5alij.com Open in urlscan Pro
172.67.137.241 Public Scan

Software

cafe /

Resource Hash

2cf1ecbd8b02180dcccea4a874bc78de6a9aab8db0145487b4feb07bd4bc9e22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55412
x-xss-protection: 0
server: cafe
etag: 619503048947710021
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 23:16:56 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
5alij.com/qa-content/ 111 KB
33 KB 1511ms
1510ms Script
application/javascript 172.67.137.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5alij.com/qa-content/jquery-3.3.1.min.js
Requested by: Host: 5alij.com
URL: https://5alij.com/user/glass60stensgaard
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.137.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/user/glass60stensgaard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 May 2020 13:00:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1bb29-5a55eef215040-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fr9LJREPxa0DqN16qEJoKSFdOs%2B0WndzaP2ehySnXDU4XZ1hX6ZRk4meAoRvWLAqXmMasaJOIbPyhNzhgSHTl%2F7UlSwrpQy9fowtms7WFPiFwA6LElxYVuO5C%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75d576c0ef97dfb3-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qa-global.js Show response
5alij.com/qa-content/ 20 KB
5 KB 1187ms
1186ms Script
application/javascript 172.67.137.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5alij.com/qa-content/qa-global.js?1.8.3
Requested by: Host: 5alij.com
URL: https://5alij.com/user/glass60stensgaard
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.137.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/user/glass60stensgaard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Jan 2019 22:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5046-57f4a40061080-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpJAZUS1SAbSFmXqhgVxkqi%2B1fOcxvKx%2BZGhR0oSfpsjC39DeXLYsooSIhDR1YMAgBWrLqjOrT3Jlg61QS%2FRNjQS%2FmZcdX5CsDqPsa7oKZUj1Idw3a2Iqqq7t7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75d576c0ef9adfb3-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 snow-core.js Show response
5alij.com/qa-theme/SnowFlatCustom/js/ 2 KB
1 KB 1188ms
1188ms Script
application/javascript 172.67.137.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5alij.com/qa-theme/SnowFlatCustom/js/snow-core.js?1.8.3
Requested by: Host: 5alij.com
URL: https://5alij.com/user/glass60stensgaard
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.137.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/user/glass60stensgaard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Jan 2019 22:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"94f-57f4a40061080-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgLfHYsLuNWNcr4Ai8ASTB74nKVnC0aGCkQ8%2B1t2VfTHkYkXpYOa1%2FdXclCeUNhkj%2FP86I%2FqiZ59pmom5hrC8tJMhwFsDCidv%2BSXjqxIx5TazYZc8ACgjgGQ%2FW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75d576c0ef9bdfb3-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 SLXVc1nY6HkvangtZmpcWmhzfH5lWWgcQyyS4J0.woff2
fonts.gstatic.com/s/cairo/v20/ 11 KB
12 KB 577ms
192ms Font
font/woff2 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v20/SLXVc1nY6HkvangtZmpcWmhzfH5lWWgcQyyS4J0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

60dff1c82980316a6f2382cd0e213d898df370fb5b83b9c1378efab8f3d1d872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://5alij.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:36:14 GMT
x-content-type-options: nosniff
age: 589242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11608
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:42:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 03:36:14 GMT

GET
H2 200 SLXVc1nY6HkvangtZmpcWmhzfH5lWWgcRiyS.woff2
fonts.gstatic.com/s/cairo/v20/ 14 KB
14 KB 610ms
226ms Font
font/woff2 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v20/SLXVc1nY6HkvangtZmpcWmhzfH5lWWgcRiyS.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

6a7e8732a588d5d7923c6d2fbec2208379fa5e7c2ce70559de667c4b0957c6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://5alij.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:24:27 GMT
x-content-type-options: nosniff
age: 283949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14064
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:42:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 16:24:27 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 978ms
324ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: 5alij.com
URL: https://5alij.com/user/glass60stensgaard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:31 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.122.0/26
etag: "-375139978"
content-type: application/javascript; charset=UTF-8
x-cdn-pop: bhs
accept-ranges: bytes
content-length: 4364
x-request-id: 90374326

GET
H3 200 spinner-icon-14x14.gif
5alij.com/qa-theme/SnowFlatCustom/images/ 8 KB
8 KB 1457ms
1457ms Image
image/gif 172.67.137.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5alij.com/qa-theme/SnowFlatCustom/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: 5alij.com
URL: https://5alij.com/qa-theme/SnowFlatCustom/qa-styles.css?1.8.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.137.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/qa-theme/SnowFlatCustom/qa-styles.css?1.8.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:57 GMT
cf-cache-status: MISS
last-modified: Sat, 12 Jan 2019 22:15:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1e65-57f4a2570a500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwmdvZpjNZRRn4eZGLqUnImze3ZFv%2Fvv5nA8y6Mp6gU71G1xj8McNw1%2FxnLqMwIJ1VZ2WHlQAJgBJC5QBdRe1%2F0PlpZyHYiO%2Bo5vsHf9%2BxD97nxFIHBBUAWQc7c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75d576ca7a19a7f9-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7781

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 353 KB
125 KB 510ms
208ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070319

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3623cfd7b04d7c30ccfe67314ea620ff11eaf6907399cd5643429cb60098c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127505
x-xss-protection: 0
server: cafe
etag: 6935648061105762384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 23:16:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221019/r20190131/ Frame 4953 10 KB
5 KB 577ms
192ms Document
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221019/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5alij.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 12013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 19:56:44 GMT
etag: 9671129459699598864
expires: Thu, 03 Nov 2022 19:56:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 380 B
515 B 1010ms
335ms Script
text/html 192.99.8.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4375334&@f16&@g1&@h1&@i1&@j1666307817009&@k0&@l1&@m%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-12974333&@b3:1666307817&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F5alij.com%2Fuser%2Fglass60stensgaard&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns523448.ip-192-99-8.net
Software: /
Resource Hash: 879ba39c17afe03a3785d1b2af18dba07d949cf8c04b8cce94f3535f436fc0c1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 23:16:57 GMT
Connection: close
Content-Length: 380
Content-Type: text/html;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
458 B 194ms
194ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=5alij.com&callback=_gfp_s_&client=ca-pub-8343227950611411&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eace647b901986426cdda587753e9148ec30a081681375a935e14712198ff806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 583ms
194ms Script
application/javascript 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=5alij.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 580ms
194ms Script
application/javascript 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=5alij.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 21F8 40 KB
14 KB 780ms
479ms Document
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1666307817&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F5alij.com%2Fuser%2Fglass60stensgaard&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666307816612&bpp=5&bdt=2130&idt=812&shv=r20221019&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3474442321270&frm=20&pv=2&ga_vid=421400868.1666307817&ga_sid=1666307817&ga_hid=531463801&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070319%2C31070386%2C31070425%2C31060048&oid=2&pvsid=1068773151459508&tmod=1963002800&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=832

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1db3676f428ae3500d110f3513c6e4c44f93214211ff29716fa94f2b90f0dd2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5alij.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 14015
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 23:16:58 GMT
expires: Thu, 20 Oct 2022 23:16:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F68D 22 KB
10 KB 651ms
350ms Document
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1666307817&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Fglass60stensgaard&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666307816617&bpp=1&bdt=2135&idt=835&shv=r20221019&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3474442321270&frm=20&pv=1&ga_vid=421400868.1666307817&ga_sid=1666307817&ga_hid=531463801&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070319%2C31070386%2C31070425%2C31060048&oid=2&pvsid=1068773151459508&tmod=1963002800&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8KwIlwFh9C&p=https%3A//5alij.com&dtd=841

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9aaaf09c7e41539b3fc9f90173bc0ab3fdcf578bc7d99184f5f5eff76ed0a69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5alij.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9863
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 23:16:58 GMT
expires: Thu, 20 Oct 2022 23:16:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
e.dtscout.com/e/ 8 KB
9 KB 1002ms
333ms Script
application/javascript 158.69.139.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Fglass60stensgaard&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4375334&@f16&@g1&@h1&@i1&@j1666307817009&@k0&@l1&@m%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-12974333&@b3:1666307817&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F5alij.com%2Fuser%2Fglass60stensgaard&@w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d91e62b41cac09bdbfbb2b6ee0a479a5356d5fbd4219414958fdf5a0fe2a2895

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 23:16:58 GMT
X-T: 1.033
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Thu, 20 Oct 2022 23:16:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F68D 0
0 201ms
201ms Fetch
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLe036dZRY-KcNZGuvgTcqLmIDJj80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTgzNDMyMjc5NTA2MTE0MTHIAQmpAvd1Nn5-G6U-qAMBqgTGAU_Qnm9JpXt7JYMEPPruijUbY7TwPzHyaoSNgK9jj_E1qzl9DaPUyDZ6NAFLOu6NNSycX31N-2kOmsUUnhg0St7g3GPa71OsOdZ1JjpbkClFy33QWJp2gymz1_ksvgE_Ggrxtw5C5D0H2yelDi8GlV82FINHcmsD0P5CmT4A0qa-B89sq4hts8g8mIiLRxioUhD9yrU3-KfEGAvxhRbfg_5csqu_rbLHI8fnuUq5vz4z66X5wOOnCOd8eGmor_L8cjeWWuTiQYAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODM0MzIyNzk1MDYxMTQxMRgA&sigh=s0VQ415Lh0w&uach_m=[UACH]&cid=CAQSGwDq26N9GUBvGj-tys_uzx9oMP79hv6_rNwc0xgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1666307817&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Fglass60stensgaard&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666307816617&bpp=1&bdt=2135&idt=835&shv=r20221019&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3474442321270&frm=20&pv=1&ga_vid=421400868.1666307817&ga_sid=1666307817&ga_hid=531463801&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070319%2C31070386%2C31070425%2C31060048&oid=2&pvsid=1068773151459508&tmod=1963002800&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8KwIlwFh9C&p=https%3A//5alij.com&dtd=841

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1666307817&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Fglass60stensgaard&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666307816617&bpp=1&bdt=2135&idt=835&shv=r20221019&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3474442321270&frm=20&pv=1&ga_vid=421400868.1666307817&ga_sid=1666307817&ga_hid=531463801&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070319%2C31070386%2C31070425%2C31060048&oid=2&pvsid=1068773151459508&tmod=1963002800&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8KwIlwFh9C&p=https%3A//5alij.com&dtd=841
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Oct 2022 23:16:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Oct 2022 23:16:58 GMT

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame F68D 0
0 643ms
214ms Fetch 182.161.74.19
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kJa3FMr6ROwHmAJi-C0SAgAAALwV94TmcQOgEOnWUWMmn1mixj0iMKYLqQASAAA&wp=Y1HW6QANTmIKj5cRAA5UXAx38YKwJ0CBPz0oAQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 177454
content-length: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 48BE 144 KB
45 KB 792ms
394ms Document
text/html 182.161.73.148
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=Y1HW6QANTmIKj5cRAA5UXAx38YKwJ0CBPz0oAQ&u=%7CiFXQKb0bhGUcvcCKhKahRCxnluqIUA0Z53f%2FncpNOz8%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGumCTvT4zkpybtITmjGpgF1CIovqwqfJZCmBwzksQBz-tNNX5Jy6qZWXaKz9DqXduI80V96VWcA8YcyiSecXH21VHJjgTEdemKT-62GBuMfXHwWKETcTC5qM5OHV2n4KBVtHr2rJPokRDAlLlbA9EP93orbl-3Te4PFFIyLyLAUG32cv9MuRHYX1GHjnk4wbc9RlLqNbRALaZPlcFq7gDOsLKBcpbEveuYT0I51d9EOCAQ0VP8b1p0S1h-71YSehP3yYZCuH76IMXaKPDiHWWeYE9XNuVH4_F0kJU5uztrY3Ayq9GD5AW5kFk2Lu2TZCJhansx63lK1w_OwtDmvjburvp-ym1pCmJ3viIEM-yKu_aKfHr77hirWsxkBkISImsYDbJZfYzIJJJkLoMdhaJqvYOnXkKAjxe8TJYD4I4IWKZb6XiMqK17MJghLr2F1hR5D6BnVhSYgbhGgSbX5kBlHiNpopGl9997-u5WmCxKnGzKbBqyzRZpbMDV_AW93xKMz9DbK9LKYls8hjBDfrUGX3664mp5egS7u5kpQfL2ClqDUUIpNVyKXAgda_zMgKlc9BjhhjBLJHZ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZl446dZRY-KcNZGuvgTcqLmIDJj80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTgzNDMyMjc5NTA2MTE0MTHIAQmpAvd1Nn5-G6U-qAMBqgTJAU_Qnm9JpXt7JYMEPPruijUbY7TwPzHyaoSNgK9jj_E1qzl9DaPUyDZ6NAFLOu6NNSycX31N-2kOmsUUnhg0St7g3GPa71OsOdZ1JjpbkClFy33QWJp2gymz1_ksvgE_Ggrxtw5C5D0H2yelDi8GlV82FINHcmsD0P5CmT4A0qa-B89sq4hts8g8mIiLRxioUhD9yrU3-KfEGAvxhRbfg_4esIotSHxOXThuyNRS6aTwwrHzV-mJEA_0iz8yZkziXi9xsXWcvpX5jIAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_35A8HD13SXZxt65OBUMaXKNOyWPg%26client%3Dca-pub-8343227950611411%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e820aa466979698152f173d6c375c119ee953b539a1986b407de770ed596fab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 23:16:57 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=jd0RQxm22QC6uWCCQY70f6C5nH2ZDgN8FfHylPqUK5dkbZcPsTRIkL4fT51I_xHraGPKt9JuXY7CmdeDiHICyOv_OWsQUteXBjPsDwD_eV_YFzDV5ysRByxcjQU-1jr4gA0Yo568zHVXfwv_wmE5OODHw5akviVMV8j8tpYLrtu35gvClB7pmM_xDk5aYrsOGs_avdu1v-B-npcmqlVLJhhmO1tNy73lpLePOwex8N9UNOkgmhtjuof3xqVfWHDuBRHTSfzmR5EUHHp7"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 55812588
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame F68D 3 KB
1 KB 604ms
215ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 18:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 18:42:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame F68D 17 KB
8 KB 580ms
191ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 18:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 18:43:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F68D 152 KB
47 KB 581ms
193ms Script
text/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

sffe /

Resource Hash

66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47476
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666179788250400"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Oct 2022 23:16:58 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 151 KB
54 KB 203ms
203ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/reactive_library_fy2021.js?bust=31070319

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070319

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3db982bc19ffde01afc729e5a6558c2992553f6aa4364e286748419b484452be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55062
x-xss-protection: 0
server: cafe
etag: 10730523302642426713
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 23:16:58 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
165 B 496ms
195ms Script
application/javascript 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=5alij.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 496ms
194ms Script
application/javascript 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=5alij.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/ Frame AFA5 10 KB
4 KB 192ms
192ms Document
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_fy2021.js?bust=31070319

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5alij.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 83432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 00:06:26 GMT
etag: 9671129459699598864
expires: Thu, 03 Nov 2022 00:06:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F68D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ddd7e57c4451e2a271c80ca6f996f485b7f8daa9ce90fd0ad9fb6c362643a05

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AFA5 0
0 203ms
202ms Fetch
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-acK6dZRY4ylNJKV8QP7qZfYCpj80bFcytmNkrYBwI23ARABIABgpYCAgJABggEXY2EtcHViLTgzNDMyMjc5NTA2MTE0MTHIAQmpAvBhu1u0FKU-qAMBqgTGAU_QnsG0e14tYmyV_sx6mX8o1bAiYsFaUgcsAEw_Pb_g3Bnjik53n4yH0-Gn4JfUB9kuSHPUJ-AbI28ohfSDmqLVtADWdRJ1rdWPHKEtP8XnyhjiaOs8neQMWNACC2Gk_FmIekThywJF50Vbw40TvyDvu-ZB4meS-QbC1DGqu-hjr6-sNiibEiCRCFo1SX9GDszEKFwkBj4CI7FC2VQjtmfSKWn9xM2aKGziK4Ex2QLWR_D0YS36ePCU5qsbHcTuoqNmMxAO8IAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODM0MzIyNzk1MDYxMTQxMRgA&sigh=e49YBR4AB60&uach_m=[UACH]&cid=CAQSGwDq26N9mmalFKhwedKOo4Vox3Im3pOg9NVe-RgBIBM

Requested by

Host: 5alij.com
URL: https://5alij.com/user/glass60stensgaard

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Oct 2022 23:16:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame AFA5 0
0 214ms
214ms Fetch 182.161.74.19
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kJa3FMr6RO0HfGL4LRICAAAAQafCUcbfBfcQ6dZRYzerkWwL2m7Mq1rzABIAAA&wp=Y1HW6QANEowKfEqSAAXU---V6Ehugrr2jl2Obw

Requested by

Host: 5alij.com
URL: https://5alij.com/user/glass60stensgaard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 158427
content-length: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame AD0A 212 KB
56 KB 335ms
334ms Document
text/html 182.161.73.148
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=Y1HW6QANEowKfEqSAAXU---V6Ehugrr2jl2Obw&u=%7CiFXQKb0bhGVKuAOZaPoS%2Fhq8mwjteMJ1KcdXRDGFv%2Fs%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGumCTvT4zkpybtITmjGpgF1CCy0RjBFuz32jhKt3WVJ7T4iKM8x4M85leBofHdW0NfHXfCCxBtO7bOnMiyaogBUex0yHi52Kvulds0oNOYjJVtse-atmonbU73juuoF8DgVLiNL68UQav_isJzYjdvfYXGkmPyoknTbMUEKoLF9rS4RlsDjzpfXN5ixtEHCae6elyFDm6_OckRbcLYsu4qssaQAH6wTAr-jsM2J7qoWglPmozdcQcx_1edUWYGvW47e6IBWwICDssRcxTIVASfw24Pf79fsBMeZKEobP1B3v-pBOjoTmUkrsTbugJiPmWFVn_CpjymhcrN9rDOTB3_TwrZO3R5K6tTLmZDBWTy24O6W6oewPAcPYbgS5A5p5qJITH9obTlpngLunhudaBIk4kUny1ERsVQJyaoaXTYo8peHAF5oIdbobNxWawkw9D_9dCp8gk1xKIWD-E7o9igwrVLd-2m5U96ScU9VyAqM3dh_TgVpAeBXZg1gmkBXBAy1VBT5pmdsXq9alFJox29-yJLsJvW941OEHEwX1F4gw1fn6jGdM3JSQw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4PpU6dZRY4ylNJKV8QP7qZfYCpj80bFcytmNkrYBwI23ARABIABgpYCAgJABggEXY2EtcHViLTgzNDMyMjc5NTA2MTE0MTHIAQmpAvBhu1u0FKU-qAMBqgTJAU_QnsG0e14tYmyV_sx6mX8o1bAiYsFaUgcsAEw_Pb_g3Bnjik53n4yH0-Gn4JfUB9kuSHPUJ-AbI28ohfSDmqLVtADWdRJ1rdWPHKEtP8XnyhjiaOs8neQMWNACC2Gk_FmIekThywJF50Vbw40TvyDvu-ZB4meS-QbC1DGqu-hjr6-sNiibEiCRCFo1SX9GDszEKFwkBj4CI7FC2VQjtmeQK0hvIQMTVpNrWh_aj5gVbuT-9ifUYBgcFf2B1HrwjruB2IFwD9UQCIAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2DJQaWpyAv8ZoFgYSD0o60o8REzw%26client%3Dca-pub-8343227950611411%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

ed8aa2f0569d0ecaa55dd4fe9bf0bd4d496a1dc6f6435edab134eefeae6b3b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 23:16:58 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=nu2xphm22QC6uWCC_QrkoEshaTNW17CpjS1gImTJadmVdY9E12gwRiOvjY4Feeg402W5zJiGkNBGH-t-WqB6w_9NoC_iBa29vUyZO5mkRb409paFtKrmitoRhGo4XQfp4eHyRFIK_I76eFqKxRV6RbrW3Ej3Uq9vE_31dnpvU5u8RCpFCHb-sVTkzvjjTQhkNC7mpslJ1ji_GGf4u5qcCIqsjc5gqIBGjYougBynyHIL4J5CIYZzbdD-iZzYQrdJbE6vnTMqqF_rxgje"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 90400654
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame AFA5 3 KB
1 KB 494ms
193ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 18:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 18:42:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame AFA5 17 KB
7 KB 498ms
196ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-67-232-121.eu-central-1.compute.amazonaws.com

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 18:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Nov 2022 18:43:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFA5 152 KB
46 KB 495ms
194ms Script
text/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221019/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

sffe /

Resource Hash

66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47476
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666179788250400"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Oct 2022 23:16:59 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 48BE 2 KB
1 KB 591ms
195ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1HW6QANTmIKj5cRAA5UXAx38YKwJ0CBPz0oAQ&u=%7CiFXQKb0bhGUcvcCKhKahRCxnluqIUA0Z53f%2FncpNOz8%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGumCTvT4zkpybtITmjGpgF1CIovqwqfJZCmBwzksQBz-tNNX5Jy6qZWXaKz9DqXduI80V96VWcA8YcyiSecXH21VHJjgTEdemKT-62GBuMfXHwWKETcTC5qM5OHV2n4KBVtHr2rJPokRDAlLlbA9EP93orbl-3Te4PFFIyLyLAUG32cv9MuRHYX1GHjnk4wbc9RlLqNbRALaZPlcFq7gDOsLKBcpbEveuYT0I51d9EOCAQ0VP8b1p0S1h-71YSehP3yYZCuH76IMXaKPDiHWWeYE9XNuVH4_F0kJU5uztrY3Ayq9GD5AW5kFk2Lu2TZCJhansx63lK1w_OwtDmvjburvp-ym1pCmJ3viIEM-yKu_aKfHr77hirWsxkBkISImsYDbJZfYzIJJJkLoMdhaJqvYOnXkKAjxe8TJYD4I4IWKZb6XiMqK17MJghLr2F1hR5D6BnVhSYgbhGgSbX5kBlHiNpopGl9997-u5WmCxKnGzKbBqyzRZpbMDV_AW93xKMz9DbK9LKYls8hjBDfrUGX3664mp5egS7u5kpQfL2ClqDUUIpNVyKXAgda_zMgKlc9BjhhjBLJHZ8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZl446dZRY-KcNZGuvgTcqLmIDJj80bFcyvHtoMEBwI23ARABIABgpYCAgJABggEXY2EtcHViLTgzNDMyMjc5NTA2MTE0MTHIAQmpAvd1Nn5-G6U-qAMBqgTJAU_Qnm9JpXt7JYMEPPruijUbY7TwPzHyaoSNgK9jj_E1qzl9DaPUyDZ6NAFLOu6NNSycX31N-2kOmsUUnhg0St7g3GPa71OsOdZ1JjpbkClFy33QWJp2gymz1_ksvgE_Ggrxtw5C5D0H2yelDi8GlV82FINHcmsD0P5CmT4A0qa-B89sq4hts8g8mIiLRxioUhD9yrU3-KfEGAvxhRbfg_4esIotSHxOXThuyNRS6aTwwrHzV-mJEA_0iz8yZkziXi9xsXWcvpX5jIAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_35A8HD13SXZxt65OBUMaXKNOyWPg%26client%3Dca-pub-8343227950611411%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 48BE 2 KB
1 KB 592ms
198ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 48BE 308 B
636 B 590ms
196ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 48BE 293 B
621 B 782ms
388ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 48BE 43 B
348 B 597ms
199ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=9radfD7Mdfzbivt371qniZLHvTeth41n4GtUpCEkGGhAwbqAU4hvZ79rZ9pR1JFf9EIkIsjjzn9Lhdxy3e_dN3qJwY5kEYKNe0pSU4KrseP_gku15dYp3H_l6jEUFU5ArQWHaIUbri9SXTo-5g-2Ozqji_biRUQjF9D63O9sbUIGBQWtaoZutz08cYqpT9yedMF4UQlCQGv_11_xVxKyixOphgHTEvRNuSOtjFgNtuN0-6yQ5rN2UqGL8rxkQHM4TcThlAAr9MYSufjhxnXiW_MegnvVu83fG1XXAA3GstoQ8HIC7tQb62vKWstStad_C9cGY8EA0PtCQI1ijOfPwDgQlCxweWiMViFN1FPLiNiHj1j2y1nZuB6q6wfVvUrO-HNeJrZGvt2QfTIwEdSNIni-tjxyQEwV0uL3-1dppyneBJPr-amewbyQ-8IG4kmJ1aJaBw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 23:16:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1620489
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame A6D0 1 KB
757 B 1657ms
336ms Document
text/html 51.161.15.92
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D0016663078183B45D361FDE0DDD79B
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Fglass60stensgaard&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570935.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8f6b90eb0167ff9c766f8346e6b6cde907e86c86a390996a72b2e8aaded4f4dd

Request headers

Referer: https://5alij.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Oct 2022 23:17:00 GMT
Expires: Thu, 20 Oct 2022 23:16:59 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 614ms
211ms Script
text/javascript 13.33.33.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Fglass60stensgaard&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-24.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ePoTNcv0DaSHt0vz0AKUJEI0tBAExaJ3
content-encoding: gzip
via: 1.1 6fa99bf0c83c1cecd58937934e9d3c12.cloudfront.net (CloudFront)
date: Thu, 20 Oct 2022 19:39:46 GMT
last-modified: Thu, 25 Aug 2022 14:07:06 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 13034
etag: W/"c722c8e06c3a9be75b009576c49f7792"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: ezaZ_8BPEgy44xcid74L30-Go0WoNLNogYNdKTG-s9VLenTmhqEbnA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 2099ms
390ms Script
application/javascript 3.67.232.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Fglass60stensgaard&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.67.232.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8232cdad4deb7a188480b6cf176889be5aaaade78c7ebcb73ab78f0facd974e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 23:17:00 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2273
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 11 KB
4 KB 324ms
106ms Script
application/javascript 104.18.18.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Fglass60stensgaard&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.39 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197ac67d2524c83b22a0c8023678bd639975ba3d6c0c086aa406e7af484201a2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2022 14:57:21 GMT
server: cloudflare
age: 116255
etag: W/"62d96951-2a93"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 75d576debf5aa8d1-SYD
expires: Sun, 23 Oct 2022 23:16:59 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 1657ms
336ms Script
application/javascript 51.161.15.92
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=5alij.com&_ss=47k2126tjo&_pv=1&_ls=0&_u1=1&_u3=1&_cc=au&_pl=d&_cbid=2nib&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Fglass60stensgaard&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.161.15.92 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns570935.ip-51-161-15.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 55d56ee3c8d07931a9fa1aef16330a336c73343912fc329c6284b837c1a9752a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Oct 2022 23:17:00 GMT
X-T: 0.161
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Thu, 20 Oct 2022 23:16:59 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 48BE 12 KB
6 KB 670ms
431ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 48BE 107 KB
107 KB 1611ms
395ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?h=1200&m=0&partner=81957&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F81957%2F220908%2Feac4a02f551249d2ac03db865a139a74_bbnt-criteo-banners-wk07-spring-lookbooks-oceanhues-1200wx628h.png&v=3&w=1200&s=F02A3o-W_im97Oaw9OWMFiJz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

9be1b6593fe62ec13c325237c564788cd57c0e00573baf9c1a8ed994334763b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27432175
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 109300
expires: Sun, 03 Sep 2023 11:19:55 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 48BE 10 KB
10 KB 2027ms
812ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F20245401-V08.jpg&v=3&w=400&s=2-0SAbNFsbRPV1XhySBqDiC0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

0865f267142666f8f52bbf55503c9fa27e601885fdc5ad7d6f887fcbda447e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9728
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 48BE 15 KB
15 KB 2198ms
983ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F113%2F191%2FM_F-Portofino-Taupe-QQC.jpg%3F1617162864&v=3&w=400&s=JRDasU1hUvM6XXGsKtAtJ5ft&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

6db7f1b6f0f5ae1711a4f199ea87c844f777d07be4191c99b0158d11db8ff2c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15424
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 48BE 25 KB
25 KB 2092ms
877ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21825801-P.jpg&v=3&w=400&s=oRao3-xCNmWMmB43fKVNyEu3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

bce845209a446aff7b17aeb24eaa05cc678989a800f628a5e475a2dfd7e05fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25378
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 48BE 14 KB
14 KB 2056ms
841ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21829101-P.jpg&v=3&w=400&s=89erSvR0bR1NATE_PUkE38Lg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

d0231f0fc4e369f946ff20f951b1943718d41c55847476903a02194f765ab0fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14540
expires: Sun, 15 Oct 2023 23:17:00 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 48BE 0
127 B 1424ms
205ms Ping
text/plain 182.161.73.142
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=jd0RQxm22QC6uWCCQY70f6C5nH2ZDgN8FfHylPqUK5dkbZcPsTRIkL4fT51I_xHraGPKt9JuXY7CmdeDiHICyOv_OWsQUteXBjPsDwD_eV_YFzDV5ysRByxcjQU-1jr4gA0Yo568zHVXfwv_wmE5OODHw5akviVMV8j8tpYLrtu35gvClB7pmM_xDk5aYrsOGs_avdu1v-B-npcmqlVLJhhmO1tNy73lpLePOwex8N9UNOkgmhtjuof3xqVfWHDuBRHTSfzmR5EUHHp7&sds=2&rev=83153&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 48BE 2 KB
1 KB 383ms
198ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 48BE 2 KB
1 KB 245ms
245ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame AD0A 2 KB
1 KB 275ms
197ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1HW6QANEowKfEqSAAXU---V6Ehugrr2jl2Obw&u=%7CiFXQKb0bhGVKuAOZaPoS%2Fhq8mwjteMJ1KcdXRDGFv%2Fs%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBKhvYQd0ho2He6BFtoCOcYAZgP8GkjGumCTvT4zkpybtITmjGpgF1CCy0RjBFuz32jhKt3WVJ7T4iKM8x4M85leBofHdW0NfHXfCCxBtO7bOnMiyaogBUex0yHi52Kvulds0oNOYjJVtse-atmonbU73juuoF8DgVLiNL68UQav_isJzYjdvfYXGkmPyoknTbMUEKoLF9rS4RlsDjzpfXN5ixtEHCae6elyFDm6_OckRbcLYsu4qssaQAH6wTAr-jsM2J7qoWglPmozdcQcx_1edUWYGvW47e6IBWwICDssRcxTIVASfw24Pf79fsBMeZKEobP1B3v-pBOjoTmUkrsTbugJiPmWFVn_CpjymhcrN9rDOTB3_TwrZO3R5K6tTLmZDBWTy24O6W6oewPAcPYbgS5A5p5qJITH9obTlpngLunhudaBIk4kUny1ERsVQJyaoaXTYo8peHAF5oIdbobNxWawkw9D_9dCp8gk1xKIWD-E7o9igwrVLd-2m5U96ScU9VyAqM3dh_TgVpAeBXZg1gmkBXBAy1VBT5pmdsXq9alFJox29-yJLsJvW941OEHEwX1F4gw1fn6jGdM3JSQw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4PpU6dZRY4ylNJKV8QP7qZfYCpj80bFcytmNkrYBwI23ARABIABgpYCAgJABggEXY2EtcHViLTgzNDMyMjc5NTA2MTE0MTHIAQmpAvBhu1u0FKU-qAMBqgTJAU_QnsG0e14tYmyV_sx6mX8o1bAiYsFaUgcsAEw_Pb_g3Bnjik53n4yH0-Gn4JfUB9kuSHPUJ-AbI28ohfSDmqLVtADWdRJ1rdWPHKEtP8XnyhjiaOs8neQMWNACC2Gk_FmIekThywJF50Vbw40TvyDvu-ZB4meS-QbC1DGqu-hjr6-sNiibEiCRCFo1SX9GDszEKFwkBj4CI7FC2VQjtmeQK0hvIQMTVpNrWh_aj5gVbuT-9ifUYBgcFf2B1HrwjruB2IFwD9UQCIAGsZas5Pu8pvV4oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2DJQaWpyAv8ZoFgYSD0o60o8REzw%26client%3Dca-pub-8343227950611411%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame AD0A 2 KB
1 KB 276ms
199ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame AD0A 308 B
636 B 269ms
197ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame AD0A 293 B
621 B 460ms
388ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame AD0A 43 B
347 B 277ms
201ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=4d2L0Z8gcsn_DXxlc7dXyqL9IWc0RZoxgY32cMRs6JjAuI2Ub2buKllkzGTZLYchPstvi3JV64c9NiYBWCNGDkb-blHCrwc9FG5G6cNYQ5GYbJg3kqG6iZyESCqUvNAGP7bh4JlH5Kzcd-cmgRne5nPHR8xJV4Q1A9cNw3eWw9I6LhKUTIqS7ZsSW6OaCs2exbOfwe8P2O_coqaBuGHfFDLZBJeslJzUkJG-BwZ0lpaSJTrvsfxyTDPNvcAQetoK24Izfy_0fIzBerFiN8QVPfysQ8dk8u1Oy5of5N7S7oIWt6sZ0WDlwzPcz34CeGyq-hP5i9snYxsWYY17trz9MWz7vufPyIUn_yWeGFSatHmMXZZRFIzBIagfEqnVG2e_Cui6rVnFmslcAHLfbLiFW71YmnnZBW7nrAuQaZA-X3l-ZgYnFym2N4s5l0CmAqf11kRt2Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 23:16:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3350162
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame AD0A 12 KB
6 KB 365ms
365ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 6 KB
7 KB 1885ms
916ms Image
image/png 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?h=244&m=0&partner=81957&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F81957%2F221012%2Ff6fadf08944742bda6a7ec5de639cdaf_logo_n_horizontal.png&v=3&w=196&s=jmf1dUxF5nPMjNsQno5wipaM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

d0cffc4a668bfb454ae5e36d9199d6f77e60ec97ed22545cba9573660fcfb6fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30369241
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6463
expires: Sat, 07 Oct 2023 11:11:01 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 74 KB
74 KB 1968ms
1000ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?h=1200&m=0&partner=81957&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F81957%2F221012%2F0fe1a2a5a5a241498c4afb46f3371da6_bbnt-criteo-banners-wk16-summer-living-1200wx628h.png&v=3&w=1200&s=fhejSVd-cWWHx9uNVFo1FH3Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

0682f71513018705e3e602756e5378699cf8b186496f1875f56b1ce81151297a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30369237
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75806
expires: Sat, 07 Oct 2023 11:10:57 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 24 KB
24 KB 2081ms
1112ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F20014301-P.jpg&v=3&w=800&s=XiU3JEjcgVvs08VMKGhTpmFG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

58d5f934639fa2d715a1fd6328c9e2d12c28faacd072de46c93fc543e9fa96fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24366
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 15 KB
15 KB 1780ms
812ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F19753301-P.jpg&v=3&w=800&s=JZDzTXnWeUCTBXTpP_BHJQuV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

4c88af3d3330a14a34651c4ec91d9d4f30d693e243f5d24b5d415c6c11716da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14954
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 10 KB
10 KB 2097ms
1129ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F20245401-V08.jpg&v=3&w=800&s=IaWYVwe28uI77nz_k9CMksl-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

0865f267142666f8f52bbf55503c9fa27e601885fdc5ad7d6f887fcbda447e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9728
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 13 KB
13 KB 2080ms
1112ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21695701-P.jpg&v=3&w=800&s=ixDBe1gwFKXpuJ-04v46ozzz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

8920d37f6253d5466d509b88400a362cb5643f320c7f9710d1b298316d141152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12970
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 13 KB
13 KB 969ms
968ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F20497901-P.jpg&v=3&w=800&s=DT7mVKJ-GiFGbGLCewNhhS0l&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

dba41483b2d3d164dfc0bdb1a139c6f3eaca3dcd1248c2f70185d460b7a46dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13154
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 41 KB
41 KB 1061ms
1060ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F22072001-P.jpg&v=3&w=800&s=65vEYFBLK4Ci4_0bo3QmgcRI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

ce15bc2e340730d3a4f7dc833a2ca8d958956f12470cb543f65a6a80e28f5ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 41804
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 16 KB
16 KB 995ms
994ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21891901-P.jpg&v=3&w=800&s=vNLeaZ243WeQN8zyQ3zt-WCv&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

2ebd1ecfb1c0a43ac9d3810bad35c4bceee4812a174dd1e2a0f90a6469d77145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16180
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 13 KB
14 KB 1039ms
1039ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F128%2F961%2FM_F-Carol-the-Camel-Gold-21213701.jpg%3F1629856714&v=3&w=800&s=okJBdaKuMjKAVbP_9NvHu2aG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

5b406c1ab37a38381717cb0b11bc308cdb68ad4cc6aa6308a5822e07b3cd434f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13566
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 26 KB
27 KB 995ms
994ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21363501-P.jpg&v=3&w=800&s=zodXBLRPBmmsNN5OOg-vbkPb&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

634d6fc2774c3a6fca6d7ef07c9e84cd348397602be7a81744f01f3ec5db5a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26882
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 22 KB
22 KB 1051ms
1050ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F109%2F635%2FM_F-Japanese-Wisteria-Cushion.jpg%3F1616126670&v=3&w=800&s=K2ExwwseLxWb9Ry3bwPotiR4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

b3a8e7754fb99286139fc5d35579edb0bba414eebfa5b514455b6d1b4bd34316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22538
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 12 KB
12 KB 1050ms
1050ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21829701-P.jpg&v=3&w=800&s=Qbmn6qxEgQ2U96axxsIosHUM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

c9966e2749a5bcac95e2576624bc405bfe0ff317c2c566542f50e7c24afe1dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12412
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 17 KB
17 KB 1078ms
1077ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fs3-ap-southeast-2.amazonaws.com%2Ffusionfactory.commerceconnect.bbnt.production%2Fpim_media%2F000%2F132%2F795%2FM_F-Dachsie-FQQC.jpg%3F1638225318&v=3&w=800&s=LnXcMFh-7Lo8fpgoIrdwnN0b&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

51d9c5060aaf97e5c5ed6a7145d5b51bb27f80eb7ad225d5be53ff83b9d82d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17178
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 4 KB
4 KB 991ms
990ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21434101-V01.jpg&v=3&w=800&s=VImsAtsSxrhUd3UUqUsJKntS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

76ff98e43e98f4aee343da291a658d6f14ea9271121fb0b0686224313ac5992c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4066
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 25 KB
25 KB 1077ms
1077ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F22078101-P.jpg&v=3&w=800&s=J1bRJfFaoZcnNtyxV9-co87o&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

38ef5450c11920fc0d02ff4ae37780a2f66bcc1641c1f56c570be652c748acd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25666
expires: Sun, 15 Oct 2023 23:17:00 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame AD0A 25 KB
25 KB 1088ms
1088ms Image
image/webp 182.161.73.135
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=81957&q=80&r=0&u=https%3A%2F%2Fbbnt-m2-image-library.s3.ap-southeast-2.amazonaws.com%2F21864101-P.jpg&v=3&w=800&s=zl5JCvDG-54nGMnNLH2o3Iha&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

9eb90439a078005df430be21eea2653c70c4bcd87201d16ada33ad51568a191c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25236
expires: Sun, 15 Oct 2023 23:17:00 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame AD0A 0
128 B 1174ms
204ms Ping
text/plain 182.161.73.142
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=nu2xphm22QC6uWCC_QrkoEshaTNW17CpjS1gImTJadmVdY9E12gwRiOvjY4Feeg402W5zJiGkNBGH-t-WqB6w_9NoC_iBa29vUyZO5mkRb409paFtKrmitoRhGo4XQfp4eHyRFIK_I76eFqKxRV6RbrW3Ej3Uq9vE_31dnpvU5u8RCpFCHb-sVTkzvjjTQhkNC7mpslJ1ji_GGf4u5qcCIqsjc5gqIBGjYougBynyHIL4J5CIYZzbdD-iZzYQrdJbE6vnTMqqF_rxgje&sds=2&rev=83153&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AD0A 2 KB
1 KB 367ms
364ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame AD0A 2 KB
1 KB 322ms
321ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Oct 2023 23:16:59 GMT

GET
DATA 200
OK truncated
/ Frame AFA5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb9c89957de5592479b96cd173aeddcf86db84b51aaee28afa686e4cd82a4fbe

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 p
ic.tynt.com/b/ 35 B
581 B 1189ms
287ms Image
image/gif 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1666307819470&dn=AFWU&iso=0&t=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC
Requested by: Host: 5alij.com
URL: https://5alij.com/user/glass60stensgaard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/user/glass60stensgaard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
942 B 1112ms
406ms Fetch
application/json 13.33.33.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-53.sin2.r.cloudfront.net
Software: /
Resource Hash: c2dff4d99eef4b35e8f498d841d785ec135749647ff00b3efd1a5d66f87e5241

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:17:00 GMT
via: 1.1 e7dacb0efeeed58e9fdd0c9cd774981a.cloudfront.net (CloudFront), 1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2, SIN2-P1
x-amzn-requestid: b81cf69b-a117-4dc5-bd90-1b5b7df6515b
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: aU6E_GkMiYcFk8w=
content-length: 535
x-amz-cf-id: Fh9IH5KnitJXLv6U6nufKZWgjS64hdteZZsTJliG8ZoHwfWx-jpWBg==

GET
H2 200 v2 Show response
de.tynt.com/deb/ 811 B
1 KB 951ms
299ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 7f27112b056bdbeaabb7f377a56648d8afc25df03d7efbb710f13d192aee82c8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://5alij.com/user/glass60stensgaard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Thu, 20 Oct 2022 23:17:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length: 811
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F68D 42 B
64 B 581ms
194ms Fetch
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqwggzYfGEdBikZewvArstSAkEK8019V5TYB8rHAEN7bUyU1sT6V-oyMM2Ze_4DeZtbd1l7yeVV-UDAn02Y3aSTfQJ&sig=Cg0ArKJSzCilXyxpPbiLEAE&id=lidar2&mcvt=1008&p=0,0,280,1004&mtos=0,0,1008,1008,1008&tos=0,0,1008,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=0.65&if=1&vu=1&app=0&itpl=20&adk=3572022879&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666307817460&rpt=1577&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Oct 2022 23:17:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 48BE 0
127 B 411ms
204ms Ping
text/plain 182.161.73.142
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.as.criteo.net/ Frame AD0A 0
127 B 200ms
200ms Ping
text/plain 182.161.73.142
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 20 Oct 2022 23:17:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AFA5 42 B
64 B 194ms
194ms Fetch
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZrOlwGpb7WCBkR05qlnDoPyiOyfhjcPH8h4_ay9uJajauNqiTiWMqwB3E9cCJTWEyppo8wOXrC8hq0bzJsBZJ1FiN&sig=Cg0ArKJSzDYnJE8fRbX6EAE&id=lidar2&mcvt=1004&p=0,0,124,1005&mtos=528,1004,1004,1004,1004&tos=528,476,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666307818702&rpt=831&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS