
"68b329da9893e34099c7d8ad5cb9c940:1675260300.524279"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 10 Feb 2023 02:53:34 GMT
roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame F8A2 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:53:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-3d80"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 02:53:34 GMT
get
odb.outbrain.com/utils/ Frame 2063 		0
0
get
odb.outbrain.com/utils/ Frame E1FD 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 23A1 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOz18bobHHdAf4V6Hlx3Q9ii1zC3um_qWmTbChqQFVnELiKIr5slbjuJ1zmHNmZIdokWt0wTwvT--LKfKXqsSrFrxe&sig=Cg0ArKJSzNlztst9Pi-QEAE&id=lidar2&mcvt=1000&p=798,513,1048,813&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=245733266&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675392811701&rpt=1445&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:53:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame C602 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7B2B 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuiy7OSi1plmuvX1_l9lALqn2EIDfJLuisrtpWCvGj3TCfP1l2jh5K2PwPlRDic0D58cQXTQunkXhsFE4CZQMV107f&sig=Cg0ArKJSzObN4g0ofINYEAE&id=lidar2&mcvt=1000&p=317,310,567,610&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2603746535&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675392811888&rpt=1340&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:53:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame F8A2 		0
0
img
pix.as.criteo.net/img/ Frame F8A2 		0
0
generate_204
tpc.googlesyndication.com/ Frame CD6D 		0
0
img
pix.as.criteo.net/img/ Frame F8A2 		0
0
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame E1FD 		0
0
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame 2063 		0
0
img
pix.as.criteo.net/img/ Frame C602 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pro.ip-api.com
URL
https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?h=1200&m=0&partner=52913&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F15516%2F190311%2F91a732842c2741499d6b5fe221a27afa_img_horizontal_1.png&v=3&w=1200&s=a0vKkwdp5oPl61O7tGuXtwmd
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmega-multi-for-men-50-plus-100-coated-caplets-1950.jpg&v=3&w=400&s=on9OU7m925J2aKG9Leo4Z9gd&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-gummies-natural-berry-10-mg-per-serving-70-vegan-gummies-15501.jpg&v=3&w=400&s=qXcZJxWRJZuwFq32wP8T1vKE&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-gummies-natural-cherry-pomegranate-1-mg-60-vegan-gummies-18172.jpg&v=3&w=400&s=vjFMWk_10bc7EwSDWxjGOjZw&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fashwagandha-4500-mg-per-serving-120-quick-release-capsules-15011.jpg&v=3&w=400&s=9-_Nx1ngYM5AM4LIFW_bNfuH&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fprobiotic-10-50-billion-powder-50-billion-2-oz-bottle-41085.jpg&v=3&w=400&s=OXZLcGugRvQ3uiM5Ue6lvoJL&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmilk-thistle-seed-extract-3000-mg-per-serving-100-quick-release-capsules-3541.jpg&v=3&w=400&s=703E3QoO7LIKNwY-7En5ZyT9&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fl-glutathione-reduced-500-mg-50-quick-release-capsules-3921.jpg&v=3&w=400&s=dN2JqdusxVk0trotNTf8Fia1&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Felderberries-whole-european-organic-1-lb-454-g-bag-40586.jpg&v=3&w=400&s=CqgfnZitbVqJydH1ic6Ceacw&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-fast-dissolve-tablets-5-mg-200-fast-dissolve-tablets-4193.jpg&v=3&w=400&s=GjjIBVyORDompN3vGAD5PKG5&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelissa-leaf-lemon-balm-1200-mg-200-quick-release-capsules-45770.jpg&v=3&w=400&s=r74qJveQVXotQfZqQYWhu_mj&b=400
Domain
csm.as.criteo.net
URL
https://csm.as.criteo.net/all?cppv=3&cpp=zYfCCcGANlJHskykefUL8o7RJU9mve730ZpKYYaOM5B--OumZRxKpY5YPIzpfLmy84a1Wc8RGlXcEFyzjwRo8TXFtJ3-vIb3jOd3FG16HjB0N9yDQvdYzUAg08wXC3vOjZ4pqpBP2hFmxQF3lJeK4Z-gBrtwFeDJ6rZUicUyoMRkSfBa3DBBHWNTMRXVYlcnTCvHBLynAZfnoI7g97DFalvcuWbE-rfd3frXIYEMbt5UkdBVJIKx7h4bS9ck2Wz-IU6QKg&sds=2&rev=84569&sendBeacon=true
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/privacy.svg
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-gummies-natural-berry-10-mg-per-serving-70-vegan-gummies-15501.jpg&v=3&w=400&s=qXcZJxWRJZuwFq32wP8T1vKE&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fl-glutathione-reduced-500-mg-50-quick-release-capsules-3921.jpg&v=3&w=400&s=dN2JqdusxVk0trotNTf8Fia1&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmaca-3200-mg-per-serving-120-quick-release-capsules-1981.jpg&v=3&w=400&s=r58xDfT548ktOiHO9-uOj8Y3&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelissa-leaf-lemon-balm-1200-mg-200-quick-release-capsules-45770.jpg&v=3&w=400&s=r74qJveQVXotQfZqQYWhu_mj&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-10-mg-120-tablets-4231.jpg&v=3&w=400&s=nycThUmqCuRUq7uk0XKGzoRw&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Ftestosterone-support-formula-90-vegetarian-capsules-9071.jpg&v=3&w=400&s=4zYKH_RpMJR_clfaI-3QXbal&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fcoq10-with-red-yeast-rice-100-quick-release-capsules-5471.jpg&v=3&w=400&s=WaQyPrxaYOCqOPe0sYjF0Dcx&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmega-strength-nadh-coq10-optimizer-20-mg-60-quick-release-capsules-2591.jpg&v=3&w=400&s=zR8MueGDQ6Y2liVcGIdwlzs5&b=400
Domain
csm.as.criteo.net
URL
https://csm.as.criteo.net/all?cppv=3&cpp=46DJl8GANlJHskykUxqrTPAxN5x6iBcrWQxSvC04o4vrHzj-SZSt6v1F-qTEy7MtdIX9owiGkbeKjXtQ5RcduYdLr7aomV2dIrTHyzCZ1T0VdyPRn-XnV7GseQ7x8j6wVzL0SDuQCwF963XJg9Wvyz_T4cpF3cjJayOpcNoluRVuPJkp9PfHWklMJuoHOzGOTsNxUGK-UlgbONihuVuallROqMHk9iTIaNI8LPGFRYKLUSdQcVWtGStM-6ZdlanGjCFlQ6JLs7x0Lhpm&sds=2&rev=84569&sendBeacon=true
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Domain
static.criteo.net
URL
https://static.criteo.net/flash/icon/privacy.svg
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?h=76&m=0&partner=52913&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F15516%2F190213%2F86f0f1f708604b2d82f69cc681c004dd_untitled-1.png&v=3&w=596&s=ywrMWPeHbKxpAJ0LjoX1w9JJ
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelissa-leaf-lemon-balm-1200-mg-200-quick-release-capsules-45770.jpg&v=3&w=400&s=r74qJveQVXotQfZqQYWhu_mj&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-gummies-natural-berry-10-mg-per-serving-70-vegan-gummies-15501.jpg&v=3&w=400&s=qXcZJxWRJZuwFq32wP8T1vKE&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Felderberries-whole-european-organic-1-lb-454-g-bag-40586.jpg&v=3&w=400&s=CqgfnZitbVqJydH1ic6Ceacw&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Ftestosterone-support-formula-90-vegetarian-capsules-9071.jpg&v=3&w=400&s=4zYKH_RpMJR_clfaI-3QXbal&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fl-glutathione-reduced-500-mg-50-quick-release-capsules-3921.jpg&v=3&w=400&s=dN2JqdusxVk0trotNTf8Fia1&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-fast-dissolve-tablets-5-mg-200-fast-dissolve-tablets-4193.jpg&v=3&w=400&s=GjjIBVyORDompN3vGAD5PKG5&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmega-multi-for-men-50-plus-100-coated-caplets-1950.jpg&v=3&w=400&s=on9OU7m925J2aKG9Leo4Z9gd&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Firish-sea-moss-complex-with-bladderwrack-burdock-root-2250-mg-per-serving-180-quick-release-capsules-18161.jpg&v=3&w=400&s=tyBVQrGL496IV6fIQ8FP7YCa&b=400
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fprostafit-180-capsules-21440.jpg&v=3&w=400&s=eT47eWjC25iR0Jt2ewGVTL7f&b=400
Domain
csm.as.criteo.net
URL
https://csm.as.criteo.net/all?cppv=3&cpp=Y0fV9MGANlJHskykm0aU0TKukvY7s-xtGaj7HcEk1lJslqh1zTPAEKbx8ti_ke1Ssmw1G6N5kdl9n6EExJBsJgv0VRsOsqHFFdd8xxjUZP5k_Cy2E9REII3epTFdpEzWbr4hNzTISgbGgejE965IGeeMzIzzSQfvfFSevGQaNnBUFo-OThl6T0_OcY9dqAbfE_TMEyKJEdETwm2tB-GlPiyYbzyCthYziX1WUowqt5khjyHFIQPtfvxFL0a_OLfl-QVEnA&sds=2&rev=84569&sendBeacon=true
Domain
odb.outbrain.com
URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fpastelink.net%2Fjo38iwt7&idx=0&rand=54970&key=NANOWDGT01&widgetJSId=AR_2&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=728&activeTab=true&ab=0&wl=0&obRecsAbtestVars=1174:3820&settings=true&recs=true&version=2010130&sig=XJsv7uKV&apv=false&&osLang=en-US&winW=728&winH=90&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fpastelink.net%2Fjo38iwt7&ogn=https%3A%2F%2Fpastelink.net%2Fjo38iwt7
Domain
odb.outbrain.com
URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fpastelink.net%2Fjo38iwt7&idx=0&rand=92216&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=300&activeTab=true&ab=0&wl=0&obRecsAbtestVars=1174:3820&settings=true&recs=true&version=2010130&sig=meJnpOBB&apv=false&&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fpastelink.net%2Fjo38iwt7&ogn=https%3A%2F%2Fpastelink.net%2Fjo38iwt7
Domain
csm.as.criteo.net
URL
https://csm.as.criteo.net/all?cppv=3&cpp=zYfCCcGANlJHskykefUL8o7RJU9mve730ZpKYYaOM5B--OumZRxKpY5YPIzpfLmy84a1Wc8RGlXcEFyzjwRo8TXFtJ3-vIb3jOd3FG16HjB0N9yDQvdYzUAg08wXC3vOjZ4pqpBP2hFmxQF3lJeK4Z-gBrtwFeDJ6rZUicUyoMRkSfBa3DBBHWNTMRXVYlcnTCvHBLynAZfnoI7g97DFalvcuWbE-rfd3frXIYEMbt5UkdBVJIKx7h4bS9ck2Wz-IU6QKg&sds=2&rev=84569&sendBeacon=true
Domain
csm.as.criteo.net
URL
https://csm.as.criteo.net/all?cppv=3&cpp=46DJl8GANlJHskykUxqrTPAxN5x6iBcrWQxSvC04o4vrHzj-SZSt6v1F-qTEy7MtdIX9owiGkbeKjXtQ5RcduYdLr7aomV2dIrTHyzCZ1T0VdyPRn-XnV7GseQ7x8j6wVzL0SDuQCwF963XJg9Wvyz_T4cpF3cjJayOpcNoluRVuPJkp9PfHWklMJuoHOzGOTsNxUGK-UlgbONihuVuallROqMHk9iTIaNI8LPGFRYKLUSdQcVWtGStM-6ZdlanGjCFlQ6JLs7x0Lhpm&sds=2&rev=84569&sendBeacon=true
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?h=76&m=0&partner=52913&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F15516%2F190213%2F86f0f1f708604b2d82f69cc681c004dd_untitled-1.png&v=3&w=596&s=ywrMWPeHbKxpAJ0LjoX1w9JJ
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?1e_TpQ
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Felderberries-whole-european-organic-1-lb-454-g-bag-40586.jpg&v=3&w=400&s=CqgfnZitbVqJydH1ic6Ceacw&b=400
Domain
log.outbrainimg.com
URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1675392814705&sessionId=9d217903-7e33-2a65-691a-7eb4a608fa68&url=pastelink.net&cheqSource=1&cheqEvent=3&responseTime=967
Domain
log.outbrainimg.com
URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1675392814706&sessionId=414b5ecd-2d9e-0c6d-828f-072b4681e5bb&url=pastelink.net&cheqSource=1&cheqEvent=3&responseTime=999
Domain
pix.as.criteo.net
URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52913&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmaca-3200-mg-per-serving-120-quick-release-capsules-1981.jpg&v=3&w=400&s=r58xDfT548ktOiHO9-uOj8Y3&b=400

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontentvisibilityautostatechange function| $ function| jQuery function| Cookies object| dataLayer object| googletag object| advally object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| advpbjs undefined| cmd function| find_height function| setCookie function| copyToClipboard function| getCookie function| eraseCookie function| validateEmail function| unsure function| clearexplain function| resize function| changeGenerateButtonState function| notify function| removeNotification function| refreshView function| captchaLoaded function| callCustomAjax function| retrieveGetVariables function| setGetVariables string| size object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| advpbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing undefined| conf undefined| ret string| x object| slotRules object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms

13 Cookies

Domain/Path Name / Value
pastelink.net/ Name: PHPSESSID
Value: bd4ej5q441plcd2ai4uvbpo73v
.pastelink.net/ Name: _gcl_au
Value: 1.1.1792138178.1675392809
.pastelink.net/ Name: _ga
Value: GA1.2.1400987578.1675392809
.pastelink.net/ Name: _gid
Value: GA1.2.1983480105.1675392810
.pastelink.net/ Name: _gat_UA-55088947-2
Value: 1
pastelink.net/ Name: plTest
Value: true
.pastelink.net/ Name: _gat_advallyTrackerpl
Value: 1
pastelink.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.doubleclick.net/ Name: IDE
Value: AHWqTUl3G_jhenX5UcrXKH7X_WwVLshXue-5BiGsi1iKu4JVSX7d-Lzw1AsuATGJkxQ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.pastelink.net/ Name: __gads
Value: ID=efedc82901b04a12:T=1675392811:S=ALNI_MZLzITF_EFrWeYbIrv45L_5ddH5Nw
.pastelink.net/ Name: __gpi
Value: UID=00000bb40833fdbc:T=1675392811:RT=1675392811:S=ALNI_MaOhrQrZfv4q9J_fDZahWr5vHM6Gg
.pastelink.net/ Name: _ga_S3DKHVPF03
Value: GS1.1.1675392809.1.0.1675392812.0.0.0

1 Console Messages

Source Level URL
Text
other warning URL: https://610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

610943b563621a09d2a552b67857d62c.safeframe.googlesyndication.com
ads.as.criteo.com
adservice.google.co.nz
adservice.google.com
cat.sg1.as.criteo.com
cdn.adligature.com
cdnjs.cloudflare.com
code.jquery.com
csm.as.criteo.net
fonts.googleapis.com
fonts.gstatic.com
log.outbrainimg.com
odb.outbrain.com
pagead2.googlesyndication.com
pastelink.net
pix.as.criteo.net
pro.ip-api.com
rtb.jp2.as.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
csm.as.criteo.net
log.outbrainimg.com
odb.outbrain.com
pix.as.criteo.net
pro.ip-api.com
static.criteo.net
tpc.googlesyndication.com
104.17.24.14
104.21.93.14
142.250.4.155
142.250.4.156
142.250.4.94
142.250.4.95
142.251.10.132
142.251.12.105
142.251.12.94
142.251.12.97
172.217.194.154
172.253.118.138
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.148
182.161.74.19
23.195.153.196
23.72.45.76
69.16.175.42
74.125.24.154
74.125.68.132
74.125.68.155
89.35.29.15
01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d
01894c475661e9e96bf36907c597f61284ab29d4d654e4c72fbd024664447738
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
194e559f51337bc74515628e683e9ae1fc897207cf9ce2dc12eaeab520fb3c76
197fae860dffcf520a5c68d66e3f9b0a55e7d845871e919eb8bb3969bd242cca
1c36492a8f4f52f916f38368d77be0f0944fa0304b5981dac5fac0cfd71b3280
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
28e3e3001edea4154dea2ebdd82415dfbf74f9f7a441cbf4475ab215eedbdca2
2a472551ae09f481c7426f490f9c2779cb544922f8dc3aa466534769d1abf0e7
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2e917526e2a06884d0ff22fc60f4b89f569ff0bc0546e8439030348e5b180648
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f3e28cb913fc9229304149e55fc4cabf206f707d068f05554692f38ea2f358
36a746b831b69aaa4854f09290733a28fa13ca3938f8c9ebdd19faaa4e926002
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
39e4688dedfe0092b93ee22ca85d9c8560d96b6e8392cb84b55945be68e1c61e
3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e73bc3c154b44d86813c0345ff992da7f8d68e93504ccccd273d359a773e85
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
58569e727c468f7c3c28e3c4d4f7bb71fc7417484d743aaf754c9b4c82ff8936
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d9828b637fb2daa38f1b1374faacea1c3e3f900b3db46a171a346810391ff7b
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64e5af2cd0b350ad3b3307757bee155f5e39f4f1ada61e50324e96b974070057
668a42f73b42585d562e3a18c03f20a63b83c6023083884c535dc62a16854e22
7214340be8d3056311050126062812a56269e125420c4ba757608e0391bdc8e5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
748b2953317de435bc1ee6777b8674765941a2a0d93582fa3fe682f6053fbd1d
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
7b624576673db56a254ac196222eb86d59d5ffffc6098e7c9c99589d5d8dd04b
7cfc76a8654b5253ce6055cfdc7a952a8715e651c49de0fccca18520758dcf13
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8adfe9068b6f9cc594b1d0ce23e9185785920812b8c9ff3cb7524fc03a022def
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8d4fed648bc1ca358ff10bbe206d951f835017104243827784f99539cf627910
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8febb4e50970e5b0766a727dd1114505a726abac6b828b02b63839677e69be89
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
99573f838bdd796418ebcb6b6eea425c4e3f0950b65d06abf78c39d96fced8f1
9a81c4b9e8dc8a2499466cff86f589e0cc3d26f6d84e590012cb30c0f58f3908
9ec1b156a4da96888ff25aed81932c41430ad953502be5fb6f6465e23892d784
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0
ad4cc1ac47104d7d5a6bd0070ddf6cde2fe6ffeeb1b3062ad4c2c4c5449dd1a9
b21db9a0933a44b0ec6b5ab1cdb13d3d2ea068d5bc76e7c84f4b4bebbc8f6cf2
b6906582be82dac89e4bd0491e2a1705892bb3d97e7a2eff5ea15d22c82b5d29
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c64cda3c1c7c935b57b27894caec3b370b98d70011c8e5ea2f31691be13c8fe7
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
cc512301255515966a31281192fd886494b8ff8a8ce75ecba79d13b1b50e2f96
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba
db2363029b4f54378ff6662b39bc15138122f515494fc54048fd89a70485fe55
dc5cd273567cdb37d8a124ffbe5601f684cd87b4a4fa0203f4625eb68b8848da
e1a87df2d9b8b8e0f3f6bb834e8e73e25ba233ddaa3599fef3cbc53af901a0a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebfd96030683611d9ed054682f1ddf8b9098bc7d10105602b338605b0ae82a9a
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbbc0c530804b54cf89a96964b7c8f1ab1c12f979cde4fe693815a584dae9d1
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f6991bb6b4b957f7398c31a035bf07c8a6a51d2689e6b5470db91f1a354ec351
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e