www.usnetads.com Open in urlscan Pro
192.81.128.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.usnetads.com/view/item-132281563-naruto-costumes.html
Submission: On December 17 via manual (December 17th 2022, 8:03:21 pm UTC) from GB — Scanned from NZ

Summary HTTP 86 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 15 domains to perform 86 HTTP transactions. The main IP is 192.81.128.168, located in Fremont, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is www.usnetads.com.

This is the only time www.usnetads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	192.81.128.168 192.81.128.168	63949 (LINODE-AP...) (LINODE-AP Linode)
1	172.217.194.157 172.217.194.157	15169 (GOOGLE) (GOOGLE)
2	142.251.12.113 142.251.12.113	15169 (GOOGLE) (GOOGLE)
3	172.217.194.155 172.217.194.155	15169 (GOOGLE) (GOOGLE)
8	74.125.68.154 74.125.68.154	15169 (GOOGLE) (GOOGLE)
1	74.125.24.155 74.125.24.155	15169 (GOOGLE) (GOOGLE)
2	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
2	142.251.10.156 142.251.10.156	15169 (GOOGLE) (GOOGLE)
1	182.161.74.19 182.161.74.19	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	182.161.73.148 182.161.73.148	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
8	142.251.10.132 142.251.10.132	15169 (GOOGLE) (GOOGLE)
4	142.251.10.154 142.251.10.154	15169 (GOOGLE) (GOOGLE)
4	23.36.252.26 23.36.252.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	42.99.140.144 42.99.140.144	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
2	104.83.196.24 104.83.196.24	16625 (AKAMAI-AS) (AKAMAI-AS)
20	182.161.73.129 182.161.73.129	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	182.161.73.132 182.161.73.132	() ()
3	104.17.25.14 104.17.25.14	() ()
86	19

3 192.81.128.168 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li587-168.members.linode.com

www.usnetads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.113 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.125.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

adservice.google.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

rtb.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.252.26 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net

qsearch-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.83.196.24 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.73.132 (None, )

ASN- ()

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 637 pix.as.criteo.net Failed csm.as.criteo.net Failed	57 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	256 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	53 KB
7	criteo.com rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 18795 ads.as.criteo.com — Cisco Umbrella Rank: 14276 cat.sg1.as.criteo.com	147 KB
6	media.net hblg.media.net — Cisco Umbrella Rank: 1815 contextual.media.net — Cisco Umbrella Rank: 540 warp.media.net — Cisco Umbrella Rank: 2500 lg3.media.net cs.media.net Failed	128 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	187 KB
3	cloudflare.com cdnjs.cloudflare.com	14 KB
3	usnetads.com www.usnetads.com	16 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 72	714 B
2	google.co.nz adservice.google.co.nz — Cisco Umbrella Rank: 96946	957 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	17 KB
1	akamaihd.net qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1711
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	698 B
0	loopme.me Failed csync.loopme.me Failed
0	adsrvr.org Failed match.adsrvr.org Failed
86	15

	Domain	Requested by
20	static.criteo.net	ads.as.criteo.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	pagead2.googlesyndication.com	www.usnetads.com pagead2.googlesyndication.com
3	cdnjs.cloudflare.com	ads.as.criteo.com
3	cat.sg1.as.criteo.com	ads.as.criteo.com
3	ads.as.criteo.com	googleads.g.doubleclick.net
3	www.usnetads.com	www.usnetads.com
2	contextual.media.net	googleads.g.doubleclick.net contextual.media.net
2	hblg.media.net	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.nz	pagead2.googlesyndication.com
2	www.google-analytics.com	www.usnetads.com
1	lg3.media.net	googleads.g.doubleclick.net
1	warp.media.net	googleads.g.doubleclick.net
1	qsearch-a.akamaihd.net	googleads.g.doubleclick.net
1	rtb.jp2.as.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	csync.loopme.me Failed	contextual.media.net
0	match.adsrvr.org Failed	contextual.media.net
0	cs.media.net Failed	contextual.media.net
0	csm.as.criteo.net Failed	ads.as.criteo.com
0	pix.as.criteo.net Failed	ads.as.criteo.com
86	24

This site contains links to these domains. Also see Links.

Domain
www.getjob.us
www.canetads.com
www.ukadslist.com
www.aunetads.com
www.innetads.com
www.cnnetads.com
www.hot-web-ads.com
www.usaonlineclassifieds.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.co.nz GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.jp2.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-18` - `2023-01-15`	3 months	crt.sh
*.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-09` - `2023-01-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.sg1.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 11 frames:

Primary Page: http://www.usnetads.com/view/item-132281563-naruto-costumes.html
Frame ID: 67380C18673BD60AC50FDBFB0EFD33D6
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 51D1CF0C267C7A44BF8300BA970192C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792744201717573&output=html&h=90&slotname=7814344073&adk=318489833&adf=1944190185&pi=t.ma~as.7814344073&w=728&lmt=1671307398&format=728x90&url=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&wgl=1&dt=1671307396788&bpp=5&bdt=1232&idt=1527&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5801034794694&frm=20&pv=2&ga_vid=2021846643.1671307397&ga_sid=1671307397&ga_hid=1916590723&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C44774653%2C44779794%2C31071260%2C44780792&oid=2&pvsid=468578084474381&tmod=1152547769&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nGgrA7M5nv&p=http%3A//www.usnetads.com&dtd=1546
Frame ID: CCCEF275F40A0A7BE748EBCC7C6B0763
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792744201717573&output=html&h=250&slotname=9507977999&adk=751855196&adf=2277069107&pi=t.ma~as.9507977999&w=300&lmt=1671307398&format=300x250&url=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&wgl=1&dt=1671307396793&bpp=1&bdt=1237&idt=1549&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5801034794694&frm=20&pv=1&ga_vid=2021846643.1671307397&ga_sid=1671307397&ga_hid=1916590723&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=394&ady=332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C44774653%2C44779794%2C31071260%2C44780792&oid=2&pvsid=468578084474381&tmod=1152547769&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=55dZbSLyxe&p=http%3A//www.usnetads.com&dtd=1552
Frame ID: BF2861E5C77EFE16E20EA675744D0DC6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792744201717573&output=html&adk=1812271804&adf=3025194257&lmt=1671307398&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&ea=0&pra=7&wgl=1&dt=1671307396807&bpp=2&bdt=1250&idt=1540&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&nras=1&correlator=5801034794694&frm=20&pv=1&ga_vid=2021846643.1671307397&ga_sid=1671307397&ga_hid=1916590723&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C44774653%2C44779794%2C31071260%2C44780792&oid=2&pvsid=468578084474381&tmod=1152547769&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=1549
Frame ID: CFCAF535339966714A30D788A2E586F8
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y54ghgALvQ0KaNJJAAZNbv21MU32EkSIUJWsIg&u=%7ChxWpcNSJiO%2FvmNfEcEo6ArFd52SYw6t1ItXA5pk2rpg%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b3yzDWLjy8xNqWsfwr-rVinXwTr72CcdIAPwhrKtVhDpraMNJgcAfOE90M2nd10w_1Qq8-rpMjxomr4Afbbyyw1ZmxTmlFg49YQZy75wX9Mmd_8DPWACq2eSF-3KoJ7hjFbvTrynT8O4ePA7NV0-YwXjrCJoZ2v9xyCm6PKg802XQ0N3ybODo6qkEpgz4KCdLt2EoJJNgNjS7w-AAKwi4z0ksRe0Mq7bLtyz6nfQLgbbAyumkn-nCipAZtmE8IHOqeWMt6Tla0iqOKso_SxZb6fjA6-MprGWyJREXJDFwE2Z77s2SeC0wZeRvFf2IDcPVLGCkKBuN8jp3Xh1gfOK8LU1Nm6idC--sHoTceUw7RY7NrNyLW6JnidX1_V0DGPRkK3OfxqUGQQWCbA6gwZpvbBi-ehcTxXlupr1W28XuKH4rtEW1tyXF1W20gGT5acLXTxfE2xXpCI4S03dfatoohqq6XIlO5bo_WqcJFy8u2ktdyMT5010G_nxeJmWFZCK536H8kqbCbofoG2PUCLECclMYwXqFAPAnULju4ZTNcyondjHw6axtdEAwW1JXwHZ_&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMMAjhiCeY436LsmkowPumplQmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItOTc5Mjc0NDIwMTcxNzU3M8gBCakCuUWLu4Jupj6oAwGqBOIBT9AtId2ox7L97l6XefL7yWwMB06G6mFMb9_DS9T8lNFk0VfdaNknOXOVlFQXzMFl1vfaJbVLSmmMBNcue41mzlAlIXwvclHRbIprIbnnmwag6BbIqyTavvofmzqXSZcSFIV6Fme-tXNOlcCRWWgMVh3ujMEpeQgNP_i_mkLAiwaVoUmsEmeDTEcgrW2_pIUSHMXU_RDZODweCyTvzaviHTaMQnS5MTQZW9INSMqzH5r1pRWFl6glV0QLXQIYqklV-viKfFovhoK6FGEzC6ws4oEoivvK-JTe3j_mtTG5T1ZXvIAGkKnSkLyvn40YoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36SjCu4vMKuHFU-ggjAvAzcw4htA%26client%3Dca-pub-9792744201717573%26adurl%3D
Frame ID: BB0D5F37320D76313670AF12C7BF2121
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0694863A43B7A2BCF0EB66807423B91D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 683486732EC94CDA83B94751E82DC61E
Requests: 4 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y54ghgAMFewK1QIMAAcUSelmojDyAUlkgrs03A&u=%7ChxWpcNSJiO8mEkB2%2F07C7x4dnypCs91QKjA3wMDyEkI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGumt8RG0np2Qq0uBaQ217vC_CsbliYg4lTT9BTXI70sSH7RB4JCxntikYkLM39Ox-nsp9p3WX4h5aU-fpEt-hBtMGyRBY4Mmy0XbLc8mftLnO2MxZxqPg_rEHJ_gZgrRoD0tnhND38rhh23gyEiN7FYAS_TnsaMWHbVaKUtYBj3nUjOETOAlxxG5yubgju2wJDAlrmdXIfFZHVXgLxKZJhE0XXdMaSaAl6AHNDk-TdOKGplhh_x5pw3Y6RLM0JR2uUIYSDdpVyZpa2S4p4yCTj4LHQW_SFw6FTDpOy5BmyPmaS9bVEAcxX3xNaFTynJLmlrkDjfm2RjZBuLMYNWCJw0XKfJhdDTFolL7ypErYZzG19iP_QWreMw_c9dO2tIDM0JLmj2IxuSq-NZxrt8GaX5GmsXk_tZSJGyeTz7V0UrsuLvxa9rELTtUr54O-QX3f0P-Y-5FHR9E0MqQA8cPbLUz2rKDcQ-ZWFM1-_7aPsT7V6EXQeXRDK8iDeF2ssnf_H9d45sJylwFG-MgWXFqBycBUPjss2ILco9NzVp_mvPVGOJREkKGsN8PcDfbxLpZgAmKlFGbKEV-bQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIMLthiCeY-yrMIyE1AbJqJzYB5j80bFcgtza5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk3OTI3NDQyMDE3MTc1NzPIAQmpArlFi7uCbqY-qAMBqgTkAU_QVYQ5YnjSKfUOrbOG_RDN7-TLacmZpm2bLNvNURJswyIjRSqC8SOdf1A1YKBeN8hzMaOe9pZiFJxfrgnbgN19jCpwV8nOoesKykaIxMffq3wChdmvvnRWw115yl9pfqh0w7GOEKtJMHVMOKyrpykAB2xes8QK3kwOoEq3XkNoBx1YPPW7ajH_Vxwto9Q9GGFLf0PNoMvTb4hYR_LrnbQ25xQJP81kq0d0supQJziW4u91fQZ8Pi3kvveOQgiM51sksKBe3ALfKSfh2w9hzsAB88CN-mtsYAXxPW8x3Uj4YPN4loAGkKnSkLyvn40YoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3uPFa0tDTzfPt08La0rvQRQGWeuA%26client%3Dca-pub-9792744201717573%26adurl%3D
Frame ID: 93031EEA830B9EE3DA1F2CD6F38745F4
Requests: 12 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y54ghgAMFe4K1QIMAAcUSSF5RKSzPAHu1OXtwQ&u=%7ChxWpcNSJiO9IQAy3VxfoVZnFnb%2BUJQ2x9P65vX2f8rs%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyIaW8Z6ziH8MUZakyzWxNaDpwhrvrYSa4Ri7Kr4KGKwzEyYXK0wVPOsvQ8V0FhxSSvkvdVLJZKBp_4FPtue8fSTzvbCEXlI5Bov_1qgGUh01pEEpF2MgthMfHpMphJ90Ryj2cD1Ff0DZCc8gQIF_KG7sGEeYaBw2kK4-Z-GmsYGXu-i86SuUYE9iEABKvQ5z7PWYOCdnYSH9lyKpbaC7P2ZD5cTx-s9HHfubtbh0WPVYOYJdSLyYb5pgVxPxO5wVQUa_E1ZH3h0Cqa0xZrRAgwtjm8UpzeUWvtI7eLDI6XdfZ_fZfINT9IhIpIGIaH3IP8iRPQZPWKRCtog_APKT3-Q59InLlcUR8oL8NXiDi4wkohAv9XlvkH2EQmWHPQ-0wcvqBzzs7dv37MgH92QknIuxTBS_UeqNUNIpguv8ydJdsZsJd5b7qU6AgyDebyO24WIaVXeIdq5y_JCgeLV0Z94rD61uH-MflyNlsacXodciPPpeIaOdMhG0cjOz0loJ2zHXHJ1VPLvxEjIdCgbnN-4PkPkTFPcok-ss2ZXoamruDJdaN-VceLLUEFfnoUPIyKWTz1wjtLHNSM6hbATnPr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9CH9hiCeY-6rMIyE1AbJqJzYB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk3OTI3NDQyMDE3MTc1NzPIAQmpArlFi7uCbqY-qAMBqgTjAU_Q5wWYGfxyt9CkXxaftSI7jqbypJNPg8aOZ4PDDJ3asppiCepWGYJoA0KYIjZscZPlU6Qd26JdJ6whNq1L1wlV79dE0r4zsE9VdrpqZAw_WQ5sbT4aOia3K7P4ywWxsq0qvMR0IXibOGVzSPbVQD7_HQamcuoxAfBnrJkXt2QZdS0_iTgJZvt7TYYMxCLPY8mdUfRBA5RBg78e2pfhz5VQJ_6l6ZZfCv36dbKaGh9kdMBk_byW-AeW6WVy7SH698IHWvn-AI4-XNOF_H4A-kXyp05Z494ftHibgZlHlyZh-FmZgAaQqdKQvK-fjRigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XngCjE1m75m5ZAM3a5Uss6b5CCg%26client%3Dca-pub-9792744201717573%26adurl%3D
Frame ID: 9929682D5EE9203B81FDDB7805D688A6
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 685AB6E15C0793ABD5DDA003D7B00381
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

naruto costumes (Business Opportunities - Advertising Service)

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

86
Requests

76 %
HTTPS

0 %
IPv6

15
Domains

24
Subdomains

19
IPs

3
Countries

879 kB
Transfer

2400 kB
Size

8
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.getjob.us/
Title: GetJob.us

Search URL Search Domain Scan URL

URL: http://www.canetads.com/
Title: CANetAds.com

Search URL Search Domain Scan URL

URL: http://www.ukadslist.com/
Title: UKAdsList.com

Search URL Search Domain Scan URL

URL: http://www.aunetads.com/
Title: AUNetAds.com

Search URL Search Domain Scan URL

URL: http://www.innetads.com/
Title: INNetAds.com

Search URL Search Domain Scan URL

URL: http://www.cnnetads.com/
Title: CNNetAds.com

Search URL Search Domain Scan URL

URL: http://www.hot-web-ads.com/
Title: Hot-Web-Ads.com

Search URL Search Domain Scan URL

URL: http://www.usaonlineclassifieds.com/
Title: USAOnlineClassifieds.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 6

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=567084827&utmhn=www.usnetads.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=naruto%20costumes%20(Business%20Opportunities%20-%20Advertising%20Service)&utmhid=1916590723&utmr=-&utmp=%2Fview%2Fitem-132281563-naruto-costumes.html&utmht=1671307396827&utmac=UA-136539-1&utmcc=__utma%3D154508092.2021846643.1671307397.1671307397.1671307397.1%3B%2B__utmz%3D154508092.1671307397.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1583660727&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=567084827&utmhn=www.usnetads.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=naruto%20costumes%20(Business%20Opportunities%20-%20Advertising%20Service)&utmhid=1916590723&utmr=-&utmp=%2Fview%2Fitem-132281563-naruto-costumes.html&utmht=1671307396827&utmac=UA-136539-1&utmcc=__utma%3D154508092.2021846643.1671307397.1671307397.1671307397.1%3B%2B__utmz%3D154508092.1671307397.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1583660727&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 82

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzE0MzA5MDAwNzQ0NTQ4MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAAwnla61E9Y95jnnTc-rHI&google_cver=1

86 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request item-132281563-naruto-costumes.html Show response
www.usnetads.com/view/ 7 KB
3 KB 1284ms
930ms Document
text/html 192.81.128.168
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://www.usnetads.com/view/item-132281563-naruto-costumes.html
Protocol: HTTP/1.1
Server: 192.81.128.168 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li587-168.members.linode.com
Software: Apache/2.4.37 (centos) / PHP/7.4.13
Resource Hash: c502bc5ccc9dc5bac07429d32b91ad5b6e88e37234305002153f4590fa1e565b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sat, 17 Dec 2022 20:03:14 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.37 (centos)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.13

GET
H/1.1 200
OK common.css
www.usnetads.com/domain_static/usnetads/css/ 8 KB
8 KB 354ms
353ms Stylesheet
text/css 192.81.128.168
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://www.usnetads.com/domain_static/usnetads/css/common.css
Requested by: Host: www.usnetads.com
URL: http://www.usnetads.com/view/item-132281563-naruto-costumes.html
Protocol: HTTP/1.1
Server: 192.81.128.168 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li587-168.members.linode.com
Software: Apache/2.4.37 (centos) /
Resource Hash: 550da51e312c49c1b20a530dab85efba8244ba03098419c5cfb825485922a0b4

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.usnetads.com/view/item-132281563-naruto-costumes.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 20:03:15 GMT
Last-Modified: Thu, 25 Oct 2018 19:55:38 GMT
Server: Apache/2.4.37 (centos)
ETag: "1f6f-57912fc9be280"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 8047

GET
H/1.1 200
OK usnetads_top_img.png
www.usnetads.com/domain_static/usnetads/images/ 5 KB
5 KB 346ms
346ms Image
image/png 192.81.128.168
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.usnetads.com/domain_static/usnetads/images/usnetads_top_img.png
Requested by: Host: www.usnetads.com
URL: http://www.usnetads.com/view/item-132281563-naruto-costumes.html
Protocol: HTTP/1.1
Server: 192.81.128.168 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li587-168.members.linode.com
Software: Apache/2.4.37 (centos) /
Resource Hash: 780d852d075d17de6e5d0053d496860cb390ceda38cc712544eb3995275ec302

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.usnetads.com/view/item-132281563-naruto-costumes.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 20:03:15 GMT
Last-Modified: Thu, 02 Sep 2010 08:10:41 GMT
Server: Apache/2.4.37 (centos)
ETag: "13f5-48f42599e4240"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5109

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
52 KB 558ms
284ms Script
text/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.usnetads.com
URL: http://www.usnetads.com/view/item-132281563-naruto-costumes.html

Protocol

HTTP/1.1

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

cafe /

Resource Hash

4ea0c471554821144f05690044e3ea7e2939f443d44bccf3129cbeefbfe2ded4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.usnetads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Dec 2022 20:03:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 52255
X-XSS-Protection: 0
Server: cafe
ETag: 3110431043158899539
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sat, 17 Dec 2022 20:03:15 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

821ms
273ms

Script
text/javascript

142.251.12.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.usnetads.com
URL: http://www.usnetads.com/view/item-132281563-naruto-costumes.html

Protocol

Server

142.251.12.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.usnetads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Dec 2022 19:26:51 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2185
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 17 Dec 2022 21:26:51 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
118 KB 850ms
303ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

ce4d1bde257a6dd888670961d004874d5c2d4f3e757a2116e93d4802e23e9673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.usnetads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119962
x-xss-protection: 0
server: cafe
etag: 15918316035980646953
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 20:03:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 51D1 10 KB
5 KB 820ms
272ms Document
text/html 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f154.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usnetads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

age: 76508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 22:48:09 GMT
etag: 10353107486223812946
expires: Fri, 30 Dec 2022 22:48:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=567084827&utmhn=www.usnetads.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=narut...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=567084827&utmhn=www.usnetads.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=naru...

35 B
197 B

274ms
273ms

Image
image/gif

142.251.12.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=567084827&utmhn=www.usnetads.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=naruto%20costumes%20(Business%20Opportunities%20-%20Advertising%20Service)&utmhid=1916590723&utmr=-&utmp=%2Fview%2Fitem-132281563-naruto-costumes.html&utmht=1671307396827&utmac=UA-136539-1&utmcc=__utma%3D154508092.2021846643.1671307397.1671307397.1671307397.1%3B%2B__utmz%3D154508092.1671307397.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1583660727&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.usnetads.com
URL: http://www.usnetads.com/view/item-132281563-naruto-costumes.html

Protocol

Server

142.251.12.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.usnetads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 20:03:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=567084827&utmhn=www.usnetads.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=naruto%20costumes%20(Business%20Opportunities%20-%20Advertising%20Service)&utmhid=1916590723&utmr=-&utmp=%2Fview%2Fitem-132281563-naruto-costumes.html&utmht=1671307396827&utmac=UA-136539-1&utmcc=__utma%3D154508092.2021846643.1671307397.1671307397.1671307397.1%3B%2B__utmz%3D154508092.1671307397.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1583660727&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
698 B 823ms
274ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.usnetads.com&callback=_gfp_s_&client=ca-pub-9792744201717573&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

1f50a63698025476a07e9b67ea0bd71379a36053eb9e66a7108b7f0aad751f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.usnetads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.nz/adsid/ 107 B
792 B 829ms
276ms Script
application/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.nz/adsid/integrator.js?domain=www.usnetads.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.usnetads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 830ms
277ms Script
application/javascript 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.usnetads.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.usnetads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CCCE 23 KB
10 KB 755ms
453ms Document
text/html 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792744201717573&output=html&h=90&slotname=7814344073&adk=318489833&adf=1944190185&pi=t.ma~as.7814344073&w=728&lmt=1671307398&format=728x90&url=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&wgl=1&dt=1671307396788&bpp=5&bdt=1232&idt=1527&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5801034794694&frm=20&pv=2&ga_vid=2021846643.1671307397&ga_sid=1671307397&ga_hid=1916590723&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C44774653%2C44779794%2C31071260%2C44780792&oid=2&pvsid=468578084474381&tmod=1152547769&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nGgrA7M5nv&p=http%3A//www.usnetads.com&dtd=1546

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f154.1e100.net

Software

cafe /

Resource Hash

2752cf746431bd74c023e02795efab0849e341efa599679ae3508c8b9b39b9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usnetads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9881
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 20:03:18 GMT
expires: Sat, 17 Dec 2022 20:03:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF28 31 KB
13 KB 798ms
496ms Document
text/html 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792744201717573&output=html&h=250&slotname=9507977999&adk=751855196&adf=2277069107&pi=t.ma~as.9507977999&w=300&lmt=1671307398&format=300x250&url=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&wgl=1&dt=1671307396793&bpp=1&bdt=1237&idt=1549&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5801034794694&frm=20&pv=1&ga_vid=2021846643.1671307397&ga_sid=1671307397&ga_hid=1916590723&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=394&ady=332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C44774653%2C44779794%2C31071260%2C44780792&oid=2&pvsid=468578084474381&tmod=1152547769&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=55dZbSLyxe&p=http%3A//www.usnetads.com&dtd=1552

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f154.1e100.net

Software

cafe /

Resource Hash

f5605e41b6a330b2ef20e77183aec0dd42607d2ad5413ebc4a6140ab83c6bdbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usnetads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13272
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 20:03:18 GMT
expires: Sat, 17 Dec 2022 20:03:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 574ms
273ms Image
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&tn=DIV&cls=ssBottomFullBar&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.usnetads.com
URL: http://www.usnetads.com/view/item-132281563-naruto-costumes.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.usnetads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 20:03:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CFCA 97 KB
18 KB 855ms
553ms Document
text/html 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792744201717573&output=html&adk=1812271804&adf=3025194257&lmt=1671307398&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&ea=0&pra=7&wgl=1&dt=1671307396807&bpp=2&bdt=1250&idt=1540&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&nras=1&correlator=5801034794694&frm=20&pv=1&ga_vid=2021846643.1671307397&ga_sid=1671307397&ga_hid=1916590723&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C44774653%2C44779794%2C31071260%2C44780792&oid=2&pvsid=468578084474381&tmod=1152547769&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=1549

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f154.1e100.net

Software

cafe /

Resource Hash

e217578d407c6fa9e19241b97881e9f9e742348b7389419416d9b82475922603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usnetads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 17765
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 20:03:18 GMT
expires: Sat, 17 Dec 2022 20:03:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CCCE 0
0 285ms
284ms Fetch
text/html 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEw80hiCeY436LsmkowPumplQmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItOTc5Mjc0NDIwMTcxNzU3M8gBCakCuUWLu4Jupj6oAwGqBN8BT9AtId2ox7L97l6XefL7yWwMB06G6mFMb9_DS9T8lNFk0VfdaNknOXOVlFQXzMFl1vfaJbVLSmmMBNcue41mzlAlIXwvclHRbIprIbnnmwag6BbIqyTavvofmzqXSZcSFIV6Fme-tXNOlcCRWWgMVh3ujMEpeQgNP_i_mkLAiwaVoUmsEmeDTEcgrW2_pIUSHMXU_RDZODweCyTvzaviHTaMQnS5MTQZW9INSMqzH5r1pRWFl6glV0RJXyOKT4fchAcDDcTE0Bh5PXU5nKYC-mmgea1QMSrA8icBXqDHsIAGkKnSkLyvn40YoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTc5Mjc0NDIwMTcxNzU3MxgA&sigh=9cw9UPam-J8&uach_m=[UACH]&cid=CAQSGwDq26N9soqkO70POYTBkJuCnAOD_47bBKlzjRgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792744201717573&output=html&h=90&slotname=7814344073&adk=318489833&adf=1944190185&pi=t.ma~as.7814344073&w=728&lmt=1671307398&format=728x90&url=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&wgl=1&dt=1671307396788&bpp=5&bdt=1232&idt=1527&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5801034794694&frm=20&pv=2&ga_vid=2021846643.1671307397&ga_sid=1671307397&ga_hid=1916590723&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C44774653%2C44779794%2C31071260%2C44780792&oid=2&pvsid=468578084474381&tmod=1152547769&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nGgrA7M5nv&p=http%3A//www.usnetads.com&dtd=1546

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792744201717573&output=html&h=90&slotname=7814344073&adk=318489833&adf=1944190185&pi=t.ma~as.7814344073&w=728&lmt=1671307398&format=728x90&url=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&wgl=1&dt=1671307396788&bpp=5&bdt=1232&idt=1527&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5801034794694&frm=20&pv=2&ga_vid=2021846643.1671307397&ga_sid=1671307397&ga_hid=1916590723&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C44774653%2C44779794%2C31071260%2C44780792&oid=2&pvsid=468578084474381&tmod=1152547769&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nGgrA7M5nv&p=http%3A//www.usnetads.com&dtd=1546
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Dec 2022 20:03:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Dec 2022 20:03:19 GMT

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame CCCE 0
0 953ms
316ms Fetch 182.161.74.19
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kKPhEaOzWdgFWmL4LRICAAAAeWJb3OZKrzMQhiCeY6ZoZTUKmpJU7Q6AABIAAA&wp=Y54ghgALvQ0KaNJJAAZNbv21MU32EkSIUJWsIg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 168697
content-length: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame BB0D 135 KB
46 KB 771ms
290ms Document
text/html 182.161.73.148
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=Y54ghgALvQ0KaNJJAAZNbv21MU32EkSIUJWsIg&u=%7ChxWpcNSJiO%2FvmNfEcEo6ArFd52SYw6t1ItXA5pk2rpg%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b3yzDWLjy8xNqWsfwr-rVinXwTr72CcdIAPwhrKtVhDpraMNJgcAfOE90M2nd10w_1Qq8-rpMjxomr4Afbbyyw1ZmxTmlFg49YQZy75wX9Mmd_8DPWACq2eSF-3KoJ7hjFbvTrynT8O4ePA7NV0-YwXjrCJoZ2v9xyCm6PKg802XQ0N3ybODo6qkEpgz4KCdLt2EoJJNgNjS7w-AAKwi4z0ksRe0Mq7bLtyz6nfQLgbbAyumkn-nCipAZtmE8IHOqeWMt6Tla0iqOKso_SxZb6fjA6-MprGWyJREXJDFwE2Z77s2SeC0wZeRvFf2IDcPVLGCkKBuN8jp3Xh1gfOK8LU1Nm6idC--sHoTceUw7RY7NrNyLW6JnidX1_V0DGPRkK3OfxqUGQQWCbA6gwZpvbBi-ehcTxXlupr1W28XuKH4rtEW1tyXF1W20gGT5acLXTxfE2xXpCI4S03dfatoohqq6XIlO5bo_WqcJFy8u2ktdyMT5010G_nxeJmWFZCK536H8kqbCbofoG2PUCLECclMYwXqFAPAnULju4ZTNcyondjHw6axtdEAwW1JXwHZ_&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMMAjhiCeY436LsmkowPumplQmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItOTc5Mjc0NDIwMTcxNzU3M8gBCakCuUWLu4Jupj6oAwGqBOIBT9AtId2ox7L97l6XefL7yWwMB06G6mFMb9_DS9T8lNFk0VfdaNknOXOVlFQXzMFl1vfaJbVLSmmMBNcue41mzlAlIXwvclHRbIprIbnnmwag6BbIqyTavvofmzqXSZcSFIV6Fme-tXNOlcCRWWgMVh3ujMEpeQgNP_i_mkLAiwaVoUmsEmeDTEcgrW2_pIUSHMXU_RDZODweCyTvzaviHTaMQnS5MTQZW9INSMqzH5r1pRWFl6glV0QLXQIYqklV-viKfFovhoK6FGEzC6ws4oEoivvK-JTe3j_mtTG5T1ZXvIAGkKnSkLyvn40YoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36SjCu4vMKuHFU-ggjAvAzcw4htA%26client%3Dca-pub-9792744201717573%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

26457e165fe908aecdb7a8a163025606c736f6c9f6083a917f992192afbde985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 20:03:18 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=fJW9mGRl55SyR_1elXIXqK1me-6-efB8cLvoRqYYCMslCGE48Q8xDxpVGUKBOZQydvhlr7ePDXFdSFLs2BkKKeeDh8a-HIne6nQ-qEcyswPUGCywKGFaNkSk--j9QIOQfQWQ-UmOKnquFcKSq9PgVDsFGU4R-NtPQThQ-O8wxZFZXQ9ivaILNPgMQve0jBSuOZ4nqJm7rNqrT1q3OdXfKPzNrDEOTU_-XTImrwPmp3EY1PhxuMT6ikQxRcPW8OdGADavuw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 55096820
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CCCE 3 KB
1 KB 883ms
335ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 22:12:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 22:12:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CCCE 18 KB
8 KB 820ms
272ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 22:22:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 22:22:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCCE 153 KB
47 KB 821ms
273ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 20:03:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BF28 0
0 285ms
285ms Fetch
text/html 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cup9xhiCeY8K2L5nuoAPrnr6YB6zX_fBktPaok-ILwI23ARABIABgq-yxheAYggEXY2EtcHViLTk3OTI3NDQyMDE3MTc1NzPIAQmoAwGqBN8BT9AxZWiAIIp2fVGraoRTePbt52PrL8uyi8dTzyc3xAiJZh6UktTso2x4cNpjqBcx9gAqzvwGOxPOJcKZCIrbMIPDGiZod9H8Nal0iRrgoKWTLnVBsyOQH61ncW8hEf6kHZ3PfNmh0o_mMkbOM6Oahp796q2msFIg08VXXMafgLZe9Incy_piRjR_CKWc6hl-LmzsZs-HUdlnXQbpYH12OzlgDC9eyMm81ZIEgS9j9RS6g5I3_x6fk_PJOFKatOu3o-zba731x1XJXM3_uCJteTpAPp1Hd0cOjh13DeNhaYAG2uKxnsqS9rs0oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTc5Mjc0NDIwMTcxNzU3MxgA&sigh=RbTIuy9kjOs&uach_m=[UACH]&cid=CAQSGwDq26N9arW2Gc_iXH68ayt5GWB1ylZ_U8YqvxgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792744201717573&output=html&h=250&slotname=9507977999&adk=751855196&adf=2277069107&pi=t.ma~as.9507977999&w=300&lmt=1671307398&format=300x250&url=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&wgl=1&dt=1671307396793&bpp=1&bdt=1237&idt=1549&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5801034794694&frm=20&pv=1&ga_vid=2021846643.1671307397&ga_sid=1671307397&ga_hid=1916590723&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=394&ady=332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C44774653%2C44779794%2C31071260%2C44780792&oid=2&pvsid=468578084474381&tmod=1152547769&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=55dZbSLyxe&p=http%3A//www.usnetads.com&dtd=1552

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792744201717573&output=html&h=250&slotname=9507977999&adk=751855196&adf=2277069107&pi=t.ma~as.9507977999&w=300&lmt=1671307398&format=300x250&url=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&wgl=1&dt=1671307396793&bpp=1&bdt=1237&idt=1549&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5801034794694&frm=20&pv=1&ga_vid=2021846643.1671307397&ga_sid=1671307397&ga_hid=1916590723&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=394&ady=332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C44774653%2C44779794%2C31071260%2C44780792&oid=2&pvsid=468578084474381&tmod=1152547769&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=55dZbSLyxe&p=http%3A//www.usnetads.com&dtd=1552
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Dec 2022 20:03:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Dec 2022 20:03:19 GMT

GET
H2 200 log
hblg.media.net/ Frame BF28 35 B
0 733ms
241ms Fetch
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=cda9de92d3e8417ca0702a4e7787eaae&bidrestime=1671307398879&cbdp=0.058&ogbdp=0.12&prvReqId=57085639282996_313313607_427170385191&pvid=9&scrid=1700080807683300300025000039600&size=300x250&slotVisibility=1&viewability=88&app=0&cc=NZ&cid=8CU3SX34C&csip=rtb-common-istio-7dc46f856f-ppfrv.SG&device_id=4&dn=usnetads.com&itype=ADX&mang=1&requrl=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&dtc=apac_sg&zone=b&commit_id=1224efef&ugd=4&ctr=6.574622E-4&rme=nurl

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-252-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 20:03:19 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 17 Dec 2022 20:03:19 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame BF28 35 B
0 1028ms
336ms Fetch
image/gif 42.99.140.144
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=&other_prv=9&jar_err=&current_day=6.0&adtyp=0&req_id=L3dzxh0eBMkUHJ4L44KZgw&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=53.5744&exp=&deal_id=&fdbk_id=&second_bidder=*&search_res=52&floor_bucket=0.00&gpid_format=&seat=&rc=-1&size=300x250&url_l1=view&f_seg=&url_l2=item-132281563-naruto-costumes.html&prdp=0.0576&ogcbdp=0.1200&dfpbd=0.0576&server=1&ogerpm_wd_bkt=0-1&model_version=202212171006_generic_adx_2-cid_2&viewability=0.8800&dmm_r=0.2260&cut=52&dmm_l=0.0550&as_cache=1&tcyerpm=&sc=NZ-AUK&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html%2F&bidrestime=1671307398879&cc=NZ&strg=harmony&ss=&current_hour=19&time_stamp=2022-12-17+20%3A03%3A18&model_key=generic_adx_2-cid_2&rvshhon=&mul_ratio=0.0000&bdp=0.1200&ct=Auckland&akey=&mnckfl=0&bdp_bucket=0.10&algo=unison12&dc=apac_sg&splid=&dim4=exploration&erpm_mult=1.000000&dn=usnetads.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=cda9de92d3e8417ca0702a4e7787eaae&zone=b&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=1.0230&bdmm_m7=0.8650&bdmm_m5=1.0000&ver=9.1.2&totalTimeBucket=3&visibility=1&totalTime=3065780&dmm_m1=2022-12-17+20%3A03%3A18.881214079&e_rpm=0.1240&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.9410&cid=8CU3SX34C&bcrid=1700080807683300300025000039600&rawbid=0.1200&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-istio-7dc46f856f-ppfrv.SG&dfp_bucket=0.0&adblk=751855196&itype=adx&pvid_seat=9&cliIP=1952074240&advurl=topics.businessfocus.online%2F&level_base=0&crid=427170385&sat=1&br_id=265&cut_bkt=50&gpid=&iwb=1&dmm_d22=0.05&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.12
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792744201717573&output=html&h=250&slotname=9507977999&adk=751855196&adf=2277069107&pi=t.ma~as.9507977999&w=300&lmt=1671307398&format=300x250&url=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&wgl=1&dt=1671307396793&bpp=1&bdt=1237&idt=1549&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5801034794694&frm=20&pv=1&ga_vid=2021846643.1671307397&ga_sid=1671307397&ga_hid=1916590723&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=394&ady=332&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C44774653%2C44779794%2C31071260%2C44780792&oid=2&pvsid=468578084474381&tmod=1152547769&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=55dZbSLyxe&p=http%3A//www.usnetads.com&dtd=1552
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-144.pacnet.net
Software: /
Resource Hash

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Dec 2022 20:03:20 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sat, 17 Dec 2022 20:03:20 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame BF28 165 KB
57 KB 747ms
257ms Script
text/javascript 104.83.196.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUABW64L

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

eea09ac0ce573b76bd289ea2f9590e70b1988ea6a19be5fc6d754b0d2f8ef628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h: 8-19
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 17 Dec 2022 20:03:19 GMT
server: Apache
etag: "93edfe2235a98811dd82e7c22d4023f9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 8-16
timing-allow-origin: *
expires: Sat, 17 Dec 2022 20:08:19 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame BF28 61 KB
62 KB 715ms
237ms Script
application/javascript 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-252-26.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Sat, 17 Dec 2022 20:03:19 GMT
server: nginx
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=73511
access-control-allow-credentials: true
content-length: 62892
expires: Sun, 18 Dec 2022 16:28:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame BF28 3 KB
1 KB 574ms
272ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 22:12:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 22:12:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame BF28 18 KB
7 KB 766ms
299ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 22:22:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 22:22:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF28 153 KB
47 KB 1146ms
678ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 20:03:19 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 150 KB
51 KB 285ms
285ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

4feccbfffa697baa1b0e7919b2d04d63682c0121ce6dc6dabde8b182a6576200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.usnetads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52346
x-xss-protection: 0
server: cafe
etag: 16025753205266130025
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 20:03:19 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BB0D 2 KB
1 KB 713ms
236ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y54ghgALvQ0KaNJJAAZNbv21MU32EkSIUJWsIg&u=%7ChxWpcNSJiO%2FvmNfEcEo6ArFd52SYw6t1ItXA5pk2rpg%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1b3yzDWLjy8xNqWsfwr-rVinXwTr72CcdIAPwhrKtVhDpraMNJgcAfOE90M2nd10w_1Qq8-rpMjxomr4Afbbyyw1ZmxTmlFg49YQZy75wX9Mmd_8DPWACq2eSF-3KoJ7hjFbvTrynT8O4ePA7NV0-YwXjrCJoZ2v9xyCm6PKg802XQ0N3ybODo6qkEpgz4KCdLt2EoJJNgNjS7w-AAKwi4z0ksRe0Mq7bLtyz6nfQLgbbAyumkn-nCipAZtmE8IHOqeWMt6Tla0iqOKso_SxZb6fjA6-MprGWyJREXJDFwE2Z77s2SeC0wZeRvFf2IDcPVLGCkKBuN8jp3Xh1gfOK8LU1Nm6idC--sHoTceUw7RY7NrNyLW6JnidX1_V0DGPRkK3OfxqUGQQWCbA6gwZpvbBi-ehcTxXlupr1W28XuKH4rtEW1tyXF1W20gGT5acLXTxfE2xXpCI4S03dfatoohqq6XIlO5bo_WqcJFy8u2ktdyMT5010G_nxeJmWFZCK536H8kqbCbofoG2PUCLECclMYwXqFAPAnULju4ZTNcyondjHw6axtdEAwW1JXwHZ_&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMMAjhiCeY436LsmkowPumplQmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItOTc5Mjc0NDIwMTcxNzU3M8gBCakCuUWLu4Jupj6oAwGqBOIBT9AtId2ox7L97l6XefL7yWwMB06G6mFMb9_DS9T8lNFk0VfdaNknOXOVlFQXzMFl1vfaJbVLSmmMBNcue41mzlAlIXwvclHRbIprIbnnmwag6BbIqyTavvofmzqXSZcSFIV6Fme-tXNOlcCRWWgMVh3ujMEpeQgNP_i_mkLAiwaVoUmsEmeDTEcgrW2_pIUSHMXU_RDZODweCyTvzaviHTaMQnS5MTQZW9INSMqzH5r1pRWFl6glV0QLXQIYqklV-viKfFovhoK6FGEzC6ws4oEoivvK-JTe3j_mtTG5T1ZXvIAGkKnSkLyvn40YoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_36SjCu4vMKuHFU-ggjAvAzcw4htA%26client%3Dca-pub-9792744201717573%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame BB0D 2 KB
1 KB 712ms
236ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BB0D 308 B
637 B 709ms
234ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BB0D 293 B
621 B 710ms
235ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame BB0D 43 B
348 B 723ms
238ms Image
image/gif 182.161.73.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=6WvFmx-vg5zriXEi3qKIVNUm5ELivB-cROCGx8lH4UUrcKVCbiKQGToVCIlYKL5pq8entNE9drjhuXIKod3mVPtnts1zvMT6g348duw_FkSWOLPAqg5oIB68bg_fLV4U25bWaFOetbQhS3NX8K7DuGU8O4LF-nXHxci7AGVtq2kf4rA_Vh1rFBEs5PDCJRIwR0hON_L6j2AeSQJWaY5eweTLeSfPgJed3CEoDgMN3CJa6peYd3MfeuQYEMibc5_d3NCSEvBRWbJjZAWmsUHZwgxTohFOnxzNfMhs7FOjsYWnRQiP-do293iVWhd3HChW813-kxqjase8uFMEd0qlnB67wuqm3byJUQjse9fTJuN0Iqcwht8G_ut-05f9cGwDWbEPU_45JWTyTyTk-Cxl6sZrjKQtJ6wbw7eXHMB92-JXGhwY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 20:03:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2967303
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.nz/adsid/ 107 B
165 B 576ms
275ms Script
application/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.nz/adsid/integrator.js?domain=www.usnetads.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.usnetads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 576ms
275ms Script
application/javascript 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.usnetads.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: http://www.usnetads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 0694 10 KB
4 KB 272ms
272ms Document
text/html 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f154.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usnetads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

age: 76621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 22:46:19 GMT
etag: 10353107486223812946
expires: Fri, 30 Dec 2022 22:46:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 6834 10 KB
4 KB 273ms
273ms Document
text/html 74.125.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f154.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.usnetads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

age: 76621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 22:46:19 GMT
etag: 10353107486223812946
expires: Fri, 30 Dec 2022 22:46:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CCCE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff932644da77e1494e39ff6e5a56b54ca0e90b46709e917bf74347d0ce4af29a

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame BB0D 12 KB
5 KB 411ms
148ms Script
application/javascript 104.17.25.14

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 869528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98x7ajAm1bcdZ27%2FSCkif0Qa6JoZbvXMIS6PJaelKt5Eogg7x3r4KINqZGD3cLrAOEUKunFE9thkm3tCmC0ATMt7tP9nC3xA3s%2BL7DHR6IIElyo1RSReIx0dXbfVVA4uTp1be4rL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77b242f808a7a941-SYD
expires: Thu, 07 Dec 2023 20:03:20 GMT

GET
H2 200 d92bafdc02c143feaf3ebf2a104b5093_dax.woff
static.criteo.net/design/dt/ Frame BB0D 22 KB
22 KB 704ms
235ms Font
application/octet-stream 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/d92bafdc02c143feaf3ebf2a104b5093_dax.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

0ffbd5311f578cf5ae5a3e73da32ce165ca780a4854d7fe770699fa85ed87a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
Origin: https://ads.as.criteo.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 01 Mar 2018 16:56:12 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5a9830ac-57bc"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 9303 161 KB
51 KB 275ms
274ms Document
text/html 182.161.73.148
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=Y54ghgAMFewK1QIMAAcUSelmojDyAUlkgrs03A&u=%7ChxWpcNSJiO8mEkB2%2F07C7x4dnypCs91QKjA3wMDyEkI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGumt8RG0np2Qq0uBaQ217vC_CsbliYg4lTT9BTXI70sSH7RB4JCxntikYkLM39Ox-nsp9p3WX4h5aU-fpEt-hBtMGyRBY4Mmy0XbLc8mftLnO2MxZxqPg_rEHJ_gZgrRoD0tnhND38rhh23gyEiN7FYAS_TnsaMWHbVaKUtYBj3nUjOETOAlxxG5yubgju2wJDAlrmdXIfFZHVXgLxKZJhE0XXdMaSaAl6AHNDk-TdOKGplhh_x5pw3Y6RLM0JR2uUIYSDdpVyZpa2S4p4yCTj4LHQW_SFw6FTDpOy5BmyPmaS9bVEAcxX3xNaFTynJLmlrkDjfm2RjZBuLMYNWCJw0XKfJhdDTFolL7ypErYZzG19iP_QWreMw_c9dO2tIDM0JLmj2IxuSq-NZxrt8GaX5GmsXk_tZSJGyeTz7V0UrsuLvxa9rELTtUr54O-QX3f0P-Y-5FHR9E0MqQA8cPbLUz2rKDcQ-ZWFM1-_7aPsT7V6EXQeXRDK8iDeF2ssnf_H9d45sJylwFG-MgWXFqBycBUPjss2ILco9NzVp_mvPVGOJREkKGsN8PcDfbxLpZgAmKlFGbKEV-bQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIMLthiCeY-yrMIyE1AbJqJzYB5j80bFcgtza5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk3OTI3NDQyMDE3MTc1NzPIAQmpArlFi7uCbqY-qAMBqgTkAU_QVYQ5YnjSKfUOrbOG_RDN7-TLacmZpm2bLNvNURJswyIjRSqC8SOdf1A1YKBeN8hzMaOe9pZiFJxfrgnbgN19jCpwV8nOoesKykaIxMffq3wChdmvvnRWw115yl9pfqh0w7GOEKtJMHVMOKyrpykAB2xes8QK3kwOoEq3XkNoBx1YPPW7ajH_Vxwto9Q9GGFLf0PNoMvTb4hYR_LrnbQ25xQJP81kq0d0supQJziW4u91fQZ8Pi3kvveOQgiM51sksKBe3ALfKSfh2w9hzsAB88CN-mtsYAXxPW8x3Uj4YPN4loAGkKnSkLyvn40YoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3uPFa0tDTzfPt08La0rvQRQGWeuA%26client%3Dca-pub-9792744201717573%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

bf54c625866d1384ab27c41d106d53e1eac8a690017b8d74c8ed066bc3f0f514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 20:03:20 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=bUzcJGRl55SyR_1eQpjJy6O--FIDqFdORJb55l2tXY22o_oef9cEBfGg_CxVMItElBHm7nh6mJy6wnv6K4pCmtE-_HrcdSHwk5XirT4dSDcou_0XyNyn-mIdD2BJKhyDbfdB3mdK0yrWoee-ohhXTz49I0sXqdokhCQfyN44_CsnEoHrlF8Z5bxEgXBiW1wZ4KxCQQ0izj-TMOWxHF_zgMJCI7WoZA4uOFIg-DulTR8abyfRoS2aXG8h9CtaoUJFFKMGzr7NYHf8870n"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 39021045
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0694 3 KB
1 KB 574ms
272ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 22:12:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 22:12:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0694 18 KB
7 KB 580ms
278ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 22:22:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 22:22:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0694 153 KB
47 KB 575ms
273ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 20:03:20 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame BB0D 12 KB
6 KB 261ms
261ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 9929 146 KB
49 KB 410ms
410ms Document
text/html 182.161.73.148
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=Y54ghgAMFe4K1QIMAAcUSSF5RKSzPAHu1OXtwQ&u=%7ChxWpcNSJiO9IQAy3VxfoVZnFnb%2BUJQ2x9P65vX2f8rs%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyIaW8Z6ziH8MUZakyzWxNaDpwhrvrYSa4Ri7Kr4KGKwzEyYXK0wVPOsvQ8V0FhxSSvkvdVLJZKBp_4FPtue8fSTzvbCEXlI5Bov_1qgGUh01pEEpF2MgthMfHpMphJ90Ryj2cD1Ff0DZCc8gQIF_KG7sGEeYaBw2kK4-Z-GmsYGXu-i86SuUYE9iEABKvQ5z7PWYOCdnYSH9lyKpbaC7P2ZD5cTx-s9HHfubtbh0WPVYOYJdSLyYb5pgVxPxO5wVQUa_E1ZH3h0Cqa0xZrRAgwtjm8UpzeUWvtI7eLDI6XdfZ_fZfINT9IhIpIGIaH3IP8iRPQZPWKRCtog_APKT3-Q59InLlcUR8oL8NXiDi4wkohAv9XlvkH2EQmWHPQ-0wcvqBzzs7dv37MgH92QknIuxTBS_UeqNUNIpguv8ydJdsZsJd5b7qU6AgyDebyO24WIaVXeIdq5y_JCgeLV0Z94rD61uH-MflyNlsacXodciPPpeIaOdMhG0cjOz0loJ2zHXHJ1VPLvxEjIdCgbnN-4PkPkTFPcok-ss2ZXoamruDJdaN-VceLLUEFfnoUPIyKWTz1wjtLHNSM6hbATnPr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9CH9hiCeY-6rMIyE1AbJqJzYB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk3OTI3NDQyMDE3MTc1NzPIAQmpArlFi7uCbqY-qAMBqgTjAU_Q5wWYGfxyt9CkXxaftSI7jqbypJNPg8aOZ4PDDJ3asppiCepWGYJoA0KYIjZscZPlU6Qd26JdJ6whNq1L1wlV79dE0r4zsE9VdrpqZAw_WQ5sbT4aOia3K7P4ywWxsq0qvMR0IXibOGVzSPbVQD7_HQamcuoxAfBnrJkXt2QZdS0_iTgJZvt7TYYMxCLPY8mdUfRBA5RBg78e2pfhz5VQJ_6l6ZZfCv36dbKaGh9kdMBk_byW-AeW6WVy7SH698IHWvn-AI4-XNOF_H4A-kXyp05Z494ftHibgZlHlyZh-FmZgAaQqdKQvK-fjRigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XngCjE1m75m5ZAM3a5Uss6b5CCg%26client%3Dca-pub-9792744201717573%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

bd7d5a11e9f4af38f9929beacbcd472c9636109ea4780fc95a92c040ae31e824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 20:03:20 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=TgxV12Rl55SyR_1eSrzjqP9EXaGtBOvslDHcKJjbBSi1shHI_Uy_opUlFswybQLCnnG8tI0GLKbpv_JUs0VLvccStg0hf-sH3v6HizbTsbgeMnP6W8zYYA0UJPhtyxD8CM2oUEJvIVPg2WNDz4AKszjHT4cW4PG73d51LOi7AMn9EpdLu7VTUbwYSLjilFU1QBlS2u50_N4ep56K9wnkXXfbovFZw8kdV5GF0iPh65B3e3oUdq3zTjmVzFU6r1VTtylyvg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 45001965
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6834 3 KB
1 KB 636ms
334ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 22:12:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 22:12:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6834 18 KB
7 KB 594ms
293ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 22:22:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Dec 2022 22:22:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6834 153 KB
47 KB 631ms
330ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Dec 2022 20:03:20 GMT

GET img
pix.as.criteo.net/img/ Frame BB0D 0
0

POST all
csm.as.criteo.net/ Frame BB0D 0
0

GET criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BB0D 0
0

GET privacy.svg
static.criteo.net/flash/icon/ Frame BB0D 0
0

GET smtr
contextual.media.net/ Frame BF28 0
0

GET
H2 200 bping.php
lg3.media.net/ Frame BF28 15 B
15 B 248ms
243ms Image
text/html 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=579&&vgd_cdv=835&vgd_cage=2&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=866743147&vi=1671307399369329385&ugd=4&lf=6&cc=NZ&lper=100&wsip=2886781008&r=1671307400433&requrl=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=137409&vgd_rakh=1671307399183475125&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=427170385&vgd_pgid=p1952571068t202212172003&vgd_pgids=1&vgd_uspa=0&hvsid=00001671307400429019520744548467&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-252-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=21600
date: Sat, 17 Dec 2022 20:03:20 GMT
server: Apache
ntcoent-length: 15
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=69660
content-length: 15

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 685A 26 KB
10 KB 269ms
268ms Document
text/html 104.83.196.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.83.196.24 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f0ce366840b7104060efdeee7fe153931aa2c87c41ead36c1599efe79a2707e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9581
content-type: text/html; charset=UTF-8
date: Sat, 17 Dec 2022 20:03:20 GMT
expires: Mon, 19 Dec 2022 20:03:20 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame BF28 35 B
199 B 242ms
241ms Image
image/gif 23.36.252.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5046&lper=1&itypeid=17&itype=ADX&cc=NZ&cid=8CU3SX34C&reqid=L3dzxh0eBMkUHJ4L44KZgw&vid=L3dzxh0eBMkUHJ4L44KZgw&dn=usnetads.com&rawDn=usnetads.com&pid=8PR113JGC&ugd=4&fleet=common-istio&requrl=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=NZ-AUK&ct=Auckland&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-istio-7dc46f856f-ppfrv.SG&dtc=apac_sg&zone=b&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=137409&sckfl=0&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=ADdJoTsa3tGAqD1NzMczzi17T1_PJuA5Uf4Fy0z-FvxzZbEY0XoT4b8I9ZdGPiPsB924NJXd&pexid=ADX-pub-9792744201717573&geoll=false&is_ortb=false&s_ip=172.217.32.131&s_city=singapore&commit_id=1224efef&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2022-12-16+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&rtttime=15&pvid=9&prvAccId=866743147&prvApiId=8CUABW64L&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=427170385&prspt=headerBid&prvReqId=57085639282996_313313607_427170385191&reqsize=300x250&size=300x250&chnl=HARMONY&bdp=0.120&cbdp=0.058&og_cbdp=0.120&ogbdp=0.12&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online%2F&dfpBd=0.058&dt=O&dbf=1&epc=866743147&s=1&snm=SUCCESS&pcrid=8CUABW64L-866743147-51-29&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=88&slotVisibility=1&adpos=1&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&mnrfc=-1&brsrclk=0&bidrestime=1671307398879&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300300025000039600&strg=HARMONY&vls=0&scrid=1700080807683300300025000039600&mang=1&pvdTmax=254&fpusp=false&ae=false&epcexp=false&moau=true&incentive_type=0&ucrid_ver=2&omid=0&apTags%3C%3E=75&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CUABW64L&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=4&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=300x250&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=0&mx_UCC=1&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=f364e2e9ad&acid=cda9de92d3e8417ca0702a4e7787eaae&rtime=6.0&wsip=mowx-istio-f8b8ffcf8-mdbxg&ltime=11.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=751855196&impId=1&reftime=0&reftype=0&psrc=fail&mowxReqId=cda9de92d3e8417ca0702a4e7787eaae_1&policy_enf=2&pub_blk_enf=1&renderer=1&ifst=0&ifdp=0&media=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=6.574622E-4&ctr_vendor=EXCHANGE&rfc=-1&feedback_id=L3dzxh0eBMkUHJ4L44KZgw&viewability_vendor=EXCHANGE&actltime=11&debug_ts=2022-12-17+20%3A03%3A18&__expireat=1671307999133&mview=1&rme=adm&bdata=~bx_len%3D1335~std%3Dna~itype%3DADX~visibility%3D1~city%3DAUCKLAND~ref_cnt%3D0~r_ip%3D116.90.74.0~r_sc%3DNZ-AUK~rbo%3D5_3~bx_rh%3D47DEQpj8HB~bx_asn%3D137409~dmm_d1%3D0~dmm_d2%3DT~dmm_d3%3D0~dmm_d4%3D10~dmm_d5%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D85~dmm_d19%3D1001~dmm_d21%3D-1~dmm_d22%3D0.05~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_new~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~hc%3D0%20%2B%200~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~sgmt%3Dempty~bx_rpc%3D0010011~bx_intmd%3D0~bx_ginsu%3D0~bx_cs%3D0~bx_size%3D300x250~bx_agl2a_l%3D0~bx_l2as%3D0~bx_t_enabled%3D0~bx_t_exp%3D0~bx_exp%3D0~bx_ref_url%3D%40Lhz6grA1wm%2F~bx_tml_suffix%3D%2F~iha%3D0~dmm_l%3D0.055~dmm_r%3D0.226~e_rpm%3D0.124~dmm_m1%3D0.124~dmm_m2%3D0.058~dmm_m3%3D1.000~dmm_m5%3D1.000~dmm_m6%3D1.023~dmm_m7%3D0.865~dmm_m9%3D1.000~dmm_m10%3D1.000~dmm_m11%3D0.922~dmm_m12%3D0.941~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.007~dmm_m16%3D0.226~dmm_m17%3D1.000~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.062~dmm_m25%3D1.000~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m33%3D0.066~dmm_m34%3D1.000~dmm_m39%3D1.000~dmm_m40%3D1.000~dmm_m44%3D1.004~dmm_m45%3D36.000~dmm_m46%3D6139.000~dmm_m47%3D113.000~dmm_m48%3D18864.000~dc%3Dgcp-apac-se1-b~ck_fl%3D0~bhp%3D0~erpm%3D0.124~vbr%3D0~bid%3D0.120~dmm_d39%3D%2Fbid%2FgetExchangeResponse~supply_tag_id%3D%7Eviewability%3D0.88%7Eamp%3D1%7Ecbdp%3D0.058%7Edmm%3Dharmony%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-9792744201717573%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D751855196%7Esobp%3D%7Ectr%3D6.574622E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.120%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~&utime=1557&sf=0&cpr=0.5320715988441078

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.252.26 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-252-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: max-age=3600
date: Sat, 17 Dec 2022 20:03:20 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Sun, 18 Dec 2022 02:03:20 GMT

GET
DATA 200
OK truncated
/ Frame BF28 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e61a500a80a60ce13983cfc7cf1ebc7bb7a3a470b76d0c98c45d31ef69caf1d

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9303 2 KB
1 KB 236ms
235ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y54ghgAMFewK1QIMAAcUSelmojDyAUlkgrs03A&u=%7ChxWpcNSJiO8mEkB2%2F07C7x4dnypCs91QKjA3wMDyEkI%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGumt8RG0np2Qq0uBaQ217vC_CsbliYg4lTT9BTXI70sSH7RB4JCxntikYkLM39Ox-nsp9p3WX4h5aU-fpEt-hBtMGyRBY4Mmy0XbLc8mftLnO2MxZxqPg_rEHJ_gZgrRoD0tnhND38rhh23gyEiN7FYAS_TnsaMWHbVaKUtYBj3nUjOETOAlxxG5yubgju2wJDAlrmdXIfFZHVXgLxKZJhE0XXdMaSaAl6AHNDk-TdOKGplhh_x5pw3Y6RLM0JR2uUIYSDdpVyZpa2S4p4yCTj4LHQW_SFw6FTDpOy5BmyPmaS9bVEAcxX3xNaFTynJLmlrkDjfm2RjZBuLMYNWCJw0XKfJhdDTFolL7ypErYZzG19iP_QWreMw_c9dO2tIDM0JLmj2IxuSq-NZxrt8GaX5GmsXk_tZSJGyeTz7V0UrsuLvxa9rELTtUr54O-QX3f0P-Y-5FHR9E0MqQA8cPbLUz2rKDcQ-ZWFM1-_7aPsT7V6EXQeXRDK8iDeF2ssnf_H9d45sJylwFG-MgWXFqBycBUPjss2ILco9NzVp_mvPVGOJREkKGsN8PcDfbxLpZgAmKlFGbKEV-bQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIMLthiCeY-yrMIyE1AbJqJzYB5j80bFcgtza5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk3OTI3NDQyMDE3MTc1NzPIAQmpArlFi7uCbqY-qAMBqgTkAU_QVYQ5YnjSKfUOrbOG_RDN7-TLacmZpm2bLNvNURJswyIjRSqC8SOdf1A1YKBeN8hzMaOe9pZiFJxfrgnbgN19jCpwV8nOoesKykaIxMffq3wChdmvvnRWw115yl9pfqh0w7GOEKtJMHVMOKyrpykAB2xes8QK3kwOoEq3XkNoBx1YPPW7ajH_Vxwto9Q9GGFLf0PNoMvTb4hYR_LrnbQ25xQJP81kq0d0supQJziW4u91fQZ8Pi3kvveOQgiM51sksKBe3ALfKSfh2w9hzsAB88CN-mtsYAXxPW8x3Uj4YPN4loAGkKnSkLyvn40YoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3uPFa0tDTzfPt08La0rvQRQGWeuA%26client%3Dca-pub-9792744201717573%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9303 2 KB
1 KB 235ms
234ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9303 308 B
636 B 309ms
308ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9303 293 B
621 B 303ms
303ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 9303 43 B
347 B 237ms
237ms Image
image/gif 182.161.73.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=eC4Ffx-vg5zriXEi3qKIVNUm5EJ3Md0_5Amp1m6Vu6GkPm4QqJdpNAggOqYhbJLwis4AT22yuzAmchUF1BRthHLWeYIEiqiGbBZsdF3HCoXRpJO67wnc05khylZ-cJFOtrKNqORGItpYJ67E87VTE5HXKl5LsO3CJVfKk7U67uA_3lZNDMJIGKMYJmw6ta7wbWC9gwwvtCDnrGM5lHSZzP30wBixrj-iNdhc1BLjYYSRgE6UtbJFmjT42PaEn4_YwToh0aaM06Ze4__zgvD7RrBWyzInD2Gn-0veMn55LDwCSunUkIp7KFDOMGv6e3NEt8f5FfW10LZNZw8jv0mXYKIWH9weaziKkMZM6m6RAifN8r9OYRVplzrZWLMN6HXtpikXxvswCPTQXh07BW84eguH5umB4lGvkS8aqUo2Pj_v437t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 20:03:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1932947
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9303 12 KB
5 KB 436ms
147ms Script
application/javascript 104.17.25.14

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 869528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fwxbva0iiZYQFAHiO1FMUroYJ%2BKmw5df4lVvEZJZq28bew%2BgH87Fg5sxUdMyJogbNj1IdBp%2FIBc5ecewRxZDSow9%2FQV5BYSVJbSnfGF9Xc%2B3NAqhxCrSQXIAsYvy3mgHW1GTuYSB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77b242f808a5a941-SYD
expires: Thu, 07 Dec 2023 20:03:20 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9303 12 KB
6 KB 235ms
234ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:20 GMT

POST all
csm.as.criteo.net/ Frame 9303 0
0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9303 2 KB
1 KB 235ms
235ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9303 2 KB
1 KB 234ms
234ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9929 2 KB
1 KB 238ms
237ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y54ghgAMFe4K1QIMAAcUSSF5RKSzPAHu1OXtwQ&u=%7ChxWpcNSJiO9IQAy3VxfoVZnFnb%2BUJQ2x9P65vX2f8rs%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyIaW8Z6ziH8MUZakyzWxNaDpwhrvrYSa4Ri7Kr4KGKwzEyYXK0wVPOsvQ8V0FhxSSvkvdVLJZKBp_4FPtue8fSTzvbCEXlI5Bov_1qgGUh01pEEpF2MgthMfHpMphJ90Ryj2cD1Ff0DZCc8gQIF_KG7sGEeYaBw2kK4-Z-GmsYGXu-i86SuUYE9iEABKvQ5z7PWYOCdnYSH9lyKpbaC7P2ZD5cTx-s9HHfubtbh0WPVYOYJdSLyYb5pgVxPxO5wVQUa_E1ZH3h0Cqa0xZrRAgwtjm8UpzeUWvtI7eLDI6XdfZ_fZfINT9IhIpIGIaH3IP8iRPQZPWKRCtog_APKT3-Q59InLlcUR8oL8NXiDi4wkohAv9XlvkH2EQmWHPQ-0wcvqBzzs7dv37MgH92QknIuxTBS_UeqNUNIpguv8ydJdsZsJd5b7qU6AgyDebyO24WIaVXeIdq5y_JCgeLV0Z94rD61uH-MflyNlsacXodciPPpeIaOdMhG0cjOz0loJ2zHXHJ1VPLvxEjIdCgbnN-4PkPkTFPcok-ss2ZXoamruDJdaN-VceLLUEFfnoUPIyKWTz1wjtLHNSM6hbATnPr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9CH9hiCeY-6rMIyE1AbJqJzYB5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTk3OTI3NDQyMDE3MTc1NzPIAQmpArlFi7uCbqY-qAMBqgTjAU_Q5wWYGfxyt9CkXxaftSI7jqbypJNPg8aOZ4PDDJ3asppiCepWGYJoA0KYIjZscZPlU6Qd26JdJ6whNq1L1wlV79dE0r4zsE9VdrpqZAw_WQ5sbT4aOia3K7P4ywWxsq0qvMR0IXibOGVzSPbVQD7_HQamcuoxAfBnrJkXt2QZdS0_iTgJZvt7TYYMxCLPY8mdUfRBA5RBg78e2pfhz5VQJ_6l6ZZfCv36dbKaGh9kdMBk_byW-AeW6WVy7SH698IHWvn-AI4-XNOF_H4A-kXyp05Z494ftHibgZlHlyZh-FmZgAaQqdKQvK-fjRigBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XngCjE1m75m5ZAM3a5Uss6b5CCg%26client%3Dca-pub-9792744201717573%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9929 2 KB
1 KB 238ms
238ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9929 308 B
636 B 256ms
256ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9929 293 B
621 B 288ms
287ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 12 Dec 2023 20:03:20 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 9929 43 B
347 B 237ms
237ms Image
image/gif 182.161.73.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=LYwL1pRfoeJzV4r1WvBsPo6IkBtByAUepfQUe9acbqFOEDIY8_WfiUB4MoeX2dbAlwqH8Do1W-7dDjHw9MQcNrCmDcfpDTL4R-cL_ymtjIC0Vz_OwbYFTdADM6BxJ3Mzc4dUznW5yyAWvq2S0_4hElYhYjKA_Mva8d0Hgm_3stOaKgYkDe6giUnkAiNT1PBbrfhioLvq03yMliTpMGo385RKh2V0WZuAJaqr18e-9V817JWM7JyFGiGcSU8cumsgIJHOh3-u0ifVMi0Bls9qep6uiZVJm9B1_W3veD2hWJNPSR7UE8WBbMBDr2s-uxv_P7gl1DZdXD5Xx2X6ACor9mtjZp7zcM5fDX-YWRmKFR-ED1vVjWxIddMMgLC4R_pDivhNzw1Yf-ak95fH3G7UueySj6EDGpcj3TgWQ4Y0J0l9-Hmw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Dec 2022 20:03:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1955520
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9929 12 KB
5 KB 265ms
153ms Script
application/javascript 104.17.25.14

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 869528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5U%2Fe2ZCOHBjbYGKAcJjuDsvG92bGTm8OFjK5B1xuwY7v%2FMsWRsBsmQw7sZZJvvn8hhU8WLX9FfizFAJoKKmzF70cGp%2Bj3VTnHbG9n%2B1KsuRH9IqvoCWEgR4Ns%2BB2X%2FyYvg8EZrMG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77b242f808a9a941-SYD
expires: Thu, 07 Dec 2023 20:03:20 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9929 12 KB
6 KB 242ms
241ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:20 GMT

POST all
csm.as.criteo.net/ Frame 9929 0
0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9929 2 KB
1 KB 235ms
234ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:21 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9929 2 KB
1 KB 236ms
236ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:03:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 20:03:21 GMT

GET

cksync
cs.media.net/ Frame 685A
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzE0MzA5MDAwNzQ0NTQ4MTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAAwnla61E9Y95jnnTc-rHI&google_cver=1

0
0

GET generic
match.adsrvr.org/track/cmf/ Frame 685A 0
0

GET /
csync.loopme.me/ Frame 685A 0
0

GET d92bafdc02c143feaf3ebf2a104b5093_dax.woff
static.criteo.net/design/dt/ Frame 9303 0
0

GET d92bafdc02c143feaf3ebf2a104b5093_dax.woff
static.criteo.net/design/dt/ Frame 9929 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pix.as.criteo.net
URL: https://pix.as.criteo.net/img/img?h=176&m=0&partner=86523&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F24511%2F210624%2F388285805f944707b2d798c1befb98f0_logo_h.png&v=3&w=256&s=Dk_qr9vhVJoYYQP26SpTjeVq

Domain: pix.as.criteo.net
URL: https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=86523&q=80&r=0&u=https%3A%2F%2Fwww.shavershop.co.nz%2Fdw%2Fimage%2Fv2%2FABCZ_PRD%2Fon%2Fdemandware.static%2F-%2FSites-shavershop-master-catalog%2Fdefault%2Fdwc1d082d8%2Fhires%2Fmen%2Felectric-shavers%2Felectric-shavers-replacement-parts%2F006333.jpg%3Fsw%3D260&v=3&w=400&s=I5Yk3LAJvkHSqXn98Ph7jp2F&b=400

Domain: pix.as.criteo.net
URL: https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=86523&q=80&r=0&u=https%3A%2F%2Fwww.shavershop.co.nz%2Fdw%2Fimage%2Fv2%2FABCZ_PRD%2Fon%2Fdemandware.static%2F-%2FSites-shavershop-master-catalog%2Fdefault%2Fdwb6bde9e2%2Fhires%2F010169_1.png%3Fsw%3D260&v=3&w=400&s=HLFR3Knyhh--C2_gYspsRGGQ&b=400

Domain: pix.as.criteo.net
URL: https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=86523&q=80&r=0&u=https%3A%2F%2Fwww.shavershop.co.nz%2Fdw%2Fimage%2Fv2%2FABCZ_PRD%2Fon%2Fdemandware.static%2F-%2FSites-shavershop-master-catalog%2Fdefault%2Fdwdaa92b11%2Fhires%2F011837_1.png%3Fsw%3D260&v=3&w=400&s=OnyC80CErBBqvQdJ_4yqWX65&b=400

Domain: csm.as.criteo.net
URL: https://csm.as.criteo.net/all?cppv=3&cpp=fJW9mGRl55SyR_1elXIXqK1me-6-efB8cLvoRqYYCMslCGE48Q8xDxpVGUKBOZQydvhlr7ePDXFdSFLs2BkKKeeDh8a-HIne6nQ-qEcyswPUGCywKGFaNkSk--j9QIOQfQWQ-UmOKnquFcKSq9PgVDsFGU4R-NtPQThQ-O8wxZFZXQ9ivaILNPgMQve0jBSuOZ4nqJm7rNqrT1q3OdXfKPzNrDEOTU_-XTImrwPmp3EY1PhxuMT6ikQxRcPW8OdGADavuw&sds=2&rev=83933&sendBeacon=true

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Domain: static.criteo.net
URL: https://static.criteo.net/flash/icon/privacy.svg

Domain: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=866743147&size=300x250&cc=NZ&chnm=HARMONY&pid=8POHZR87R&tpid=T1E3668&https=1&vif=2&requrl=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&nse=5&vi=1671307399369329385&lw=1&ugd=4&adt1=8CU3SX34C&adt2=427170385&itid=17&bae=B4xB/exaaq&bcpf=B8fOnRrolnfOur84xB%2Fexaaq&bdrId=9&ntv=0&katpre=1&katbid=-103&pgid=p1952571068t202212172003&newfl=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR-tzTzq2cANvQ%3D%3D

Domain: csm.as.criteo.net
URL: https://csm.as.criteo.net/all?cppv=3&cpp=bUzcJGRl55SyR_1eQpjJy6O--FIDqFdORJb55l2tXY22o_oef9cEBfGg_CxVMItElBHm7nh6mJy6wnv6K4pCmtE-_HrcdSHwk5XirT4dSDcou_0XyNyn-mIdD2BJKhyDbfdB3mdK0yrWoee-ohhXTz49I0sXqdokhCQfyN44_CsnEoHrlF8Z5bxEgXBiW1wZ4KxCQQ0izj-TMOWxHF_zgMJCI7WoZA4uOFIg-DulTR8abyfRoS2aXG8h9CtaoUJFFKMGzr7NYHf8870n&sds=2&rev=83933&sendBeacon=true

Domain: csm.as.criteo.net
URL: https://csm.as.criteo.net/all?cppv=3&cpp=TgxV12Rl55SyR_1eSrzjqP9EXaGtBOvslDHcKJjbBSi1shHI_Uy_opUlFswybQLCnnG8tI0GLKbpv_JUs0VLvccStg0hf-sH3v6HizbTsbgeMnP6W8zYYA0UJPhtyxD8CM2oUEJvIVPg2WNDz4AKszjHT4cW4PG73d51LOi7AMn9EpdLu7VTUbwYSLjilFU1QBlS2u50_N4ep56K9wnkXXfbovFZw8kdV5GF0iPh65B3e3oUdq3zTjmVzFU6r1VTtylyvg&sds=2&rev=83933&sendBeacon=true

Domain: cs.media.net
URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAAwnla61E9Y95jnnTc-rHI&google_cver=1

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dloop%26ovsid%3D%7Bviewer_token%7Dhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D6%26vsid%3D3143090007445481000V10%26type%3Dloop%26refUrl%3D%26vid%3D13074008993143090007445481000V10%26ovsid%3D

Domain: static.criteo.net
URL: https://static.criteo.net/design/dt/d92bafdc02c143feaf3ebf2a104b5093_dax.woff

Domain: static.criteo.net
URL: https://static.criteo.net/design/dt/d92bafdc02c143feaf3ebf2a104b5093_dax.woff

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.usnetads.com/	1970-01-20 17:51:07	Name: __utma Value: 154508092.2021846643.1671307397.1671307397.1671307397.1
.usnetads.com/	1969-12-31 23:59:59	Name: __utmc Value: 154508092
.usnetads.com/	1970-01-20 12:37:55	Name: __utmz Value: 154508092.1671307397.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.usnetads.com/	1970-01-20 08:15:07	Name: __utmt Value: 1
.usnetads.com/	1970-01-20 08:15:09	Name: __utmb Value: 154508092.1.10.1671307397
.usnetads.com/	1970-01-20 17:36:43	Name: __gads Value: ID=cc6239aa6f457a57-22603026f2d80006:T=1671307398:RT=1671307398:S=ALNI_MbLMInQdMIrmuBi0iW5Mydz6UqWEA
.usnetads.com/	1970-01-20 17:36:43	Name: __gpi Value: UID=00000b9258f6ce7d:T=1671307398:RT=1671307398:S=ALNI_MbJIklvLyFKw8wpj6n-pjSRegMK9g
.doubleclick.net/	1970-01-20 17:51:07	Name: IDE Value: AHWqTUlbu4dTQQKaTCgxfJ253Mvt_KqmKiv8C8zXqZsBCDrUvZO47aSmJACkF4zqGlY

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9792744201717573&output=html&h=90&slotname=7814344073&adk=318489833&adf=1944190185&pi=t.ma~as.7814344073&w=728&lmt=1671307398&format=728x90&url=http%3A%2F%2Fwww.usnetads.com%2Fview%2Fitem-132281563-naruto-costumes.html&wgl=1&dt=1671307396788&bpp=5&bdt=1232&idt=1527&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&correlator=5801034794694&frm=20&pv=2&ga_vid=2021846643.1671307397&ga_sid=1671307397&ga_hid=1916590723&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C44774653%2C44779794%2C31071260%2C44780792&oid=2&pvsid=468578084474381&tmod=1152547769&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=nGgrA7M5nv&p=http%3A//www.usnetads.com&dtd=1546 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.as.criteo.com
adservice.google.co.nz
adservice.google.com
cat.sg1.as.criteo.com
cdnjs.cloudflare.com
contextual.media.net
cs.media.net
csm.as.criteo.net
csync.loopme.me
googleads.g.doubleclick.net
hblg.media.net
lg3.media.net
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
qsearch-a.akamaihd.net
rtb.jp2.as.criteo.com
static.criteo.net
tpc.googlesyndication.com
warp.media.net
www.google-analytics.com
www.googletagservices.com
www.usnetads.com
contextual.media.net
cs.media.net
csm.as.criteo.net
csync.loopme.me
match.adsrvr.org
pix.as.criteo.net
static.criteo.net
104.17.25.14
104.83.196.24
142.251.10.132
142.251.10.154
142.251.10.156
142.251.12.113
172.217.194.155
172.217.194.157
182.161.73.129
182.161.73.132
182.161.73.148
182.161.74.19
192.81.128.168
23.36.252.26
42.99.140.144
74.125.24.155
74.125.24.157
74.125.68.154
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ffbd5311f578cf5ae5a3e73da32ce165ca780a4854d7fe770699fa85ed87a06
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1f50a63698025476a07e9b67ea0bd71379a36053eb9e66a7108b7f0aad751f5f
26457e165fe908aecdb7a8a163025606c736f6c9f6083a917f992192afbde985
2752cf746431bd74c023e02795efab0849e341efa599679ae3508c8b9b39b9cb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea0c471554821144f05690044e3ea7e2939f443d44bccf3129cbeefbfe2ded4
4feccbfffa697baa1b0e7919b2d04d63682c0121ce6dc6dabde8b182a6576200
550da51e312c49c1b20a530dab85efba8244ba03098419c5cfb825485922a0b4
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
780d852d075d17de6e5d0053d496860cb390ceda38cc712544eb3995275ec302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e61a500a80a60ce13983cfc7cf1ebc7bb7a3a470b76d0c98c45d31ef69caf1d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
bd7d5a11e9f4af38f9929beacbcd472c9636109ea4780fc95a92c040ae31e824
bf54c625866d1384ab27c41d106d53e1eac8a690017b8d74c8ed066bc3f0f514
c502bc5ccc9dc5bac07429d32b91ad5b6e88e37234305002153f4590fa1e565b
ce4d1bde257a6dd888670961d004874d5c2d4f3e757a2116e93d4802e23e9673
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e217578d407c6fa9e19241b97881e9f9e742348b7389419416d9b82475922603
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea09ac0ce573b76bd289ea2f9590e70b1988ea6a19be5fc6d754b0d2f8ef628
f0ce366840b7104060efdeee7fe153931aa2c87c41ead36c1599efe79a2707e9
f5605e41b6a330b2ef20e77183aec0dd42607d2ad5413ebc4a6140ab83c6bdbb
ff932644da77e1494e39ff6e5a56b54ca0e90b46709e917bf74347d0ce4af29a

www.usnetads.com Open in urlscan Pro 192.81.128.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

76 %HTTPS

0 %IPv6

15 Domains

24 Subdomains

19 IPs

3 Countries

879 kBTransfer

2400 kBSize

8 Cookies

8 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.usnetads.com Open in urlscan Pro
192.81.128.168 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

76 %
HTTPS

0 %
IPv6

15
Domains

24
Subdomains

19
IPs

3
Countries

879 kB
Transfer

2400 kB
Size

8
Cookies

86 HTTP transactions
2 data transactions