ja.scriptcult.com Open in urlscan Pro
2606:4700:3035::6815:2196 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ja.scriptcult.com/open-acsup-files-905
Submission Tags: test
Submission: On February 01 via api (February 1st 2022, 1:08:17 pm UTC) from JP — Scanned from JP

Summary HTTP 463 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 64 IPs in 12 countries across 77 domains to perform 463 HTTP transactions. The main IP is 2606:4700:3035::6815:2196, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.scriptcult.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time ja.scriptcult.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:303... 2606:4700:3035::6815:2196	13335 (CLOUDFLAR...) (CLOUDFLARENET)
70	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:221... 2600:9000:221a:3a00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	164.90.194.65 164.90.194.65	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
25	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
5	2606:4700:303... 2606:4700:3032::ac43:9286	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.251.42.194 142.251.42.194	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	144.76.120.254 144.76.120.254	24940 (HETZNER-AS) (HETZNER-AS)
4	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:10:... 2606:4700:10::6816:37ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
6 22	103.43.90.54 103.43.90.54	29990 (ASN-APPNEX) (ASN-APPNEX)
3	103.231.99.77 103.231.99.77	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8	51.79.234.101 51.79.234.101	16276 (OVH) (OVH)
4	2a02:fa8:c411... 2a02:fa8:c411:12::1140	399104 (CNVR-APAC) (CNVR-APAC)
8	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
4	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2404:6800:400... 2404:6800:4004:808::2002	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:801::2002	15169 (GOOGLE) (GOOGLE)
10	2404:6800:400... 2404:6800:4004:81e::200a	15169 (GOOGLE) (GOOGLE)
54	2404:6800:400... 2404:6800:4004:80c::2001	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:812::2002	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:80c::2003	15169 (GOOGLE) (GOOGLE)
1 5	2404:6800:400... 2404:6800:4004:80b::2004	15169 (GOOGLE) (GOOGLE)
2 8	172.217.174.102 172.217.174.102	15169 (GOOGLE) (GOOGLE)
1 1	66.180.64.123 66.180.64.123	62961 (BISNET1) (BISNET1)
4	2404:6800:400... 2404:6800:4004:81c::2001	15169 (GOOGLE) (GOOGLE)
28	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2600:140b:400... 2600:140b:400:1a9::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2404:6800:400... 2404:6800:4004:821::200a	15169 (GOOGLE) (GOOGLE)
3 3	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
3	142.251.8.154 142.251.8.154	15169 (GOOGLE) (GOOGLE)
8 26	172.217.174.98 172.217.174.98	15169 (GOOGLE) (GOOGLE)
7 13	23.51.209.187 23.51.209.187	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2404:6800:400... 2404:6800:4004:820::2006	15169 (GOOGLE) (GOOGLE)
6	142.251.42.130 142.251.42.130	15169 (GOOGLE) (GOOGLE)
6	34.149.43.113 34.149.43.113	15169 (GOOGLE) (GOOGLE)
3 3	13.228.220.78 13.228.220.78	16509 (AMAZON-02) (AMAZON-02)
2 3	161.202.200.114 161.202.200.114	36351 (SOFTLAYER) (SOFTLAYER)
6 6	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	64.202.112.255 64.202.112.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	8.214.127.238 8.214.127.238	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
1 1	18.142.16.108 18.142.16.108	16509 (AMAZON-02) (AMAZON-02)
1 1	20.72.149.136 20.72.149.136	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	51.195.5.231 51.195.5.231	16276 (OVH) (OVH)
4 4	2a02:fa8:c411... 2a02:fa8:c411:11::760	399104 (CNVR-APAC) (CNVR-APAC)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.114.93.118 3.114.93.118	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:9000:221... 2600:9000:221a:5c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2604:9e00:1:1... 2604:9e00:1:129::2:a01	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	35.213.109.249 35.213.109.249	15169 (GOOGLE) (GOOGLE)
2 2	103.229.206.241 103.229.206.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	3.115.90.45 3.115.90.45	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	54.81.207.173 54.81.207.173	14618 (AMAZON-AES) (AMAZON-AES)
1 1	150.95.47.225 150.95.47.225	7506 (INTERQ GM...) (INTERQ GMO Internet)
1 2	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
4	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
5	23.51.209.108 23.51.209.108	16625 (AKAMAI-AS) (AKAMAI-AS)
4	103.231.99.78 103.231.99.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	18.65.200.18 18.65.200.18	16509 (AMAZON-02) (AMAZON-02)
2 2	18.65.166.28 18.65.166.28	16509 (AMAZON-02) (AMAZON-02)
19	103.231.99.80 103.231.99.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	18.176.220.106 18.176.220.106	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
3 3	202.131.200.84 202.131.200.84	17941 (BIT-ISLE ...) (BIT-ISLE Equinix Japan Enterprise K.K.)
1 1	202.131.200.82 202.131.200.82	17941 (BIT-ISLE ...) (BIT-ISLE Equinix Japan Enterprise K.K.)
1	18.179.236.28 18.179.236.28	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	54.199.19.64 54.199.19.64	16509 (AMAZON-02) (AMAZON-02)
1 1	172.104.105.5 172.104.105.5	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	119.9.108.211 119.9.108.211	45187 (RACKSPACE...) (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1 1	124.146.215.49 124.146.215.49	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
1	2406:da18:929... 2406:da18:929:5a01:c333:e796:2dd0:7cd2	16509 (AMAZON-02) (AMAZON-02)
2 2	18.178.52.42 18.178.52.42	16509 (AMAZON-02) (AMAZON-02)
2	103.231.99.81 103.231.99.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.84.60.20 185.84.60.20	198622 (ADFORM) (ADFORM)
1 1	2001:df2:a300... 2001:df2:a300:bbbb::135	6336 (TURN-US-ASN) (TURN-US-ASN)
4	212.77.98.32 212.77.98.32	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
1	2606:4700:10:... 2606:4700:10::ac43:8ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	212.77.98.9 212.77.98.9	() ()
1 1	2a04:4e42::300 2a04:4e42::300	() ()
1	151.101.65.44 151.101.65.44	() ()
1	35.213.11.27 35.213.11.27	() ()
1	18.182.144.2 18.182.144.2	() ()
1 1	2620:116:800e... 2620:116:800e:21:747b:e406:75eb:a1e0	() ()
463	64

25 2606:4700:3035::6815:2196 (United States)

ASN13335 (CLOUDFLARENET, US)

ja.scriptcult.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scriptcult.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:221a:3a00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.90.194.65 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

g3news.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
040a934b06.6c25910c97.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::ac43:9286 (United States)

ASN13335 (CLOUDFLARENET, US)

scriptcult.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.42.194 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.120.254 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ap15.adplayer.pro

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 103.43.90.54 (Singapore, Singapore) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.231.99.77 (Japan)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:fa8:c411:12::1140 (United States)

ASN399104 (CNVR-APAC, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:808::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:81e::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2404:6800:4004:80c::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:812::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:80c::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:80b::2004 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.174.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s28-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.180.64.123 (Carlsbad, United States) 1 redirects

ASN62961 (BISNET1, US)
PTR: 66-180-64-123.blueshift.net

924-img.c3tag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:81c::2001 (Australia)

ASN15169 (GOOGLE, US)

a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:140b:400:1a9::4469 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::200a (Australia)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.233.84.8 (Japan) 3 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.8.154 (United States)

ASN15169 (GOOGLE, US)
PTR: tb-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.217.174.98 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.51.209.187 (Tokyo, Japan) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-209-187.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:820::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.42.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.149.43.113 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 113.43.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ae1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ae1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.228.220.78 (Singapore, Singapore) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-220-78.ap-southeast-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 161.202.200.114 (Tokyo, Japan) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 72.c8.caa1.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.213.12.39 (Tokyo, Japan) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.255 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.214.127.238 (Singapore) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.142.16.108 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-16-108.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.72.149.136 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.5.231 (France)

ASN16276 (OVH, FR)
PTR: p35.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:fa8:c411:11::760 (United States) 4 redirects

ASN399104 (CNVR-APAC, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.93.118 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-93-118.ap-northeast-1.compute.amazonaws.com

v9999.adv.admeme.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:221a:5c00:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:9e00:1:129::2:a01 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.torchad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com

y.one.impact-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.206.241 (Singapore) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.115.90.45 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-90-45.ap-northeast-1.compute.amazonaws.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.207.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-207-173.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.95.47.225 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-225.a00c.g.jpt1.static.cnode.io

sync.dsp.reemo-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::b (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.51.209.108 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-209-108.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.231.99.78 (Japan)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.200.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-200-18.nrt57.r.cloudfront.net

cr-p10.ladsp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.166.28 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-166-28.nrt57.r.cloudfront.net

cr-pall.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 103.231.99.80 (Japan)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (Singapore) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.176.220.106 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-220-106.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.131.200.84 (Japan) 3 redirects

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.131.200.82 (Japan) 1 redirects

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)

sync-tapi.admatrix.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.179.236.28 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-236-28.ap-northeast-1.compute.amazonaws.com

dps.jp.cinarra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.199.19.64 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-19-64.ap-northeast-1.compute.amazonaws.com

adsd-sync.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.105.5 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1715-5.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.9.108.211 (Kowloon, Hong Kong) 1 redirects

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uip.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.49 (Shibuya, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.229.2 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a01:c333:e796:2dd0:7cd2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.178.52.42 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-52-42.ap-northeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.99.81 (Japan)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.20 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df2:a300:bbbb::135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl

std.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)

sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.77.98.9 (None, )

ASN- ()

www.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (None, ) 1 redirects

ASN- ()

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (None, )

ASN- ()

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.213.11.27 (None, )

ASN- ()

docker.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.182.144.2 (None, )

ASN- ()

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:747b:e406:75eb:a1e0 (None, ) 1 redirects

ASN- ()

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
102	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124 a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com	821 KB
73	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 ad.doubleclick.net — Cisco Umbrella Rank: 195 static.doubleclick.net — Cisco Umbrella Rank: 356 bid.g.doubleclick.net — Cisco Umbrella Rank: 452 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	560 KB
53	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7373 c.mgid.com — Cisco Umbrella Rank: 5668 cdn.mgid.com — Cisco Umbrella Rank: 9908 servicer.mgid.com — Cisco Umbrella Rank: 7619 s-img.mgid.com — Cisco Umbrella Rank: 6584 cm.mgid.com — Cisco Umbrella Rank: 1572	865 KB
33	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459 ads.pubmatic.com — Cisco Umbrella Rank: 473 image6.pubmatic.com — Cisco Umbrella Rank: 595 simage2.pubmatic.com — Cisco Umbrella Rank: 552 image2.pubmatic.com — Cisco Umbrella Rank: 1032 image4.pubmatic.com — Cisco Umbrella Rank: 848 simage4.pubmatic.com — Cisco Umbrella Rank: 1179	52 KB
30	scriptcult.com ja.scriptcult.com scriptcult.com	818 KB
26	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 241 acdn.adnxs.com — Cisco Umbrella Rank: 565	86 KB
16	gstatic.com www.gstatic.com fonts.gstatic.com	176 KB
13	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	11 KB
12	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	397 KB
12	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 30767 www.wp.pl	82 KB
11	doubleverify.com 1 redirects cdn.doubleverify.com — Cisco Umbrella Rank: 464 rtb0.doubleverify.com — Cisco Umbrella Rank: 616 tps.doubleverify.com — Cisco Umbrella Rank: 433 tpsc-ae1.doubleverify.com — Cisco Umbrella Rank: 156364 rtbc-ae1.doubleverify.com — Cisco Umbrella Rank: 210855	119 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 imasdk.googleapis.com — Cisco Umbrella Rank: 418	132 KB
10	connectad.io i.connectad.io — Cisco Umbrella Rank: 7893 cdn.connectad.io — Cisco Umbrella Rank: 5022 sync-eu.connectad.io — Cisco Umbrella Rank: 3639	3 KB
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	1 KB
8	dotomi.com 4 redirects web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2218 dclk-match.dotomi.com — Cisco Umbrella Rank: 2859 pubmatic-match.dotomi.com	2 KB
8	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1056	4 KB
6	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864 dis.criteo.com — Cisco Umbrella Rank: 691 widget.eu.criteo.com — Cisco Umbrella Rank: 24206	2 KB
6	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	4 KB
6	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 4833 c1.adform.net — Cisco Umbrella Rank: 608	1 KB
4	wpcdn.pl std.wpcdn.pl — Cisco Umbrella Rank: 36962	136 KB
4	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 41946	1 KB
4	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5646	716 B
4	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1204	247 B
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2853	70 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470 ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	2 KB
3	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1250 uip.semasio.net — Cisco Umbrella Rank: 15393	1 KB
3	ad-m.asia 3 redirects sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3657	1 KB
3	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 745	2 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 876	2 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	122 KB
3	microad.jp 3 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 10567	1 KB
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	655 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	990 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 560	747 B
2	ladsp.com 2 redirects cr-pall.ladsp.com — Cisco Umbrella Rank: 3937	1 KB
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1548	581 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5289	1 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 421	1 KB
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 707	878 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 808 s.tribalfusion.com — Cisco Umbrella Rank: 2305	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 588	1 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2366	23 KB
2	stat-rock.com serving.stat-rock.com — Cisco Umbrella Rank: 21930	98 KB
2	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 24188	29 KB
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 24472	234 KB
1	quantserve.com 1 redirects pixel.quantserve.com	542 B
1	gumgum.com rtb.gumgum.com	209 B
1	creative-serving.com docker.creative-serving.com	266 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 770	518 B
1	gammaplatform.com 1 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 27149	740 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1948	907 B
1	appier.net 1 redirects gocm.c.appier.net — Cisco Umbrella Rank: 2591	395 B
1	adtdp.com 1 redirects adsd-sync.amanad.adtdp.com — Cisco Umbrella Rank: 14396	721 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 24987	459 B
1	cinarra.com dps.jp.cinarra.com — Cisco Umbrella Rank: 20180	220 B
1	admatrix.jp 1 redirects sync-tapi.admatrix.jp — Cisco Umbrella Rank: 79014	622 B
1	uncn.jp 1 redirects ds.uncn.jp — Cisco Umbrella Rank: 15894	455 B
1	ladsp.jp 1 redirects cr-p10.ladsp.jp — Cisco Umbrella Rank: 119638	311 B
1	reemo-ad.jp 1 redirects sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 122732	329 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 973	733 B
1	impact-ad.jp y.one.impact-ad.jp — Cisco Umbrella Rank: 2721	218 B
1	torchad.com rtb2-useast.torchad.com — Cisco Umbrella Rank: 20147	233 B
1	admeme.net 1 redirects v9999.adv.admeme.net — Cisco Umbrella Rank: 177765	303 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 596	1009 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 3360	1000 B
1	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 637	354 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372	321 B
1	c3tag.com 1 redirects 924-img.c3tag.com — Cisco Umbrella Rank: 41576	662 B
1	6c25910c97.com 040a934b06.6c25910c97.com	199 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	417 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 35961	249 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 440	1 KB
1	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 148236	7 KB
1	cstwpush.com cst.cstwpush.com — Cisco Umbrella Rank: 99308	598 B
1	g3news.biz g3news.biz — Cisco Umbrella Rank: 354456	15 KB
0	loopme.me Failed csync.loopme.me Failed
0	netmng.com Failed google2waycm.netmng.com Failed
463	77

	Domain	Requested by
54	tpc.googlesyndication.com	googleads.g.doubleclick.net a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com tpc.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com
44	pagead2.googlesyndication.com	ja.scriptcult.com pagead2.googlesyndication.com googleads.g.doubleclick.net a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com ad.doubleclick.net
29	scriptcult.com	ja.scriptcult.com scriptcult.com
28	s-img.mgid.com	ja.scriptcult.com
26	cm.g.doubleclick.net	8 redirects a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com ja.scriptcult.com
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ja.scriptcult.com a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
22	ib.adnxs.com	6 redirects get.optad360.io acdn.adnxs.com
15	simage2.pubmatic.com	ads.pubmatic.com
13	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
12	www.googletagservices.com	googleads.g.doubleclick.net a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
10	fonts.googleapis.com	googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
8	www.gstatic.com	googleads.g.doubleclick.net
8	ssp.wp.pl	get.optad360.io
8	onetag-sys.com	get.optad360.io
8	jsc.mgid.com	ja.scriptcult.com jsc.mgid.com
7	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
6	x.bidswitch.net	6 redirects
6	googleads4.g.doubleclick.net	googleads.g.doubleclick.net ad.doubleclick.net
6	servicer.mgid.com	jsc.mgid.com
5	ads.pubmatic.com	get.optad360.io ads.pubmatic.com
5	cdn.doubleverify.com	1 redirects a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com cdn.doubleverify.com ja.scriptcult.com
5	ad.doubleclick.net	2 redirects googleads.g.doubleclick.net ja.scriptcult.com www.googletagservices.com
5	www.google.com	1 redirects googleads.g.doubleclick.net a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com tpc.googlesyndication.com
5	c.mgid.com	jsc.mgid.com ja.scriptcult.com
4	www.wp.pl	std.wpcdn.pl
4	std.wpcdn.pl	ssp.wp.pl
4	image2.pubmatic.com	ads.pubmatic.com
4	image6.pubmatic.com	ads.pubmatic.com
4	cdn.connectad.io	get.optad360.io
4	acdn.adnxs.com	get.optad360.io
4	a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	cdn.mgid.com	ja.scriptcult.com
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	adservice.google.co.jp	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	prebid-eu.creativecdn.com	get.optad360.io
4	web.hb.ad.cpe.dotomi.com	get.optad360.io
4	prebid.a-mo.net	get.optad360.io
4	i.connectad.io	get.optad360.io
4	adx.adform.net	get.optad360.io
4	mc.yandex.ru	1 redirects ja.scriptcult.com
3	sync-dsp.ad-m.asia	3 redirects
3	tpsc-ae1.doubleverify.com	a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com cdn.doubleverify.com
3	um.simpli.fi	2 redirects ads.pubmatic.com
3	pm.w55c.net	3 redirects
3	s0.2mdn.net	googleads.g.doubleclick.net a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
3	bid.g.doubleclick.net	googleads.g.doubleclick.net
3	s-cs.send.microad.jp	3 redirects
3	static.doubleclick.net	googleads.g.doubleclick.net
3	hbopenbid.pubmatic.com	get.optad360.io
2	pubmatic-match.dotomi.com	2 redirects
2	sync-eu.connectad.io	cdn.connectad.io
2	c1.adform.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	match.adsrvr.org	2 redirects
2	uip.semasio.net	1 redirects ads.pubmatic.com
2	sync-tm.everesttech.net	2 redirects
2	cr-pall.ladsp.com	2 redirects
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	rtb.openx.net	2 redirects
2	pool.admedo.com	2 redirects
2	sync.mathtag.com	2 redirects
2	s.ad.smaato.net	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	cm.mgid.com	jsc.mgid.com
2	script.4dex.io	get.optad360.io script.4dex.io
2	serving.stat-rock.com	get.optad360.io ja.scriptcult.com
2	js.wpadmngr.com	cst.cstwpush.com js.wpadmngr.com
2	get.optad360.io	ja.scriptcult.com get.optad360.io
1	pixel.quantserve.com	1 redirects
1	rtb.gumgum.com
1	docker.creative-serving.com	ads.pubmatic.com
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	rtbc-ae1.doubleverify.com	cdn.doubleverify.com
1	ad.turn.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	cm-supply-web.gammaplatform.com	1 redirects
1	tg.socdm.com	1 redirects
1	uipglob.semasio.net	1 redirects
1	gocm.c.appier.net	1 redirects
1	adsd-sync.amanad.adtdp.com	1 redirects
1	ipac.ctnsnet.com	1 redirects
1	dps.jp.cinarra.com	ads.pubmatic.com
1	sync-tapi.admatrix.jp	1 redirects
1	ds.uncn.jp	1 redirects
1	widget.eu.criteo.com	ads.pubmatic.com
1	dis.criteo.com	1 redirects
1	cr-p10.ladsp.jp	1 redirects
1	sync.dsp.reemo-ad.jp	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	tps.doubleverify.com	cdn.doubleverify.com
1	y.one.impact-ad.jp	a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
1	rtb2-useast.torchad.com	a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
1	v9999.adv.admeme.net	1 redirects
1	s.tribalfusion.com	a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	id5-sync.com	a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
1	sync.inmobi.com	1 redirects
1	match.sharethrough.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	imasdk.googleapis.com	serving.stat-rock.com
1	924-img.c3tag.com	1 redirects
1	040a934b06.6c25910c97.com	js.wpadmngr.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	na.nawpush.com	js.wpadmngr.com
1	cdn.jsdelivr.net	get.optad360.io
1	cdn.zx-adnet.com	ja.scriptcult.com
1	cst.cstwpush.com	ja.scriptcult.com
1	g3news.biz	ja.scriptcult.com
1	ja.scriptcult.com
0	csync.loopme.me Failed	ads.pubmatic.com
0	google2waycm.netmng.com Failed	a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
463	118

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
widgets.mgid.com
www.mgid.com
scriptcult.com
ar.scriptcult.com
cs.scriptcult.com
da.scriptcult.com
el.scriptcult.com
es.scriptcult.com
et.scriptcult.com
fi.scriptcult.com
fr.scriptcult.com
hi.scriptcult.com
hr.scriptcult.com
hu.scriptcult.com
id.scriptcult.com
it.scriptcult.com
iw.scriptcult.com
ko.scriptcult.com
lt.scriptcult.com
lv.scriptcult.com
nl.scriptcult.com
no.scriptcult.com
pl.scriptcult.com
pt.scriptcult.com
ro.scriptcult.com
ru.scriptcult.com
sk.scriptcult.com
sl.scriptcult.com
sr.scriptcult.com
sv.scriptcult.com
th.scriptcult.com
tr.scriptcult.com
uk.scriptcult.com
vi.scriptcult.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
1.ne04.biz R3	`2021-12-12` - `2022-03-12`	3 months	crt.sh
cst.cstwpush.com R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
js.wpadmngr.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
www.drivermanager.club GTS CA 1D4	`2022-01-07` - `2022-04-07`	3 months	crt.sh
na.nawpush.com R3	`2021-12-12` - `2022-03-12`	3 months	crt.sh
serving.stat-rock.com R3	`2021-12-26` - `2022-03-26`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
*.a-mo.net R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
*.wp.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-05` - `2022-03-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.google.co.jp GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
040a934b06.6c25910c97.com R3	`2022-01-19` - `2022-04-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.torchad.com AlphaSSL CA - SHA256 - G2	`2021-09-20` - `2022-10-22`	a year	crt.sh
y.one.impact-ad.jp Sectigo RSA Domain Validation Secure Server CA	`2020-03-17` - `2022-03-20`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.jp.cinarra.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-03` - `2022-06-03`	2 years	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.wpcdn.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-14` - `2022-05-15`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.creative-serving.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-23` - `2022-04-03`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh

This page contains 77 frames:

Primary Page: https://ja.scriptcult.com/open-acsup-files-905
Frame ID: 39D882E1F0B18913B395F5B657EF6887
Requests: 170 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: 9E4D7C5ADF465656C6B6491DFE69C62E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&adk=1812271804&adf=3025194257&lmt=1643720889&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888955&bpp=2&bdt=299&idt=348&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=420879156007&frm=20&pv=2&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=362
Frame ID: FB3427A44A0D539ED11D12DC150D03FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=2664236338&adk=3842632652&adf=3501923860&pi=t.ma~as.2664236338&w=1200&fwrn=4&fwrnh=100&lmt=1643720889&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888957&bpp=2&bdt=301&idt=379&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zmMoroen6U&p=https%3A//ja.scriptcult.com&dtd=384
Frame ID: ED8B73E52D9CBEAF5946056FD3CA93B2
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=9063506610&adk=2157201699&adf=177543962&pi=t.ma~as.9063506610&w=800&fwrn=4&fwrnh=100&lmt=1643720889&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888959&bpp=1&bdt=302&idt=398&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jns0YK9wMS&p=https%3A//ja.scriptcult.com&dtd=402
Frame ID: 4C6FAA46B48CE2572A3EB0BFE2EE0DCD
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=3645182774&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888960&bpp=1&bdt=304&idt=416&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=GK22Sd03lm&p=https%3A//ja.scriptcult.com&dtd=419
Frame ID: 3712463AD1C32616B2C18F9C99810C70
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888961&bpp=1&bdt=305&idt=470&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cHirxoRVx9&p=https%3A//ja.scriptcult.com&dtd=472
Frame ID: 309BE90F69C17DCA952C17583506174D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1643720889&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720889021&bpp=1&bdt=365&idt=445&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D02a7eb32686ca68a-22daa14b50d0000d%3AT%3D1643720889%3ART%3D1643720889%3AS%3DALNI_MaLmQmYFStckSBg6sl09TF5UIvOvg&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=uaQuywA3pT&p=https%3A//ja.scriptcult.com&dtd=448
Frame ID: 908692366F5423E83730504DB65DDDD2
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js
Frame ID: AF2A47C3156691F3BB1416095BD36EBA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6856188F529E1B609517FC9CB48258CA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Frame ID: C6D9A616D242BDA623ECC4135131EA25
Requests: 13 HTTP requests in this frame

Frame: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 056BD5E83A6CFBFF1D6A90581D506A6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 03D741AA8388D67377A96FB087D82F7C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js
Frame ID: 7C8BA4EFFCE20774F50965320A96F30F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js
Frame ID: 83DD3AE97DC47F1A2427DD47CDD3DBF2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js
Frame ID: 2A235686784CE4C33176D983918EE8EC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js
Frame ID: D799E27A4C091E9C91418A36A468BF82
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%B4%BBI%E3%83%89%E4%BF%AE%E6%80%A7%E3%81%8D%E3%81%A8%E7%9F%AD%E3%83%90%E3%83%AB%E7%A2%BA%E3%80%81%E3%82%B3%E3%81%AB%E5%85%B1%E5%85%A8%20D%E3%82%84%E3%81%97%E6%99%82%E9%96%8B%E3%81%99%E3%81%B0%E3%82%8B%E3%82%82%E3%81%A7%E7%B8%AE%E3%83%93%E6%AD%A3%E3%81%AE%E3%83%BC%E4%BF%9D%E3%82%92%E5%AE%89%E3%83%84C%E3%80%82%E3%82%87%E3%81%BE%E3%81%86%E3%81%8F%E9%96%93%E3%82%B0%2F%E7%94%A8
Frame ID: A1FA87931289E398297DDF2EC565093E
Requests: 8 HTTP requests in this frame

Frame: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D1B1487F15FBEF40A66275D255BA8D1F
Requests: 25 HTTP requests in this frame

Frame: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E2CF6F121ED8942B8DAC4B13C855D36B
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js
Frame ID: 74B6665E8FE1D9F0147AC0643E65ECD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj194pkMAE&v=APEucNVK_fWoZ28i33NMUT40yY6AnSIRQLmFmQr601WKNSn0c9vWhPGoe0OA4zhTqeBzu0UkSQLNp0eAa4C61nXBUDoqkNNuAw
Frame ID: E97A97B2131CC899C8B20CACD92B7F73
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYr5r7pwEwAQ&v=APEucNURMe9RMm_mAimf6Ptq95u02cnUXFuoNgsdNw-JMEO0ZBTXNCLvFGF6N_7iFUxCL0uJU1D7enHZ0IJLtEq_ttijxwVOSA
Frame ID: 206BBBFF706804871978075F8325AC09
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js
Frame ID: 9182B475AFDB58E6DAB3C6608758482D
Requests: 1 HTTP requests in this frame

Frame: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6E4D99F278C17A95436115EBFD564833
Requests: 14 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1643720891171518593857
Frame ID: 3201F8DF5F93CF3DAFC6F626E0CECB3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYyLnnwAEwAQ&v=APEucNXXlJ0jVhXW5O0LXOfDfWm393fnpKrrGDI3ArADr6y9m_qkcX8_ZD7mOCtBk-CQrhXvBV0E0m1aLBQAuezGpR2j7xVwYg
Frame ID: 326661A2845FD689BD29FA73ECD10850
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A04F33B8CE06264B8644AB18BDE4A980
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3B6AE5B3EDB79C787D7E9748B04B4B66
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C4CD6B0B779BFC9AB9F5FE5CA93C7E07
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9F23C5B9BD6047E02E5EB6E1259178AD
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DDA64B7798BCF65C062397FA58EF0E35
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2105.js
Frame ID: E2F44509930AD13190FEE2CFA5267CB8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 72B1677A3FEC6978B9D2FD77593EAC7C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D06932C37BE22438263381CAFBA38799
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5CCC5A032EB79A99B8E94D703D6F5ABA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E157884554FF0C1BC0E2F09783BE740C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 06FEC1A18776B05D7111BE129EACDCDE
Requests: 3 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 8CFED0B9417033CBC0581D3F56FDAB5D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 3694109EB4A9B2349F3953F489E5415B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: B8798D9F4030299D1F3A97B446C736B5
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 8D7D8A6AD240F495ABB13E306E703DB3
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 11D1706161786C8740D0FA45F2E8FDFF
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1643720889553
Frame ID: FA4DA27F3BE4AF157991C1DD5B9F9720
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A75640C35695A3289D05605DFB924E0C
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1643720889553
Frame ID: 9E060B1F53A165C096A6C1E29A3343C2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 3845EDD035BD35AC1F6DA1DE5E936C28
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3CD6A5918A96BD53DB6DE72BBC91C0F6
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 469226F13D11EF4F20BC20C73AFC0007
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 18040474E0EB31A257DC61CE6E3BD606
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1643720889552
Frame ID: 17532B53404066EBBB1D3FB1F19F7148
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Frame ID: 5D3BCDDBA6780AF3E7A87F6EFF297636
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 5189CDEEFAA43809E5F7E292BEACFA09
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 2EC27FDEF4F61F4D6255B9D5193117B0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 713FA5EE223218645F59AD9E7EA1DC22
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 01E6B46D5A0D3BA5F0925ECD42A06050
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYhGs8KrJkzFks8ADjqGv4xlXc8AAAF-tWZj4A
Frame ID: B089582EDFBA5FC630776F2B9F5979F1
Requests: 1 HTTP requests in this frame

Frame: https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2CEA2F38E66B23A585B105FA5922222A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fc9161f9-30bc-4000-aa72-1d8cc0cb5042&gdpr=0&gdpr_consent=
Frame ID: 90AAD1026180F8B1DF8317FAB0CDFF39
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_0d1157bf-e783-42b6-a79f-e7143a8cafdb
Frame ID: 21252C3E6F7D35F1C25AB8E3341E18E1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfkwvQAC8BSvhABB&gdpr=0&gdpr_consent=&_test=YfkwvQAC8BSvhABB
Frame ID: 74084FC1FF413C5697AB277A04E71BCA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=9s5r2FmssoO
Frame ID: 550776FAB008F660AF86A715B7E161A7
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C
Frame ID: 8CABB7A85E4AD89880A0FF9B2F5626CA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=93ce53f86e354fcf9a42fa8e89d53a80
Frame ID: 539C83870EBE23AC9E139AD323B360B5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=ba78c588-b8ed-41a0-a060-d54e09d2c2ce
Frame ID: 35773ADDEDD4CCC8A19A88F542E0DFB5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=YqUApL0xCzKl729dvTD5YQ
Frame ID: 541E6C9E1B4146817E068A4E08827954
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 4125447BFD330EF4E76449A103A3C290
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: B41F8FC52E4B4981645E6F0F1F49ED93
Requests: 1 HTTP requests in this frame

Frame: https://www.wp.pl/MzE2NTg4YhskUDhnSE9vDmcIbDcXXBIJMVZseEVrb0BnbRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELRRhvD2cIbHsQRCcJKVssew9BL1QtRiM4RUk
Frame ID: A08534D6477594E0EBA027A01F3D863D
Requests: 1 HTTP requests in this frame

Frame: https://www.wp.pl/MzE2NTg4YhskUDhnSE9vDmcIbDcXXBIJMVZseEVrb0BnbRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELRRhvD2cIbHsQRCcJKVssew9BL1QtRiM4RUk
Frame ID: 1BDA6891BDB550FCE9038B1D12E3E575
Requests: 1 HTTP requests in this frame

Frame: https://www.wp.pl/MzE2NTg4YhskUDhnSE9vDmcIbDcXXBIJMVZseEVrb0BnbRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELRRhvD2cIbHsQRCcJKVssew9BL1QtRiM4RUk
Frame ID: ED7E820BCEB485A4BE6D0198F2AB8DC3
Requests: 1 HTTP requests in this frame

Frame: https://www.wp.pl/MzE2NTg4YhskUDhnSE9vDmcIbDcXXBIJMVZseEVrb0BnbRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELRRhvD2cIbHsQRCcJKVssew9BL1QtRiM4RUk
Frame ID: 99BE30225811C031EC653A053DA48A46
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2ee0a43b-2fa2-4db6-8601-3188d4d380b7-tuct8f2b640&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 15878EC3846187D56B795E98CFAE6B6C
Requests: 1 HTTP requests in this frame

Frame: https://docker.creative-serving.com/cm
Frame ID: 46B70FA3C338B37DF47D91A641BAEA2B
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Frame ID: 8E41DB53D87E5379C40C1EDEB9E1F7D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8boIEac11NeSTh5&gdpr=0&gdpr_consent=
Frame ID: 4C383749D2102D80B55E3DA33E8D5993
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:002C1E8793DF4F9595CED7F83FEDBC7B
Frame ID: 643DABD56E7A4EC7028BFD570BBED941
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ACSUPファイル-2020年に.ACSUPファイルを開く最も簡単な方法 - 拡張 - 2022

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

463
Requests

88 %
HTTPS

32 %
IPv6

77
Domains

118
Subdomains

64
IPs

12
Countries

4859 kB
Transfer

11541 kB
Size

100
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=ja.scriptcult.com&utm_medium=referral&utm_campaign=widgets&utm_content=1228643

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805608/i/57561560/0/pp/1/1?h=e_l0QqkJV-6eOaoLj07cbqOGcP5GIMNk4abLguAavSBnDRg-Bn1_RH4T-4kZA1nP&rid=0135cff3-8360-11ec-958a-2cea7f934475&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11533456/i/57561560/0/pp/2/1?h=e_l0QqkJV-6eOaoLj07cbmOC07SuS0QNRn6vSQoZPN35f-41XSo7eL5bT92Pi7bU&rid=0135cff3-8360-11ec-958a-2cea7f934475&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11533314/i/57561560/0/pp/3/1?h=e_l0QqkJV-6eOaoLj07cbg0I8oso42o726TNLUIjlMKhT6WJikc5G4gzcYIKYcKo&rid=0135cff3-8360-11ec-958a-2cea7f934475&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164860/i/57561560/0/pp/4/1?h=e_l0QqkJV-6eOaoLj07cbuZtvU1u0pDDuF4CNPunJDTGs-dkmDSEDDEV0_djylAm&rid=0135cff3-8360-11ec-958a-2cea7f934475&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164872/i/57561560/0/pp/5/1?h=e_l0QqkJV-6eOaoLj07cbr92cStZ2j4qLfvg-_Pq437jV8KkoqTLBcCz1UdmgB29&rid=0135cff3-8360-11ec-958a-2cea7f934475&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=ja.scriptcult.com&utm_medium=referral&utm_campaign=widgets&utm_content=1228644

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805604/i/57561561/0/pp/1/1?h=45pZMhsazT2RbLnJcUx6f-QbW5TVuIefzJUOYBFir-rdmidpjlVD5oWmicwfQokD&rid=01514d48-8360-11ec-958a-2cea7f934475&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=ja.scriptcult.com&utm_medium=referral&utm_campaign=widgets&utm_content=1228650

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193496/i/57561567/0/pp/1/1?h=aL-xXMrS71z5fKOdRYxh9az4PysXRoaRD6a_zCVDwbYIDOexOcqe4RKhA7uZEDaI&rid=0135e8b8-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11533485/i/57561567/0/pp/2/1?h=aL-xXMrS71z5fKOdRYxh9cxIkbObu7yEyzJOTuK8phrg9IA8KIRWL0yol4nzXdsy&rid=0135e8b8-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11533323/i/57561567/0/pp/3/1?h=aL-xXMrS71z5fKOdRYxh9X0axvuQF2G2r348LZJh7pQA2fytyYdA3LH4JYVXBQ93&rid=0135e8b8-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/10839579/i/57561567/0/pp/1/1?h=aL-xXMrS71z5fKOdRYxh9U0iDvA8Tzjvg0jCyfHBKzhRVmpp8sG8qNEQBgd9FaQG&rid=0136a3e3-8360-11ec-80f4-2cea7f92274e&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805431/i/57561567/0/pp/2/1?h=aL-xXMrS71z5fKOdRYxh9fbKl_NJ3A9w8hhpGLMPEM0OZ-jifJUoYyTmYhze27du&rid=0136a3e3-8360-11ec-80f4-2cea7f92274e&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/12068044/i/57561567/0/pp/3/1?h=aL-xXMrS71z5fKOdRYxh9YjMhrr3V7KXj8NytBL-_1hVL-XDOld_Miy5fk9_UaKD&rid=0136a3e3-8360-11ec-80f4-2cea7f92274e&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=ja.scriptcult.com&utm_medium=referral&utm_campaign=widgets&utm_content=1228642

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11533314/i/57561559/0/pp/1/1?h=joZi4HO6gBFZES9WtE5yqA0I8oso42o726TNLUIjlMKAkL8-YgnOdFUKvdvqQEW9&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6946113/i/57561559/0/pp/2/1?h=joZi4HO6gBFZES9WtE5yqPptRljF7AP4i9FM_wkOi184MFdG5v6fGwCBRGjWw557&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164907/i/57561559/0/pp/3/1?h=joZi4HO6gBFZES9WtE5yqMntARUKECv-p45PN0xLBSBMKPn9NIYEw2e7QM5pzKPl&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11533462/i/57561559/0/pp/4/1?h=joZi4HO6gBFZES9WtE5yqCIeWlMHfQaJsKHUhA9znnwr8OkNgU4WdOjRDinEo7Ug&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5523133/i/57561559/0/pp/5/1?h=joZi4HO6gBFZES9WtE5yqMnfB_vkQUMaj5s2Q-5PpM0J6DFYtSSIOwEZ326GdoDG&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11533285/i/57561559/0/pp/6/1?h=joZi4HO6gBFZES9WtE5yqAwDe3z5olNQZD-TnexhpS0Ef6F4dX87FoDKw-2yE4Qc&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805454/i/57561559/0/pp/7/1?h=joZi4HO6gBFZES9WtE5yqOjSrb0qq6vs6FIKDIJ0DaftYSdmY-zGYqdpG8J3O9Y1&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164924/i/57561559/0/pp/8/1?h=joZi4HO6gBFZES9WtE5yqFuN8hPrHzaattZefd47HmXRtwZbRm3C5X5lSXHRELQv&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/12068019/i/57561559/0/pp/9/1?h=joZi4HO6gBFZES9WtE5yqEE7K-4gcR44LQS-QTURHWRyI5mkduOUsd6b09wjMdJb&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11533310/i/57561559/0/pp/10/1?h=joZi4HO6gBFZES9WtE5yqK56woCoeRlEL9UdI6jtiPDgy7fFFOMP6zUeR7TlLrvW&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/10881009/i/57561559/0/pp/11/1?h=joZi4HO6gBFZES9WtE5yqC_ounDB5xZISIbV0HzTFFvmaetKn1WksErVW4wQHcrm&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11533332/i/57561559/0/pp/12/1?h=joZi4HO6gBFZES9WtE5yqP82eMfJ3Ak7JBxy846ymlVq1uf_3nPTlndj0qyVQJco&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/12068036/i/57561559/0/pp/13/1?h=joZi4HO6gBFZES9WtE5yqPyETIs90FdJ1X2i3ndyrk_EAUi2-prSKT_S0JcyKvZd&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805579/i/57561559/0/pp/14/1?h=joZi4HO6gBFZES9WtE5yqAmn1aF7t4acBYSLf1f-CdmYWwHaUP7EG_hHH0JKyNbi&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11533289/i/57561559/0/pp/15/1?h=joZi4HO6gBFZES9WtE5yqAPx5tlXY45F5YnU2nJUtbhlusvGgijYRzWi_UjU-fAe&rid=0140349a-8360-11ec-b342-2cea7f942996&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/12068020/i/57561561/0/pp/1/1?h=45pZMhsazT2RbLnJcUx6f81KkddTvsAvjfSZ4xqvlvwKU1WMxesVV97v9rhSNtmw&rid=01513745-8360-11ec-80f4-2cea7f92274e&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=0&st=540&muid=m11aS7lknG85

Search URL Search Domain Scan URL

URL: https://scriptcult.com/open-acsup-files-905
Title: scriptcult

Search URL Search Domain Scan URL

URL: https://ar.scriptcult.com/open-acsup-files-905
Title: ar

Search URL Search Domain Scan URL

URL: https://cs.scriptcult.com/open-acsup-files-905
Title: cs

Search URL Search Domain Scan URL

URL: https://da.scriptcult.com/open-acsup-files-905
Title: da

Search URL Search Domain Scan URL

URL: https://el.scriptcult.com/open-acsup-files-905
Title: el

Search URL Search Domain Scan URL

URL: https://es.scriptcult.com/open-acsup-files-905
Title: es

Search URL Search Domain Scan URL

URL: https://et.scriptcult.com/open-acsup-files-905
Title: et

Search URL Search Domain Scan URL

URL: https://fi.scriptcult.com/open-acsup-files-905
Title: fi

Search URL Search Domain Scan URL

URL: https://fr.scriptcult.com/open-acsup-files-905
Title: fr

Search URL Search Domain Scan URL

URL: https://hi.scriptcult.com/open-acsup-files-905
Title: hi

Search URL Search Domain Scan URL

URL: https://hr.scriptcult.com/open-acsup-files-905
Title: hr

Search URL Search Domain Scan URL

URL: https://hu.scriptcult.com/open-acsup-files-905
Title: hu

Search URL Search Domain Scan URL

URL: https://id.scriptcult.com/open-acsup-files-905
Title: id

Search URL Search Domain Scan URL

URL: https://it.scriptcult.com/open-acsup-files-905
Title: it

Search URL Search Domain Scan URL

URL: https://iw.scriptcult.com/open-acsup-files-905
Title: iw

Search URL Search Domain Scan URL

URL: https://ko.scriptcult.com/open-acsup-files-905
Title: ko

Search URL Search Domain Scan URL

URL: https://lt.scriptcult.com/open-acsup-files-905
Title: lt

Search URL Search Domain Scan URL

URL: https://lv.scriptcult.com/open-acsup-files-905
Title: lv

Search URL Search Domain Scan URL

URL: https://nl.scriptcult.com/open-acsup-files-905
Title: nl

Search URL Search Domain Scan URL

URL: https://no.scriptcult.com/open-acsup-files-905
Title: no

Search URL Search Domain Scan URL

URL: https://pl.scriptcult.com/open-acsup-files-905
Title: pl

Search URL Search Domain Scan URL

URL: https://pt.scriptcult.com/open-acsup-files-905
Title: pt

Search URL Search Domain Scan URL

URL: https://ro.scriptcult.com/open-acsup-files-905
Title: ro

Search URL Search Domain Scan URL

URL: https://ru.scriptcult.com/open-acsup-files-905
Title: ru

Search URL Search Domain Scan URL

URL: https://sk.scriptcult.com/open-acsup-files-905
Title: sk

Search URL Search Domain Scan URL

URL: https://sl.scriptcult.com/open-acsup-files-905
Title: sl

Search URL Search Domain Scan URL

URL: https://sr.scriptcult.com/open-acsup-files-905
Title: sr

Search URL Search Domain Scan URL

URL: https://sv.scriptcult.com/open-acsup-files-905
Title: sv

Search URL Search Domain Scan URL

URL: https://th.scriptcult.com/open-acsup-files-905
Title: th

Search URL Search Domain Scan URL

URL: https://tr.scriptcult.com/open-acsup-files-905
Title: tr

Search URL Search Domain Scan URL

URL: https://uk.scriptcult.com/open-acsup-files-905
Title: uk

Search URL Search Domain Scan URL

URL: https://vi.scriptcult.com/open-acsup-files-905
Title: vi

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 162

https://mc.yandex.ru/watch/53505307?wmode=7&page-url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqe37688zjz%3Afp%3A805%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A205002047509%3Ahid%3A876940836%3Az%3A0%3Ai%3A20220201130810%3Aet%3A1643720890%3Ac%3A1%3Arn%3A18864742%3Arqn%3A1%3Au%3A1643720890410259034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643720888081%3Ads%3A10%2C9%2C548%2C3%2C0%2C0%2C%2C426%2C35%2C%2C%2C%2C997%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643720890%3At%3AACSUP%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB-2020%E5%B9%B4%E3%81%AB.ACSUP%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%92%E9%96%8B%E3%81%8F%E6%9C%80%E3%82%82%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%20-%20%E6%8B%A1%E5%BC%B5%20-%202022&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/53505307/1?wmode=7&page-url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqe37688zjz%3Afp%3A805%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A205002047509%3Ahid%3A876940836%3Az%3A0%3Ai%3A20220201130810%3Aet%3A1643720890%3Ac%3A1%3Arn%3A18864742%3Arqn%3A1%3Au%3A1643720890410259034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643720888081%3Ads%3A10%2C9%2C548%2C3%2C0%2C0%2C%2C426%2C35%2C%2C%2C%2C997%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643720890%3At%3AACSUP%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB-2020%E5%B9%B4%E3%81%AB.ACSUP%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%92%E9%96%8B%E3%81%8F%E6%9C%80%E3%82%82%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%20-%20%E6%8B%A1%E5%BC%B5%20-%202022&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 169

https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B26966257.323563040;dc_trk_aid=515910339;dc_trk_cid=163309495;ord=3533396023;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B26966257.323563040;dc_pre=CJuNlb7J3vUCFYCF6QUdvNMD8A;dc_trk_aid=515910339;dc_trk_cid=163309495;ord=3533396023;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=

Request Chain 188

https://924-img.c3tag.com/v.gif?cid=924&c3ce=700&C3NO=1&adid=2450333238&c3=N349404.134426GOOGLEDISPLAYNETWO-278117076&creative=135238852&redirect=~{https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.278117076;dc_trk_aid=472257882;dc_trk_cid=135238852;ord=2450333238;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?}~ HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.278117076;dc_trk_aid=472257882;dc_trk_cid=135238852;ord=2450333238;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.278117076;dc_pre=CN2ctL7J3vUCFUHZvQodsfgJtw;dc_trk_aid=472257882;dc_trk_cid=135238852;ord=2450333238;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=

Request Chain 230

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 299

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://bid.g.doubleclick.net/xbbe/match/microad?mid=&cmps_error=3

Request Chain 300

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1&C=1

Request Chain 301

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yfkwu9KvDdXI7pm9NdjvpQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1

Request Chain 302

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://bid.g.doubleclick.net/xbbe/match/microad?mid=&cmps_error=3

Request Chain 303

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1&C=1

Request Chain 304

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yfkwu2fl3PxGqu07POLexgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1

Request Chain 324

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://bid.g.doubleclick.net/xbbe/match/microad?mid=&cmps_error=3

Request Chain 325

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1

Request Chain 326

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yfkwu9KvDdXI7pm9NdjvpQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1

Request Chain 332

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHBZBx88WoRTU2qNOj3Xowg&google_cver=1&google_push=AYg5qPJUSAGTAJE6aawBYBVJ8aFnD4bQadX0Lw-vIge1bnm7HPQL2cyYZHiCm9QWWr-wEsqaY3MggYto76lmSR_bdaAcvWgnww HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHBZBx88WoRTU2qNOj3Xowg&google_cver=1&google_push=AYg5qPJUSAGTAJE6aawBYBVJ8aFnD4bQadX0Lw-vIge1bnm7HPQL2cyYZHiCm9QWWr-wEsqaY3MggYto76lmSR_bdaAcvWgnww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGJvSUVhYzExTmVTVGg1&google_gid=CAESEHBZBx88WoRTU2qNOj3Xowg&google_cver=1&google_push=AYg5qPJUSAGTAJE6aawBYBVJ8aFnD4bQadX0Lw-vIge1bnm7HPQL2cyYZHiCm9QWWr-wEsqaY3MggYto76lmSR_bdaAcvWgnww

Request Chain 333

https://um.simpli.fi/gp_match?google_gid=CAESENOqX49L_0Ke4ej8uPKI-Qk&google_cver=1&google_push=AYg5qPKgwjXELjmN-cSeX_SSxuawxwesTPYJyImHGiM6vtSuBbjjqtXTJST8UMUvK1T6FudpTYgTVgJQoNbgumOnAdxrDnmKg8c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=002C1E8793DF4F9595CED7F83FEDBC7B&google_push=AYg5qPKgwjXELjmN-cSeX_SSxuawxwesTPYJyImHGiM6vtSuBbjjqtXTJST8UMUvK1T6FudpTYgTVgJQoNbgumOnAdxrDnmKg8c

Request Chain 334

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIzuF2BEzORhqypA_YNOkWQ&google_cver=1&google_push=AYg5qPL96uB8snMt0GIf6-bRGaQSfrwtTEGVQGu0fVyKly_c69B5LqaYGZuqmJwqan_PQ_dMGBaQCrC6g48hgAODbn5gUq2aKZ4 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIzuF2BEzORhqypA_YNOkWQ&google_cver=1&google_push=AYg5qPL96uB8snMt0GIf6-bRGaQSfrwtTEGVQGu0fVyKly_c69B5LqaYGZuqmJwqan_PQ_dMGBaQCrC6g48hgAODbn5gUq2aKZ4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL96uB8snMt0GIf6-bRGaQSfrwtTEGVQGu0fVyKly_c69B5LqaYGZuqmJwqan_PQ_dMGBaQCrC6g48hgAODbn5gUq2aKZ4&google_hm=yJ9rKj08SzKwF0OUQ6KVlw==

Request Chain 335

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKAmCsSF6CIL569FD47KpYU&google_cver=1&google_push=AYg5qPIlVs-g3cQtlrtUgtb6gnYakRTsp2FcgwnIpGTNtCwZ4Z-ry49ME0LzUa1b4yxD5jJCWw1wsorNNNyrckrhC67NUOdhiXQ HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKAmCsSF6CIL569FD47KpYU&google_push=AYg5qPIlVs-g3cQtlrtUgtb6gnYakRTsp2FcgwnIpGTNtCwZ4Z-ry49ME0LzUa1b4yxD5jJCWw1wsorNNNyrckrhC67NUOdhiXQ&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPIlVs-g3cQtlrtUgtb6gnYakRTsp2FcgwnIpGTNtCwZ4Z-ry49ME0LzUa1b4yxD5jJCWw1wsorNNNyrckrhC67NUOdhiXQ&google_hm=MVNHTXdDaWo2ZWNQSGcxandnZVc=

Request Chain 336

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEsQOEdX5AemxVEqrS0H7dE&google_cver=1&google_push=AYg5qPJfzenuG1bpoyLy_q_gu86nrlhkrIPjVAqf_UNjHv4w8vaJozenUhT8Hn9X_C95jlzVKjn6hCby2TVfYDMsIqZLAZV92LI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJfzenuG1bpoyLy_q_gu86nrlhkrIPjVAqf_UNjHv4w8vaJozenUhT8Hn9X_C95jlzVKjn6hCby2TVfYDMsIqZLAZV92LI&google_hm=NjQxMTY1NDkyNDk2MjE5MDM1NA%3D%3D

Request Chain 337

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEOMiq4sxchYgZIEi7NYeHLc&google_cver=1&google_push=AYg5qPLYgpsGscgxiWegABWFTspKqMVbH7UA7dqtGzdPEKRISg5AbcTKnWUC8Xt789bJRdCviZ51Ozc4c8RVemGZpv_U1HL8qqUo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Mzk0YzNmNjgtODE1OS00MWJmLTg4ZWEtMzVkMmJiMmUzNzUz&google_push=AYg5qPLYgpsGscgxiWegABWFTspKqMVbH7UA7dqtGzdPEKRISg5AbcTKnWUC8Xt789bJRdCviZ51Ozc4c8RVemGZpv_U1HL8qqUo

Request Chain 338

https://sync.inmobi.com/gob?google_gid=CAESEC53fWJ2-f5IlMp-HnOOxyM&google_cver=1&google_push=AYg5qPJOjO2L2Ou7LeM2JVLFIINoxyepKz4vGrm_Cx-4wtn1HbgpdiPg0y7f1UoBD9Y0a8f1bO6W5SpPxI-3VxV7W3ahDaSi3URs HTTP 302
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPJOjO2L2Ou7LeM2JVLFIINoxyepKz4vGrm_Cx-4wtn1HbgpdiPg0y7f1UoBD9Y0a8f1bO6W5SpPxI-3VxV7W3ahDaSi3URs&gdpr_consent=&gdpr=

Request Chain 350

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDXjMFbY0jj9UcGcIkUZMUw&google_cver=1&google_push=AYg5qPJ7u2z8jBw8zjtoBmvOEt8wIMgQG9N8aXs2eTgynnOvQozDO9NJ7U2L-a91VnOGk1I691NjRek-wzsGLNAYOZHlSSyxFug HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=52d6a9bf090212b7&is_secure=true&networkId=14000&version=1&google_gid=CAESEDXjMFbY0jj9UcGcIkUZMUw&google_cver=1&google_push=AYg5qPJ7u2z8jBw8zjtoBmvOEt8wIMgQG9N8aXs2eTgynnOvQozDO9NJ7U2L-a91VnOGk1I691NjRek-wzsGLNAYOZHlSSyxFug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGpQ_bnbrh_QNk4ICvAAAAAAA&expiration=1643807292&google_cver=1&is_secure=true&google_gid=CAESEDXjMFbY0jj9UcGcIkUZMUw&google_push=AYg5qPJ7u2z8jBw8zjtoBmvOEt8wIMgQG9N8aXs2eTgynnOvQozDO9NJ7U2L-a91VnOGk1I691NjRek-wzsGLNAYOZHlSSyxFug

Request Chain 351

https://a.tribalfusion.com/i.match?p=b6&u=CAESEENHUU7wLAaYRv3rE1CkErk&google_cver=1&google_push=AYg5qPIgDpe9kbunWULxgt1hAEFnOPhY5VJBOm4EQmkbB1EOV6D4vfIKnkk9H7gHigXkVHqhlqCSEbiVZLKRDgdlTZc2E7sTTcE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIgDpe9kbunWULxgt1hAEFnOPhY5VJBOm4EQmkbB1EOV6D4vfIKnkk9H7gHigXkVHqhlqCSEbiVZLKRDgdlTZc2E7sTTcE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEENHUU7wLAaYRv3rE1CkErk&google_cver=1&google_push=AYg5qPIgDpe9kbunWULxgt1hAEFnOPhY5VJBOm4EQmkbB1EOV6D4vfIKnkk9H7gHigXkVHqhlqCSEbiVZLKRDgdlTZc2E7sTTcE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIgDpe9kbunWULxgt1hAEFnOPhY5VJBOm4EQmkbB1EOV6D4vfIKnkk9H7gHigXkVHqhlqCSEbiVZLKRDgdlTZc2E7sTTcE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 352

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESENPcqv9CgqL_jMQQ523H-mg&google_cver=1&google_push=AYg5qPIMw3XvJAPO9FJmc5oI0FTvX1GLVIXrQMUL6gqYLFjr2aGKZYLFjeh4RLw4EFE7gcl6D1VV3_PhASEDwVB6mqdcj2wS-nkk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AYg5qPIMw3XvJAPO9FJmc5oI0FTvX1GLVIXrQMUL6gqYLFjr2aGKZYLFjeh4RLw4EFE7gcl6D1VV3_PhASEDwVB6mqdcj2wS-nkk

Request Chain 353

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAEVyYMa0aTn17UYbadsmsA&google_cver=1&google_push=AYg5qPLpts0tsTaE2hhhrWoF4HoEy1ocB_vNRxrgyYvPxKCiZoeKcgyNrFLTC__xbfpAxFwJip6GBq6TU5Acij0GgeSx_VUUZbcT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLpts0tsTaE2hhhrWoF4HoEy1ocB_vNRxrgyYvPxKCiZoeKcgyNrFLTC__xbfpAxFwJip6GBq6TU5Acij0GgeSx_VUUZbcT

Request Chain 375

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJaAa6J-SXHhtAagYMC_pq8&google_cver=1&google_push=AYg5qPJpIvDb6kX6TzceQhmvCyjGGPuZCR1WVn6udaVeTxQwpWF8AYqoknbtrm0YUTqGY7G12ScLYIeeUdRI_UdtC7ZkNya_F_t3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJpIvDb6kX6TzceQhmvCyjGGPuZCR1WVn6udaVeTxQwpWF8AYqoknbtrm0YUTqGY7G12ScLYIeeUdRI_UdtC7ZkNya_F_t3

Request Chain 376

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIzuF2BEzORhqypA_YNOkWQ&google_cver=1&google_push=AYg5qPKk_oqHT0rrUUqqX1CqGHzewu5hFYFI2a0a4fXF38Ydfb_e8zFhsPr7XH8uxUtFeEDknMi1hu2gz2DZo1AHaYxCvT6LSToy HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=c89f6b2a-3d3c-4b32-b017-439443a29597 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=c89f6b2a-3d3c-4b32-b017-439443a29597 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=bead4f3d-f9a9-47c1-b203-4e0ad642e357&user_group=1&ssp=google&bsw_param=c89f6b2a-3d3c-4b32-b017-439443a29597 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKk_oqHT0rrUUqqX1CqGHzewu5hFYFI2a0a4fXF38Ydfb_e8zFhsPr7XH8uxUtFeEDknMi1hu2gz2DZo1AHaYxCvT6LSToy&google_hm=yJ9rKj08SzKwF0OUQ6KVlw==

Request Chain 377

https://rtb.openx.net/sync/dds?google_gid=CAESEOXnTAUqH0UvhLUjf0-gvsA&google_cver=1&google_push=AYg5qPJ8zZuqVsbZXD_KHGqicIkJvqwikrAfBNHTxByT00OTCDh6rkSAekw-jPGLJaBIAaGDMG42VJt9syso4aF5Ju9vixh7g_tS HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEOXnTAUqH0UvhLUjf0-gvsA&google_cver=1&google_push=AYg5qPJ8zZuqVsbZXD_KHGqicIkJvqwikrAfBNHTxByT00OTCDh6rkSAekw-jPGLJaBIAaGDMG42VJt9syso4aF5Ju9vixh7g_tS&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ8zZuqVsbZXD_KHGqicIkJvqwikrAfBNHTxByT00OTCDh6rkSAekw-jPGLJaBIAaGDMG42VJt9syso4aF5Ju9vixh7g_tS&google_hm=MJvSf_liygQq6plYLjef9Q==

Request Chain 378

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAJgJe3RmT-G_DNlryI9dYM&google_cver=1&google_push=AYg5qPKCSuSaTql6AcTidpK9LSnblKtmZ7TFp6tESGdZsXLu5haiOQ0VISnlvF7ndNV1cIbtR9vBWXUHiTCnWqA5D5lsfv4RsHXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=LVJTGYVFTVx_eg7MPpRAvh_Mkaw&google_push=AYg5qPKCSuSaTql6AcTidpK9LSnblKtmZ7TFp6tESGdZsXLu5haiOQ0VISnlvF7ndNV1cIbtR9vBWXUHiTCnWqA5D5lsfv4RsHXw

Request Chain 379

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAEVyYMa0aTn17UYbadsmsA&google_cver=1&google_push=AYg5qPKraMPwXx_nh-N8-hSm84o6kUdsUT8UcmTR9ZN5lhQX-Pmjy_HkNZk2z0mAF9j416pWlD4P2YdQbpCh_XdtfDuuytdRG3kN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKraMPwXx_nh-N8-hSm84o6kUdsUT8UcmTR9ZN5lhQX-Pmjy_HkNZk2z0mAF9j416pWlD4P2YdQbpCh_XdtfDuuytdRG3kN

Request Chain 380

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEBWN84KkmtjS0AOk6dqM74Y&google_cver=1&google_push=AYg5qPJ7vaLgxImrFzbemGhshm-G9xyODZsIuu0_RoMB8EWljMisa6kAYb4Cnfw8bi40gnD-btkCJ8d_190dEpji2fPkmTrH-MSR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AYg5qPJ7vaLgxImrFzbemGhshm-G9xyODZsIuu0_RoMB8EWljMisa6kAYb4Cnfw8bi40gnD-btkCJ8d_190dEpji2fPkmTrH-MSR

Request Chain 389

https://cdn.doubleverify.com/redirect/?host=tpsc-ae1&param=akipv6&impid=e9371e26880f4f3c843b52e448c491cc&cbust=1643720892506648 HTTP 302
https://tpsc-ae1.doubleverify.com/event.png?impid=e9371e26880f4f3c843b52e448c491cc&akipv6=2a00:1633:128:4::4

Request Chain 400

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.scriptcult.com%2F&domain=ja.scriptcult.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=8D3j9HwrNWYwV0Rjd1h4WVVZWmhlL2kxK3JEbzQvbU54akJzVDVyRHpUMSs3c3hSWWg3czFXSGYwRjFibmFMazk5eVQ1RUZQWkhzMzhUZFFlSXFoOTZZdVFVWDYrd01sMDZJYUw5TGFYb1BmNFVyNDFJVk93YWpYMk40Q24vcGlybThNRjFOR0I1NGI0MVhNVUNFN1RKVmVJS1V5dkhMWmwvRk5nL1VvdEtDUU9MTU5XaWFUZjNZTjB1MU1QZk92RU1PVHNyV0ZkRWl0bThjNXRycisxUGZ4STNGeXFjTGdqcGRjNDhWaEdyVzlvVjFrPXw&cppv=2

Request Chain 422

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 423

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 424

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 425

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 427

https://cr-p10.ladsp.jp/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://cr-pall.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://cr-pall.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYhGs8KrJkzFks8ADjqGv4xlXc8AAAF-tWZj4A

Request Chain 428

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Request Chain 429

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fc9161f9-30bc-4000-aa72-1d8cc0cb5042&gdpr=0&gdpr_consent=

Request Chain 430

https://ds.uncn.jp/pm/0/sync HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_0d1157bf-e783-42b6-a79f-e7143a8cafdb

Request Chain 431

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YfkwvQAC8BSvhABB HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfkwvQAC8BSvhABB&gdpr=0&gdpr_consent=&_test=YfkwvQAC8BSvhABB

Request Chain 432

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1 HTTP 302
https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dpubmatic%26rd%3Dhttps%253A%2F%2Fsimage2%2Epubmatic%2Ecom%2FAdServer%2FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%2526piggybackCookie%253D%26uid%2Dset%3D1%26auid%3D HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1&auid=23ad82d8-b417-4d2d-b8b5-a4545c6d6f2c HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=9s5r2FmssoO

Request Chain 434

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=93ce53f86e354fcf9a42fa8e89d53a80

Request Chain 435

https://adsd-sync.amanad.adtdp.com/pubmaticsync?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=ba78c588-b8ed-41a0-a060-d54e09d2c2ce

Request Chain 436

https://gocm.c.appier.net/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=YqUApL0xCzKl729dvTD5YQ

Request Chain 437

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zB8lw7kNSj2MIIvirNcIHA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 438

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uip.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uip.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 439

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHOXHwlImJ8pwTq0Rni-Qwo&google_cver=1

Request Chain 441

https://tg.socdm.com/rtb/sync?proto=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=YfkwvcCo8YUAAD.SpB0AAAAA

Request Chain 442

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=45157b7c-f5c2-4b2e-b2d0-696f885df62b

Request Chain 443

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=6&t=pixel&ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=433&user_id=de1ev5kh8odj&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c89f6b2a-3d3c-4b32-b017-439443a29597&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 444

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1545880462870164815&gdpr=0&gdpr_consent=

Request Chain 446

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ItQd4ZhE2uVF.Qmncb63DJiXchHw0AI-~A&gdpr=0&gdpr_consent=

Request Chain 447

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2395648763423468357

Request Chain 448

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3751787958688288976&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 472

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2ee0a43b-2fa2-4db6-8601-3188d4d380b7-tuct8f2b640&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 475

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8boIEac11NeSTh5&gdpr=0&gdpr_consent=

Request Chain 476

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:002C1E8793DF4F9595CED7F83FEDBC7B

Request Chain 478

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xITOW8GFy1LfjJxRxoKFA8WFnFbf1M1Vy4wIfzEy

Request Chain 479

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5bd59371bfb512b6&is_secure=true&networkId=17100&version=1&nuid=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGpWrOrtvctQMG-cFYAAAAAAA&expiration=1643807296&nuid=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&is_secure=true&gdpr_consent=&gdpr=0

463 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request open-acsup-files-905 Show response
ja.scriptcult.com/ 34 KB
8 KB 568ms
549ms Document
text/html 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c723ea37dc243b3fc12291f989e16800a6b0460374591354dabbf49a638c5ec2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
expires: Wed, 02 Feb 2022 13:08:08 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hq5jknRinS1i77NSDz0crMk%2BSHmfmZyT644LGydSivn5%2F82AnlTkC4iucI3OMdvfIWXsECXhxZ1NCpzYZXnJxkz9gVK1TT11M7eotOGQcdRlgHUJl%2BjbaJqKzAAX3BRhc8v1ggQrsiS8tX9K5IvmiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d6b681eacbd1f72-NRT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
52 KB 159ms
120ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c367439fde155d94d324699b52d5779b6125c257592875e052249e344ae437dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52926
x-xss-protection: 0
server: cafe
etag: 10937205327308040755
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 13:08:08 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/ 406 KB
92 KB 25ms
3ms Script
application/javascript 2600:9000:221a:3a00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221a:3a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffbc717e6984d44c5116b03e9ac4248486d6f93abb7ddf9be5511ab6522bc0a9

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 12:17:11 GMT
content-encoding: gzip
last-modified: Wed, 05 Jan 2022 12:51:52 GMT
server: AmazonS3
age: 3138
etag: W/"d2bc7c3d411f336f237243a1675346ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba1ce9c69a66256a857451734e2da0ae.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: NRT57-P2
x-amz-cf-id: J43ubIN4U1ykqf_DXvrNXEMIFwAfpXzhQn4xflHSCRSb6OU5EbATmA==

GET
H2 200 / Show response
g3news.biz/ 14 KB
15 KB 791ms
265ms Script
application/javascript 164.90.194.65
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://g3news.biz/?te=hbswimjugu5ha3ddf4ytmobt

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

164.90.194.65 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3c8a91e5a00d716076418f2c40180d2de1c8e25bf77cc0e89bf2c4d94ed6003b

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 01 Feb 2022 13:08:09 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 adManager.js Show response
cst.cstwpush.com/static/ 451 B
598 B 125ms
2ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.cstwpush.com/static/adManager.js
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 14:08:08 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 1506626470index.css
scriptcult.com/template/apollo/css/ 60 KB
10 KB 18ms
11ms Stylesheet
text/css 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/1506626470index.css
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51de53ac835a3e11b545be8454c808f1b4a655b1681b02b1db6b87f44ebf4257

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281636
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jul 2020 14:43:28 GMT
server: cloudflare
etag: W/"f1d8-5aaa42e19d8e0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7Sof%2BdLSM5G6Rh2TN64%2Bj0j7hzcjsLqbmovS2FUUVznlSJJ1JViUqF6PQyOYeLRJLO%2FwwbkXu2qUr1lGv9AxEbeXH8%2F4%2Bg9lUqzczqI6pdjV3x7e2aVshHqapy0iYDcsQdN05bbP2xW9XojEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 6d6b68224a591f72-NRT
expires: Sat, 12 Feb 2022 06:54:12 GMT

GET
H2 200 css.css
scriptcult.com/template/apollo/css/ 5 KB
932 B 19ms
12ms Stylesheet
text/css 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/css.css
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b5fb211d28a4781b339cfded0f5bb2dcc357d003430aedc7e1f771c5f2abea5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 555679
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jul 2020 14:43:27 GMT
server: cloudflare
etag: W/"1248-5aaa42e0bdebf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ky6anuiftWqxCXQ0jAfrwC8FzeSKYukOjwUsc36QycFzyOqG2ZytAq6LJ07ShrdjV7tvrhIv05JCKsBg3ZizOWolMo8DrlVYy5Hot%2Biu7qnPioZRO2pk8dUMVua29rnTUjoMG311HBp3%2FOIjUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 6d6b68224a5c1f72-NRT
expires: Wed, 09 Feb 2022 02:46:48 GMT

GET
H2 200 1506626470index_001.css
scriptcult.com/template/apollo/css/ 114 KB
18 KB 24ms
17ms Stylesheet
text/css 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/1506626470index_001.css
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9f18b5f9ed6ffddd86c2f764df72ea0f4aa7fba3f8e41102c81002d421f74ac

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 557447
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jul 2020 14:43:27 GMT
server: cloudflare
etag: W/"1c9cb-5aaa42e10b11f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOlNxZ6XAHfUSQnMSUbA69ktn%2Bb5M7vnk6r1A1%2FLmU08eSEzwVC2qgfP2tRZ4fgCoQxAO0oKkJmDGx8u3VeUk1RySK14CtYC6OnkZZ90kgKGPJ3dTlluVXLC7yQZLXHE3yizAgVIGZfi8LAjvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 6d6b68224a5f1f72-NRT
expires: Wed, 09 Feb 2022 02:17:20 GMT

GET
H2 200 1506626470index.js Show response
scriptcult.com/template/apollo/js/ 112 KB
40 KB 37ms
30ms Script
application/javascript 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/js/1506626470index.js
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecdeb0b2751d79c8951811ca225a1c98cd860f650e159d4244c7ae1389ffa7a6

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 557447
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jul 2020 14:43:30 GMT
server: cloudflare
etag: W/"1c05b-5aaa42e3d00e4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yqIrLedzPKj2ZHx2XTREiEl5UebS4dtcCwLUSVyO0RaD9QgNyBYzR%2FFjbQCf%2FOMA7K8q3tmACfddBEtOYt2cZSsW3wUTBF1AtNr4BD8nlGtTjQ%2Byks%2FK2q2e29BcBVV6ZzoPg6Q1TCfPlhhyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 6d6b68224a611f72-NRT
expires: Wed, 09 Feb 2022 02:17:20 GMT

GET
H2 200 fondoperlaterra.org.1228643.js Show response
jsc.mgid.com/f/o/ 2 KB
1 KB 34ms
14ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.js
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aa6493adc18fc2292a6d6e25933ca6293e9f18a7dc9af3f0e7a2b8639a4287f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 5533
last-modified: Thu, 25 Nov 2021 06:10:17 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 22ACHPYDXJ4D4HDX
x-amz-id-2: HZdAC11/dR1nX5AB3L7Thw2CfujcdlMrpPG1FzaULlHMqwm3GfdD9MAcEwbUpxnXcTWkPhUtMC8=
cf-bgj: minify
server: cloudflare
etag: W/"6ff497529887fac219024db78b0f21d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6d6b6823699e80fc-NRT
expires: Tue, 01 Feb 2022 16:08:08 GMT

GET
H2 403 /
scriptcult.com/img/ 0
0 545ms
541ms Image
text/html 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 fondoperlaterra.org.1228644.js Show response
jsc.mgid.com/f/o/ 2 KB
1 KB 123ms
104ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228644.js
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72035b0783d3447f297a06e788fdb3b390f1129dabf50c291510a0e37edeb833

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Z4KAPWWJPWJDG72D
last-modified: Thu, 25 Nov 2021 06:10:48 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 8cq6qm7SaHJ7tFi4M/7koYKDCr2Fxxi21e4Lj4l5edHvFkeN6ugOC1GHYnccTzQoXUwLWIZOPow=
cf-bgj: minify
server: cloudflare
etag: W/"eaec5891e8c7c77b5b9c54a162c317e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6d6b682369a380fc-NRT
expires: Tue, 01 Feb 2022 16:08:08 GMT

GET
H2 200 fondoperlaterra.org.1228650.js Show response
jsc.mgid.com/f/o/ 2 KB
1 KB 34ms
15ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228650.js
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ee23bf0f9d8f56ce243df1dd3c2635ce8fe793dce67a04a8d21896a9511907d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 5533
last-modified: Thu, 25 Nov 2021 06:09:45 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: Z4K6YCSHRBGX1MNA
x-amz-id-2: WDoNVAaTB5UeZE+5nbfyfOke3+RA2o7Z5P1nZpIdNVJRGpfvBPWJjQrCkp8944xVk6ujPnhN4xc=
cf-bgj: minify
server: cloudflare
etag: W/"2b75cb29e2cf184bb96e81bd96925d3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6d6b682369a780fc-NRT
expires: Tue, 01 Feb 2022 16:08:08 GMT

GET
H2 200 fondoperlaterra.org.1228642.js Show response
jsc.mgid.com/f/o/ 2 KB
1 KB 37ms
17ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228642.js
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b528cda7764e7c08fb01f49fe4efac3143914e968303e25acf6c51712cb52a46

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 5533
last-modified: Thu, 25 Nov 2021 06:11:29 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: Z4K3VJM5KGYRT6XA
x-amz-id-2: Y02+dUVvL8oU0Hi1Yw01Dx95Nx0ZVBXgshwO9kGtg7QdJnNzg8WwK3QlqXvKBrUiQSQ4i8AWXN4=
cf-bgj: minify
server: cloudflare
etag: W/"5f72c136f2cc69a2a7a059702a233055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6d6b682369ad80fc-NRT
expires: Tue, 01 Feb 2022 16:08:08 GMT

GET
H2 200 .bpn-file-extension.jpg
scriptcult.com/img/fileinfo/ 52 KB
53 KB 13ms
10ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.bpn-file-extension.jpg
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c387a5e5628098cca7b9fe8d92204a7048f3e10cdf93c7e8639d99ea5e11e1c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53131
last-modified: Sat, 27 Apr 2019 23:59:35 GMT
server: cloudflare
etag: "cf8b-5878bd7e6d7cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzTS5mrgJqqi8kz44WnX5DhcxCDo1SOSxl5u6OowEuypYLcNCrbYsN2Cxn2fYVmL%2FlppkvpWLh4wsXDPpJVrHnBG4xNnq7K9gc0AaFz%2BgUOfwgM8szCkryvQaW4LbhG%2BUTLkwYriMtdoCsDMHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b68235c181f72-NRT
expires: Wed, 01 Feb 2023 13:04:18 GMT

GET
H2 200 .qxt-file-extension.jpg
scriptcult.com/img/fileinfo/ 63 KB
63 KB 1090ms
1087ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.qxt-file-extension.jpg
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a5e21ff3022c77507476e78acf68eff0b2a6acd98962d76d68e3f414d9dbb8b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64129
last-modified: Sun, 28 Apr 2019 00:12:34 GMT
server: cloudflare
etag: "fa81-5878c06467e21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWTS1tXJ6QloBytRXYcQ2UPv2kRWedXrubf7UIAzwl1xlZqixiW5%2BppqMNTPPG04R28xu9tQtG%2BZSdoj79yQ7bEHOgMTQcY%2BebUM8H05%2FkN5IIDK7NIZqscJxE6sbn61fR6AaoIr9iTr4pdc0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b68235c1a1f72-NRT
expires: Wed, 01 Feb 2023 13:08:09 GMT

GET
H2 200 .pxls-file-extension.jpg
scriptcult.com/img/fileinfo/ 5 KB
5 KB 551ms
548ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.pxls-file-extension.jpg
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa70d48c744f0a63fbd1d1e6de7ff2e24869c0682ceee92b4889d5acbb712bb

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4804
last-modified: Sun, 28 Apr 2019 00:12:09 GMT
server: cloudflare
etag: "12c4-5878c04d394f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrkMIYVF1%2FergUbcRV18tOnwjS7J%2FtpKYMUQoI2bVZph6NZUT6IvzYiQmuvqW0iAt6ULHQ%2B8p3U1PhAqTNOfMB25nLaE1XhitWh%2FCaRX6AasDMuctjNoakbwUvblpwv4UaXyzSFffUzYF1PX0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b68235c1b1f72-NRT
expires: Wed, 01 Feb 2023 13:08:09 GMT

GET
H2 404 NGD-file-format-description
scriptcult.com/img/file-types/ 0
0 558ms
555ms Image
text/html 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/file-types/NGD-file-format-description
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 .mppz-file-extension.jpg
scriptcult.com/img/fileinfo/ 5 KB
5 KB 542ms
540ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.mppz-file-extension.jpg
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d5cbcbbb84d4cb47bbc002c1d7206013d7e9a1add8127451d97d64b39c3a524

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4999
last-modified: Sun, 28 Apr 2019 00:08:54 GMT
server: cloudflare
etag: "1387-5878bf92e3222"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKENpV1Ggw7q96gqrTWmWT1wNsu4GsmOWrqhzb2Jv6MQ9ggo4NrQoO7kRvHQRkfdDnJPEe%2B2ZSHcnatENm5B15bnURQcxU%2BFsXMRafoWbI4wUz892RJ6edg%2Br7rp%2BGgIBAJJlyxmBzRYO5aU%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b68235c1e1f72-NRT
expires: Wed, 01 Feb 2023 13:08:09 GMT

GET
H2 200 .brv-file-extension.jpg
scriptcult.com/img/fileinfo/ 14 KB
15 KB 14ms
12ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.brv-file-extension.jpg
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66031ebb91f1175037b7d89dfc3af1f23cf6b06c8e3ca2d2e4a7d4035910b10d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14781
last-modified: Sat, 27 Apr 2019 23:59:41 GMT
server: cloudflare
etag: "39bd-5878bd83c0c50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ab2rfCL67TaC%2Fd8xj3Ihqre5%2BtCboY2kAeNEjhj%2BxYFd5KTDXdNuRrXiuwLL%2FulX3q63m0UpJBmSqWS%2BKslaVvk7vk2BRtQJfD6nSvgGvQe7qlF7uFgXVjoM0WIX9LHBYQYWwwtNGJUdnuoiaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b68235c211f72-NRT
expires: Wed, 01 Feb 2023 13:04:18 GMT

GET
H2 200 VRMAT-file-format-description.webp
scriptcult.com/img/file-types/ 31 KB
31 KB 17ms
15ms Image
image/webp 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/file-types/VRMAT-file-format-description.webp
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a61e116b3b761378e1846301bfc67bf58c43ab8c3a9b32d147640081affa092

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 561938
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31608
last-modified: Sun, 04 Oct 2020 18:49:58 GMT
server: cloudflare
etag: "7b78-5b0dcd5270013"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCqRVfyi2qLbWsho3wAmvTmwE7VPGw7OkFW0AUj0rNkWJsGjeYfIHAXQskIOJE3dNg0kw4DExzE7fmVIRejKYqtd%2FvlHZk7sBjPre%2FEkzcJ8ZwIvSdqHMuhFzrdaBp0B541ExDfOGWO8XVv5jA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6d6b68235c231f72-NRT
expires: Wed, 02 Feb 2022 01:02:30 GMT

GET
H2 200 ILT-file-format-description.webp
scriptcult.com/img/file-types/ 53 KB
53 KB 15ms
12ms Image
image/webp 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/file-types/ILT-file-format-description.webp
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16a4d8efd0604291f81ab7b9c256e100f1cf3fc78fdcf2611fd0ed0c13aafc7

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103546
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54204
last-modified: Sun, 04 Oct 2020 18:49:36 GMT
server: cloudflare
etag: "d3bc-5b0dcd3d70116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZezUOcVx4fg9jYUYkLwrUmUe%2FCfz%2FIbb9Fw5Wr6MVOyLIYBGk0hDWOgSnFM0Ovp%2B2QsTZGV9%2BaPREdkpsRJpQjfsAwl0uSI7Xy74yyfq3pWSPAIyB3Nrq8lU68cZsxPjJtbkoT7x1R3rEU2Rcg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6d6b68235c241f72-NRT
expires: Mon, 07 Feb 2022 08:22:22 GMT

GET
H2 200 .mwm-file-extension.jpg
scriptcult.com/img/fileinfo/ 114 KB
114 KB 18ms
15ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.mwm-file-extension.jpg
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75fe114c8a4f39d85da09dae2f08b283d73324f609f91c318b389fa513b33c14

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 229
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116693
last-modified: Sun, 28 Apr 2019 00:09:18 GMT
server: cloudflare
etag: "1c7d5-5878bfaa06f70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJkl2IazgUv0DfkVU2RN0qCocyxJWnk3TZh3l9DRV9%2FtbRHUVKqeauju6LoR5pStFRcI7%2FAM72Cj%2FpREHWqBRkJNIcPWpak3tyrwSca5J469PMebyoLmb7MjttnGr0oQq21YXTy6h7vB9Uz9EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b68235c251f72-NRT
expires: Wed, 01 Feb 2023 13:04:18 GMT

GET
H2 200 .dltemp-file-extension.jpg
scriptcult.com/img/fileinfo/ 11 KB
11 KB 561ms
559ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.dltemp-file-extension.jpg
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5810e9010ec0c90d2c849303bfc7dfc5991828faebb63d0d815d4a68edfa16bf

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11272
last-modified: Sun, 28 Apr 2019 00:01:53 GMT
server: cloudflare
etag: "2c08-5878be01dbfd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5uQ%2FtIvwhB05bJKYXuCkzZ9sTrGOzOdDvtm5Z0spXyTYrwJsLrf93sTt8uFnSozP6Fwsu6MlI14wCxmKrsmVqIaC7tuJGIMqqvUv26NzgodRRd0Uc9SyAuTKeLZCViVeN76aiAFpMxfygb0Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b68235c291f72-NRT
expires: Wed, 01 Feb 2023 13:08:09 GMT

GET
H2 200 .fg3-file-extension.jpg
scriptcult.com/img/fileinfo/ 58 KB
58 KB 1181ms
1179ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.fg3-file-extension.jpg
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0db0e24c85b3224d2f1831214cd8cef83fd67f71191c1ac9b323995a1a27fe1

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59223
last-modified: Sun, 28 Apr 2019 00:03:33 GMT
server: cloudflare
etag: "e757-5878be615180d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5PHboQEWcvmZUdn%2BtwpuOJHr%2BFKl4ge78hl308zTGuaqayxM7uwZxoIbFRjgNx9PuOl5VFD%2BxDOIYoiVVQtavqBnBzeUk5kNW0c6IjxwWGMSYDPTvXc8cktFJj3E5Wzus0Gf17YjVDuVDHYBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b68235c2a1f72-NRT
expires: Wed, 01 Feb 2023 13:08:09 GMT

GET
H2 200 .utx-file-extension.jpg
scriptcult.com/img/fileinfo/ 76 KB
76 KB 1107ms
1105ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.utx-file-extension.jpg
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2526a59ed27b7f31039a25587f80500153e42f32cb3fa0432be52b20a87f317

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77515
last-modified: Sun, 28 Apr 2019 00:16:26 GMT
server: cloudflare
etag: "12ecb-5878c141ae668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8S4E3vP8P0ory1xfWOuEwE%2BMVdtQUKt5Oy%2F2sdqjTSpCVQ%2FE9%2BO%2F%2FjeRsuhUGvLQcvpinX0Vvkebgh85q5VU2ePRGIeGb58Xo57Uf4MWglohdCK4Tr7%2BoTGOSx0XPwOH1fGItwbyrHrLxlh4ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b68235c2d1f72-NRT
expires: Wed, 01 Feb 2023 13:08:09 GMT

GET
H2 200 SNR-file-format-description.webp
scriptcult.com/img/file-types/ 42 KB
43 KB 20ms
18ms Image
image/webp 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/file-types/SNR-file-format-description.webp
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d55535e4046bdd05bf8b17e33d875f2057e8069dbe1711258e13fddceda1edf

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 229
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43496
last-modified: Sun, 04 Oct 2020 18:49:53 GMT
server: cloudflare
etag: "a9e8-5b0dcd4d3defb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDqpy3YeRWB8PaAL8a%2FW0Hf0b8YQN%2F7XP4FKIvc%2BDI48%2Bw3%2FSVOYLv%2Fi9lMkNyrr5d8MX1xbRwB2Og3gZ8SBgWSsvHPDsRY5SnnXVqCCUL6jvbDsnWKdOkr1iZgjR2%2BgwCxXV41VvDWI%2BXEcvA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6d6b68235c2f1f72-NRT
expires: Tue, 08 Feb 2022 13:04:19 GMT

GET
H2 200 scripts.js Show response
scriptcult.com/template/apollo/js/ 69 KB
21 KB 13ms
12ms Script
application/javascript 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/js/scripts.js
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af6e28fbccfa7c6a58de5188801218b01dd80c279d1e3b576e109082eef763fc

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281636
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jul 2020 14:43:30 GMT
server: cloudflare
etag: W/"113ad-5aaa42e3dbc64-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QhSX%2Brs4eLiDBcQmDSTKsKmxyoqpK7v6wQEw%2BgYA2pCOJGf0%2FLhOCntztaObEQwk7IGcsf82pFkxVBsy%2Bylc4qJiLyVbSW%2ByvzY88s6Y%2BmDtIg1%2FPARcSwpUzXbVsuCB47ccGcE2WEqztlfqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 6d6b68230b891f72-NRT
expires: Sat, 12 Feb 2022 06:54:12 GMT

GET
H2 200 custom.js Show response
scriptcult.com/template/apollo/js/ 3 KB
1 KB 22ms
17ms Script
application/javascript 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/js/custom.js
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68df2e56274e0fee3b1539dd6224e6c25b59b9571a45925be1927eff387737f0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 560259
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jul 2020 14:43:30 GMT
server: cloudflare
etag: W/"d49-5aaa42e38f9a3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhlfrDH5gFk7jtp1C0joYrZGzc%2FABZty6AcZn4vLb6kv%2Bl35CJgWo7YxeAMPDbhRb%2BRI13WVrgqbyoMlnXaRfPn5TS2OgSDpGjtRbcpvmLv1WHDJynGuRChl%2B%2F3dWDi2bHxNg6AzZfivwEMFbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 6d6b68235c131f72-NRT
expires: Wed, 09 Feb 2022 01:30:29 GMT

GET
H2 200 rating.js Show response
scriptcult.com/template/apollo/js/ 2 KB
1 KB 14ms
10ms Script
application/javascript 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/js/rating.js
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e4198b73c21bb8594b6b0c38276bfcd2e8c23c55349bc5e700d8c5441023d0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 560259
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jul 2020 14:43:30 GMT
server: cloudflare
etag: W/"739-5aaa42e390943-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpZfdUQDhWUcHy%2Fq%2BMIgMgwXvACAQieSwXt6mgEtoNx0LGYaP64ukfq9bxSV07zaIOiHPImtKcbDwKA6fGgC7NNQ8bbrskBkU%2F8Qu59a5FXlI7nVVBu4dL0Y3SB4j4AnYLg0Va8JYudIr%2FS62Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 6d6b68235c151f72-NRT
expires: Wed, 09 Feb 2022 01:30:29 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 198 KB
68 KB 862ms
430ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

6ad72f3c8c1fcfc57196e40e3c6900673ad7a58ec687ee549f15c295710ee9f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-10e19"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69145
expires: Tue, 01 Feb 2022 14:08:09 GMT

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 78 KB
29 KB 18ms
3ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3edfaa75558e93756874357f71bc329c3a97c36d5e92e347251e195742ba0a79

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: gzip
last-modified: Fri, 21 Jan 2022 15:18:57 GMT
server: nginx/1.18.0
etag: W/"61eacee1-1382f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 14:08:08 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 26 KB
7 KB 391ms
364ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.7923509861034252

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1afb7470999e7042ed6d937973232a0116a8b2967c936cc37aff91be89435558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Sun, 30 Jan 2022 07:45:32 GMT
x-timer: S1643720889.882556,VS0,VE355
etag: "136bfff1f290532cc0074a184a93a41336eb53dcdba45e16d34e03a106c160eb-br"
x-served-by: cache-itm18830-ITM
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
date: Tue, 01 Feb 2022 13:08:09 GMT
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
scriptcult.com/template/apollo/css/ 22 KB
23 KB 27ms
12ms Font
application/octet-stream 2606:4700:3032::ac43:9286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064

Request headers

Referer: https://scriptcult.com/template/apollo/css/css.css
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 363377
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22820
last-modified: Fri, 17 Jul 2020 14:43:28 GMT
server: cloudflare
etag: "5924-5aaa42e1dc0e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFxbck%2FeanuldHpVsrNpNNv05tY0dHqlsU%2BNVDkeWVxVwa2qyxdzJ0a4o2gApqDTJLLKT7jEVWz2MyacumiSHVF2rElhgPNDf%2B9x4Co10kJ63wmB2jFYTRwBCdxeVfnfVxA952XrHT36QHJ6Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6d6b68236b4df90b-NRT
expires: Fri, 04 Feb 2022 08:11:50 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
scriptcult.com/template/apollo/css/ 23 KB
23 KB 27ms
13ms Font
application/octet-stream 2606:4700:3032::ac43:9286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/S6uyw4BMUTPHjx4wXg.woff2
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b

Request headers

Referer: https://scriptcult.com/template/apollo/css/css.css
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 477937
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23316
last-modified: Fri, 17 Jul 2020 14:43:27 GMT
server: cloudflare
etag: "5b14-5aaa42e1331c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cIpPDPgGZw1ncZI19zHB0dvOkPyxENZLjZG1q7aBGo1lwiEbRUS%2BhQnrcHl4aBiLwJMF2cOCm4dSHtDTTA6w%2FyFBFScormTJIG7lBw65rI%2B6mCVcQXz9FFm%2Fo8IvanCDH7yc8JTlqRv9iKZXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6d6b68236b4ff90b-NRT
expires: Thu, 03 Feb 2022 00:22:31 GMT

GET
H2 200 ionicons.ttf
scriptcult.com/template/apollo/css/ 184 KB
105 KB 36ms
22ms Font
application/font-sfnt 2606:4700:3032::ac43:9286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/ionicons.ttf
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/1506626470index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Referer: https://scriptcult.com/template/apollo/css/1506626470index.css
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 506693
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Jul 2020 14:43:27 GMT
server: cloudflare
etag: W/"2e05c-5aaa42e10535f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Nsx0eHNB7V23N16o9QlIla96TDogqal%2FqVbBvaIq5HBlWEcitTeu0rUFddJ%2Bk4XUJGIWDXx6DO9B2S%2FqmwLh2hHJRmZP9kijMWUcXTKS%2Beea7V8yvXyYeB9h5rcHF96XAbZRcwaU3eokCT6tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 6d6b68236b50f90b-NRT
expires: Wed, 02 Feb 2022 16:23:15 GMT

GET
H2 200 TK3hWkUHHAIjg75-xhsTus9C.woff2
scriptcult.com/template/apollo/css/ 15 KB
16 KB 27ms
25ms Font
application/octet-stream 2606:4700:3032::ac43:9286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/TK3hWkUHHAIjg75-xhsTus9C.woff2
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b18bae2e16647bca7a1913343f21a0217cd053203396ba96cc1093fa51dd648f

Request headers

Referer: https://scriptcult.com/template/apollo/css/css.css
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 174295
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15604
last-modified: Fri, 17 Jul 2020 14:43:28 GMT
server: cloudflare
etag: "3cf4-5aaa42e1a7520"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G45X10RZQIiRogbIu6ZaViwtweNfGAf6ePwySyb2CjMhIORDRUNTgOIaih4gyX2bZwYu7CHVcmEVxkpC53W6%2BMn032b3biaF9j8HkB6ZSuRdgpK3E5Ewko4oWYK7LyIMTY1BNsAxti%2FCuycZ3w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6d6b68237b51f90b-NRT
expires: Sun, 06 Feb 2022 12:43:12 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 96ms
59ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

5df341359097962c4e7305c3143e4a08b5987a38bd1fc42c6a2483ca9878f2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27301
x-xss-protection: 0
server: sffe
etag: "1118 / 326 of 1000 / last-modified: 1643717098"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 01 Feb 2022 13:08:08 GMT

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
142 KB 2ms
2ms Script
application/javascript 2600:9000:221a:3a00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221a:3a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 22:54:23 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
age: 9382426
etag: W/"6dd0a13bde35d2daa452bba998871016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba1ce9c69a66256a857451734e2da0ae.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: NRT57-P2
x-amz-cf-id: W2b4KJ6j42sH0phRd10vYBqtja-dhhwEO6I_oapTOkfY3RyOh-u3RA==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
scriptcult.com/template/apollo/css/ 22 KB
22 KB 12ms
12ms Font
application/octet-stream 2606:4700:3032::ac43:9286
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abde463ef27458713d91e9be883fdd389298ef57411b601cab5f66db609c508d

Request headers

Referer: https://scriptcult.com/template/apollo/css/css.css
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 258594
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22352
last-modified: Fri, 17 Jul 2020 14:43:27 GMT
server: cloudflare
etag: "5750-5aaa42e138f80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TeMrc%2F0lOWFYrDir3EC1E9a2BemrOo2%2F1dvEIYYarl%2F82X6enq5c4LgFlAJa%2BWBtX%2FKy9pd%2BGjt4brLi4ecdn0Nr9NqJpD9ETe%2BR5hHK4kr8wSLfIxMOuwn0huTJPgomRU7ZQcyuyX2FAh2RJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6d6b68239b68f90b-NRT
expires: Sat, 05 Feb 2022 13:18:14 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/ 287 KB
104 KB 81ms
80ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841728de2973d3e50e9297c09e0d465f86e9cdeae8c77afae22f17d2b706216d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105915
x-xss-protection: 0
server: cafe
etag: 5999527431868868211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 13:08:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame 9E4D 10 KB
5 KB 2ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Mon, 31 Jan 2022 15:52:38 GMT
expires: Mon, 14 Feb 2022 15:52:38 GMT
cache-control: public, max-age=1209600
age: 76530
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fondoperlaterra.org.1228643.es6.js Show response
jsc.mgid.com/f/o/ 240 KB
71 KB 24ms
23ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d1dd097c49c53fd703f90ad11d46314436e3bfd18754730f0b9035fc48da6f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 5741
last-modified: Thu, 02 Dec 2021 17:02:17 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZWWBAGJPQGPD56XP
x-amz-id-2: XVqA8E8lj9fhktthKqBJ0sDqNR/Vu1f5Sa8WToqBX2hxEGFXQcIdzW7gUiBwqdjIk9JAO6uL4wg=
cf-bgj: minify
server: cloudflare
etag: W/"3976e4646795bacbd10c68f453893f0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6d6b68241b7380fc-NRT
expires: Tue, 01 Feb 2022 16:08:08 GMT

GET
H2 200 fondoperlaterra.org.1228650.es6.js Show response
jsc.mgid.com/f/o/ 237 KB
70 KB 20ms
19ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228650.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228650.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc48da6fbaa96f8c66ae2e93bf90d3e5dfd415d25ca0f55a194d88864c6de747

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 6772
last-modified: Thu, 02 Dec 2021 17:01:44 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6RPKV0HS41FH6SKS
x-amz-id-2: ppEGXBPk+u1ynUgjyWAb8j4JAGAySAMhdI0ZAJmHmkmktHVYcLuEXqf+5unVq6QWsUzgpUh5yWs=
cf-bgj: minify
server: cloudflare
etag: W/"7f102040114d48ead599d2d842fce6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6d6b68242b8d80fc-NRT
expires: Tue, 01 Feb 2022 16:08:08 GMT

GET
H3 200 fondoperlaterra.org.1228642.es6.js Show response
jsc.mgid.com/f/o/ 241 KB
70 KB 21ms
21ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228642.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228642.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ad54a1c4a9e9bb403986b16ade2e42c6c63c16cdf7cad8d46e594dc107efda9

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 2276
last-modified: Thu, 02 Dec 2021 17:01:21 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6RPT5TJP964S726N
x-amz-id-2: enU4JqbJCRP0jdaDFvEi4fKmaUXRUeU3UkRUzINzT/snes+VHC6a5pwi1O2dAPTIJNDz3rX8quE=
cf-bgj: minify
server: cloudflare
etag: W/"02eebe9b07a47954a6f56a44b0bcd3e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6d6b682468918a96-NRT
expires: Tue, 01 Feb 2022 16:08:09 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 17ms
9ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220201

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e17015d0c998495d78087eec7a8017798a0137a15dc8487adf936e81522dd116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36402
x-jsd-version: 1.0.1239
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19126-FRA, cache-tyo11966-TYO
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69d-K3MOFkCoAd0yNe1cWrUcd8LOf1o"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6d6b68248eba80bd-NRT

GET
H2 404 footer.jpg
scriptcult.com/template/apollo/css/ 0
0 629ms
628ms Image
text/html 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/template/apollo/css/footer.jpg
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/1506626470index_001.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://scriptcult.com/template/apollo/css/1506626470index_001.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 1942 Show response
na.nawpush.com/tags/ 77 B
249 B 108ms
3ms XHR
application/json 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1942
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 65b412ec6b8884a8b30764d914b06ec4ced58c5ef5b0c70d3d2e1debbe2aa569

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 01 Feb 2022 13:08:09 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
239 B 7ms
3ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 01 Feb 2022 14:08:09 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 404 loading.gif
scriptcult.com/template/apollo/css/ 0
0 690ms
689ms Image
text/html 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/template/apollo/css/loading.gif
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/1506626470index_001.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://scriptcult.com/template/apollo/css/1506626470index_001.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 404 close.png
scriptcult.com/template/apollo/css/ 0
0 593ms
593ms Image
text/html 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/template/apollo/css/close.png
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/1506626470index_001.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://scriptcult.com/template/apollo/css/1506626470index_001.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 optad360.js Show response
serving.stat-rock.com/player/ 310 KB
98 KB 1292ms
472ms Script
application/javascript 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/optad360.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap15.adplayer.pro
Software: nginx /
Resource Hash: 1e64b2e7bfaa97b035c4f71b1d3b62bdd9d51793c15d45aa2db501c0cbe9e6e3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 09:47:13 GMT
server: nginx
etag: W/"61f118a1-4d83b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600

GET
H3 200 fondoperlaterra.org.1228644.es6.js Show response
jsc.mgid.com/f/o/ 241 KB
71 KB 19ms
19ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228644.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228644.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ef0a36a2bee602270b7c0d200d64646d2cbff4274ee6c86fc0da79f53d6cc95

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 3361
last-modified: Thu, 02 Dec 2021 17:06:41 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: SG8P4SKXVGW2S8VY
x-amz-id-2: uDr2fsTFY4dnT5QIC7CVw/+xo4bLAYIwXXHeSdf5yoQLufQPKZmdetFgGs5cDB97rxD7b+lLaTI=
cf-bgj: minify
server: cloudflare
etag: W/"e7417663669e32ab219c9a6b4a02ef99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6d6b6824f9f58a96-NRT
expires: Tue, 01 Feb 2022 16:08:09 GMT

GET
H3 200 pubads_impl_2022012701.js Show response
securepubads.g.doubleclick.net/gpt/ 355 KB
120 KB 38ms
2ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

sffe /

Resource Hash

97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 04:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122333
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 09:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 01 Feb 2023 04:32:29 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 73 B
100 B 72ms
36ms XHR
application/json 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.scriptcult.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

6122bf9e5007b16f71ecc2a4190fd65254a47110885951448b1e266ee75b4b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75
x-xss-protection: 0
expires: Tue, 01 Feb 2022 13:08:09 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 1208ms
222ms Preflight 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ja.scriptcult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:10 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ja.scriptcult.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 1193ms
223ms Preflight 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ja.scriptcult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:10 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ja.scriptcult.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
941 B 37ms
10ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512200
x-amz-request-id: txfd1c77a515734f94831ab-0061f15fee
x-amz-id-2: txfd1c77a515734f94831ab-0061f15fee
last-modified: Wed, 26 Jan 2022 14:43:29 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgbwaxhuxz9S%2FIImQ3xWhC2Mmj%2BkQ89QUGDQ1DU8D9stKGGeb22AR%2F1OUNn2tVE7oeqCsmzIz3hUCXPa3FQrvb0mJfadvLLIo4jiOu1L1uRqt9cVvuLZlLrZ8zYTee8MBg7CwqoR%2BKYwn%2BY9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1643208209303360
cf-ray: 6d6b68255ea53541-NRT

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
420 B 305ms
284ms XHR
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://ja.scriptcult.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6d6b682559207827-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
171 B 477ms
160ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 01 Feb 2022 13:08:09 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://ja.scriptcult.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
701 B 227ms
76ms XHR
application/json 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:09 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 7e5a21eb-37b9-43df-ab0a-bf3afe949a87
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.scriptcult.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 21ms
5ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
date: Tue, 01 Feb 2022 13:08:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
732 B 222ms
74ms XHR
application/json 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:09 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 48825a66-602f-4e19-97b9-b600e70f54b9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.scriptcult.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
373 B 394ms
234ms XHR
application/json 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ja.scriptcult.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST openrtb
adx.adform.net/adx/ 0
0

POST
H2 204 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
150 B 894ms
77ms XHR
text/plain 2a02:fa8:c411:12::1140
CNVR-APAC

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:c411:12::1140 , United States, ASN399104 (CNVR-APAC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: 0

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
17 B 746ms
249ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
date: Tue, 01 Feb 2022 13:08:09 GMT
access-control-allow-credentials: true
server: nginx
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary: Origin
accept-ch-lifetime: 604800

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
179 B 653ms
215ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
date: Tue, 01 Feb 2022 13:08:09 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
732 B 252ms
101ms XHR
application/json 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:09 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 44f8e9e6-05fe-4883-a3e6-769fa004aaca
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.scriptcult.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
175 B 740ms
248ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
date: Tue, 01 Feb 2022 13:08:09 GMT
access-control-allow-credentials: true
server: nginx
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary: Origin
accept-ch-lifetime: 604800

POST
H2 204 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
149 B 885ms
78ms XHR
text/plain 2a02:fa8:c411:12::1140
CNVR-APAC

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:c411:12::1140 , United States, ASN399104 (CNVR-APAC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: 0

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
38 B 365ms
362ms XHR
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://ja.scriptcult.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6d6b682559267827-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 17ms
16ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
date: Tue, 01 Feb 2022 13:08:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
179 B 648ms
220ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
date: Tue, 01 Feb 2022 13:08:09 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 458ms
160ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 01 Feb 2022 13:08:09 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://ja.scriptcult.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
373 B 379ms
233ms XHR
application/json 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ja.scriptcult.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
701 B 225ms
76ms XHR
application/json 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:09 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: cd5a67e3-7e84-4599-aaad-92b43ed264e4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.scriptcult.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST openrtb
adx.adform.net/adx/ 0
0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
417 B 36ms
36ms Script
text/javascript 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ja.scriptcult.com&callback=_gfp_s_&client=ca-pub-2173063720940886

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

2e08135fdd29ce74463d240b770aea46162646be5496a413f8d1c22c7d65fbd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 77ms
37ms Script
application/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ja.scriptcult.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 76ms
37ms Script
application/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.scriptcult.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB34 289 KB
68 KB 456ms
456ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&adk=1812271804&adf=3025194257&lmt=1643720889&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888955&bpp=2&bdt=299&idt=348&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=420879156007&frm=20&pv=2&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=362

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e2f345d8baf1f2f9fbc6d0c1fd4719322d8c9033da644169e3ec6363d4f1b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 01 Feb 2022 13:08:09 GMT
server: cafe
content-length: 69490
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 01 Feb 2022 13:08:09 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED8B 88 KB
31 KB 383ms
383ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=2664236338&adk=3842632652&adf=3501923860&pi=t.ma~as.2664236338&w=1200&fwrn=4&fwrnh=100&lmt=1643720889&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888957&bpp=2&bdt=301&idt=379&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zmMoroen6U&p=https%3A//ja.scriptcult.com&dtd=384

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83e8b4972b51ca93484a7122bed75dd96771d2ca71c5691218f548ed40463b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 01 Feb 2022 13:08:09 GMT
server: cafe
content-length: 31379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 01 Feb 2022 13:08:09 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C6F 94 KB
31 KB 551ms
551ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=9063506610&adk=2157201699&adf=177543962&pi=t.ma~as.9063506610&w=800&fwrn=4&fwrnh=100&lmt=1643720889&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888959&bpp=1&bdt=302&idt=398&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jns0YK9wMS&p=https%3A//ja.scriptcult.com&dtd=402

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5149e1b21dd274a72ffd7008fe706186535f8770b2884cfaec9f94aa05a49b22

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COOy473J3vUCFQQTvQod6yEAQQ&gqi=uTD5Yc2tF7mSs8IP9_yF6Ac&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COOy473J3vUCFQQTvQod6yEAQQ&gqi=uTD5Yc2tF7mSs8IP9_yF6Ac&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 01 Feb 2022 13:08:09 GMT
server: cafe
content-length: 31604
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 01 Feb 2022 13:08:09 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3712 93 KB
32 KB 484ms
483ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=3645182774&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888960&bpp=1&bdt=304&idt=416&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=GK22Sd03lm&p=https%3A//ja.scriptcult.com&dtd=419

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be43121aef72ba96e8e2021adc0e291c41b4efc52949fe2b0e47c9d2ce142a9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 01 Feb 2022 13:08:09 GMT
server: cafe
content-length: 32537
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 01 Feb 2022 13:08:09 GMT
cache-control: private

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
23 KB 18ms
13ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 510002
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx575085c11fda4a1eb1c4c-0061f1618e
x-amz-id-2: tx575085c11fda4a1eb1c4c-0061f1618e
last-modified: Wed, 26 Jan 2022 14:43:28 GMT
server: cloudflare
etag: W/"88567a823cfd2840dd0a3198b929d466"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPdOST4lj0zTKEV2glYqKdaRHfE%2Bkz88cbk9TdNPqu3U92MYeyZGkHqpKBWv58qkxaTnqiRHGjev9iXXRghCXLMax%2BXhGYGSiskGddTYaAbOFiCR9ne%2FXUYmNnWuAEZNHJ5IIG1mPTka9LQP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1643208208262354
cf-ray: 6d6b6826a87580db-NRT
access-control-allow-headers: Authorization

GET
H2 200 track Show response
040a934b06.6c25910c97.com/in/ 0
199 B 955ms
946ms XHR
text/plain 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://040a934b06.6c25910c97.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTg4OTQwMTU4NTQzOTY4MzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjE0LjAiLCJ0YWdfaWQiOjE5NDIsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MH0=
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 938ms
223ms Preflight 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ja.scriptcult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:10 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ja.scriptcult.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
41 B 204ms
161ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 01 Feb 2022 13:08:08 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://ja.scriptcult.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
39 B 268ms
267ms XHR
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://ja.scriptcult.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6d6b6826ed307827-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
17 B 482ms
251ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
date: Tue, 01 Feb 2022 13:08:09 GMT
access-control-allow-credentials: true
server: nginx
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary: Origin
accept-ch-lifetime: 604800

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
701 B 79ms
79ms XHR
application/json 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:09 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: f2640ba0-69be-4fbc-85ee-9faa13516c88
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.scriptcult.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST openrtb
adx.adform.net/adx/ 0
0

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
179 B 387ms
217ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
date: Tue, 01 Feb 2022 13:08:09 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
149 B 624ms
78ms XHR
text/plain 2a02:fa8:c411:12::1140
CNVR-APAC

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:c411:12::1140 , United States, ASN399104 (CNVR-APAC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
373 B 120ms
120ms XHR
application/json 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ja.scriptcult.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
732 B 77ms
77ms XHR
application/json 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:09 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 8e28ba8c-c843-4654-994a-02aab0af9e72
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.scriptcult.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 309B 93 KB
31 KB 476ms
476ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888961&bpp=1&bdt=305&idt=470&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cHirxoRVx9&p=https%3A//ja.scriptcult.com&dtd=472

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec8c14e7d3b8fe921d6b3828f352f91264ed37ba859845baa9fb6a6af322d79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 01 Feb 2022 13:08:09 GMT
server: cafe
content-length: 32128
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 01 Feb 2022 13:08:09 GMT
cache-control: private

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 924ms
222ms Preflight 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ja.scriptcult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:10 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ja.scriptcult.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 4ms
4ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
date: Tue, 01 Feb 2022 13:08:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
179 B 376ms
215ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
date: Tue, 01 Feb 2022 13:08:09 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
701 B 103ms
103ms XHR
application/json 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:09 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: c8b0743a-7469-46e8-a4b7-72e289132a03
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.scriptcult.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
17 B 471ms
254ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
date: Tue, 01 Feb 2022 13:08:09 GMT
access-control-allow-credentials: true
server: nginx
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary: Origin
accept-ch-lifetime: 604800

POST
H2 204 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
149 B 688ms
153ms XHR
text/plain 2a02:fa8:c411:12::1140
CNVR-APAC

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:c411:12::1140 , United States, ASN399104 (CNVR-APAC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: 0

POST openrtb
adx.adform.net/adx/ 0
0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
17 B 188ms
160ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.scriptcult.com
x-nbr: 1
date: Tue, 01 Feb 2022 13:08:09 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
39 B 277ms
277ms XHR
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://ja.scriptcult.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6d6b68270d877827-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
732 B 75ms
75ms XHR
application/json 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:09 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: ecb5d28e-2f83-473f-8404-46312fcdb13b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.scriptcult.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
373 B 106ms
106ms XHR
application/json 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ja.scriptcult.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 73ms
37ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ja.scriptcult.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 73ms
36ms Script
application/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.scriptcult.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9086 85 KB
30 KB 427ms
426ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1643720889&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720889021&bpp=1&bdt=365&idt=445&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D02a7eb32686ca68a-22daa14b50d0000d%3AT%3D1643720889%3ART%3D1643720889%3AS%3DALNI_MaLmQmYFStckSBg6sl09TF5UIvOvg&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=uaQuywA3pT&p=https%3A//ja.scriptcult.com&dtd=448

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f380d8483d71874b239a03dde1aad9c674fb93d9b5d1fc32def059b8713e131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 01 Feb 2022 13:08:09 GMT
server: cafe
content-length: 30970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 01 Feb 2022 13:08:09 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame ED8B 538 B
434 B 80ms
39ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=%E3%83%A9%E3%83%90%E3%83%BC%E3%81%AE%E6%9B%B4%E6%96%B0%E3%82%A4%E9%96%8B%E3%81%8F%E3%83%89

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=2664236338&adk=3842632652&adf=3501923860&pi=t.ma~as.2664236338&w=1200&fwrn=4&fwrnh=100&lmt=1643720889&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888957&bpp=2&bdt=301&idt=379&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zmMoroen6U&p=https%3A//ja.scriptcult.com&dtd=384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4c2d5218ae59888532dcc57a91b6ebc4f189fd259a8abe8ae62cddd5afe106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 13:08:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 13:08:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Feb 2022 13:08:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame ED8B 4 KB
1 KB 77ms
37ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76f754050e2c29ed1ee0e170536af6dfb5b48721068bc9fe786633289b024272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 12:29:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 13:08:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Feb 2022 13:08:09 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame ED8B 1 KB
954 B 43ms
3ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:13 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame ED8B 18 KB
8 KB 40ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:04:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame ED8B 2 KB
1 KB 42ms
4ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED8B 123 KB
38 KB 96ms
53ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 13:08:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame ED8B 14 KB
6 KB 40ms
3ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:05:49 GMT

GET
H2 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame ED8B 27 KB
12 KB 45ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 01:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 01:14:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ED8B 0
0 46ms
46ms Fetch
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COAP7uTD5YfbyFovG9AXFlLaYCrLVnJRnmtWT3-ILmJL4h7MCEAEgxLXSIWCJ88WE9BOgAY3s5NkCyAEJqQI7FqbVnX2qPqgDAcgDywSqBNwBT9CC-enz5iBerVqkC5zgJjnvbjH4QbhcPm1VwPmOBWtovWEnFRQ_TYCwiqaPCC-UZWADOeZlaweVGF6ONbh4rOPINFPW28Vo5FdGFnbPvtqJRHRgv5LssJ0HFJLJTXJv12n3s0y-2eOyiGKqKyRFW_MTFQgW9xN2p_Fw0Omf3Ck2u9AOu52HqSXTVqPT0bNEAIVqJoNlnnjy8tPBebe2gPhN0JciB45HlxSad17DG6dnThwW3_jDjXUAUjxozLAj0MeKAwqMMkTGvWd4biCcrs63mDzfI1FUo3EJlsAEu52b3voCkgUECAQYAZIFBAgFGASgBi6AB9uTm6YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQu64P0ggHCIBhEAEYH4AKAcgLAdgTDYgUB9AVAYAXAbIXHAoaCAASFHB1Yi0yMTczMDYzNzIwOTQwODg2GAA&sigh=Nvr5fSUly9w&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=2664236338&adk=3842632652&adf=3501923860&pi=t.ma~as.2664236338&w=1200&fwrn=4&fwrnh=100&lmt=1643720889&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888957&bpp=2&bdt=301&idt=379&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=zmMoroen6U&p=https%3A//ja.scriptcult.com&dtd=384
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 01 Feb 2022 13:08:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Feb 2022 13:08:09 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6755164337674422732/ Frame ED8B 16 KB
16 KB 43ms
5ms Image
image/jpeg 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6755164337674422732/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1634419093035de0aa3c68aa76c321615a66e7288eb69bf9b2face04f17d6dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 22:20:39 GMT
x-content-type-options: nosniff
age: 53250
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16421
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 10:05:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 31 Jan 2023 22:20:39 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16724293977746283999/ Frame ED8B 4 KB
4 KB 41ms
4ms Image
image/png 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16724293977746283999/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541bd46059c2b8987999b59ba85e695f38663ba0c3457f15d4b63ec710f06216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:46:15 GMT
x-content-type-options: nosniff
age: 501714
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3670
x-xss-protection: 0
last-modified: Sun, 22 Mar 2020 15:22:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Jan 2023 17:46:15 GMT

GET
DATA 200
OK truncated
/ Frame ED8B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae80533b34f2c04a02bfd6d29b50d50a4e4eca885d0e358c4372e66c6d11720

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
c.mgid.com/pv/ 0
303 B 250ms
244ms Script
text/plain 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=164372088988116986937&uniqId=0cb06&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&lu=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&sessionId=61f930ba-0e666&pageView=1&pvid=17eb566561aa90c9f47&site=761202&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228650.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6d6b6829c87180fc-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame ED8B 15 KB
16 KB 43ms
3ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 00:13:12 GMT
x-content-type-options: nosniff
age: 392097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 28 Jan 2023 00:13:12 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame ED8B 5 KB
5 KB 42ms
4ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQei0q12VPZGua91jwLBpcNTamW0Izgj3upiTEw9-fv-_eHviJJELQ6SnWWMbf40_j&skey=b1468649b9c42538&v=v40

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=%E3%83%A9%E3%83%90%E3%83%BC%E3%81%AE%E6%9B%B4%E6%96%B0%E3%82%A4%E9%96%8B%E3%81%8F%E3%83%89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1a738785d0e53635d7bb9f82f3fc5270c5043b72d2a51a02c7934fba5e87098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 00:14:33 GMT
x-content-type-options: nosniff
age: 46416
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4968
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:14:33 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame ED8B 5 KB
5 KB 41ms
3ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxogMdbqZGuF91jOLBlrNTabW0Mfgj3vpiTCw9-Av-_nHvicIVfc6STSV8vg&skey=72472b0eb8793570&v=v40

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5aeff906bad1ba022b7f876224373be4240c3e42df8ce8ec01025abb5a50cbae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 22:40:27 GMT
x-content-type-options: nosniff
age: 52062
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4832
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Mon, 31 Jan 2022 22:40:27 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/ 150 KB
54 KB 54ms
53ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/reactive_library_fy2019.js?bust=31064543

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e9b4af3934e5c578ad616bc1f75c80bae0ac11e99e19d975e5f473f52aedffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54883
x-xss-protection: 0
server: cafe
etag: 8339909267414215140
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 13:08:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3712 822 B
580 B 83ms
46ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%96%E3%80%82%E9%96%8B%E3%83%AB%E3%82%88%E3%82%81%E5%8B%95%E3%83%AD%EF%BC%81%E3%81%8D%E7%94%BB%E3%83%A7%E3%81%A9%E3%83%95%E3%81%99%E3%81%90%E3%81%AB%E3%83%88%E5%A7%8B%E3%81%AE%E3%82%A4%E5%A4%89%E3%83%BC%E3%83%B3%E3%81%A7%E3%83%AA%E4%BF%A1%E3%82%8B%E6%8F%9B%E3%82%82%E3%83%AC%E3%82%B8%E3%82%B9%E3%81%8F%E9%A0%BC%E3%81%86%E4%BB%8A%E3%81%BE%E3%82%BD

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=3645182774&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888960&bpp=1&bdt=304&idt=416&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=GK22Sd03lm&p=https%3A//ja.scriptcult.com&dtd=419

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f5903a331ea98bea509adddaf1e51900fa9386c0a15ba8bb6df139c16eddf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 13:08:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 13:08:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3712 4 KB
810 B 75ms
39ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7285580be75cd3030f88e9965590dbf8cc61ade01a82348b993c8f2a3f1245b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 12:17:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 13:08:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 3712 1 KB
875 B 3ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:13 GMT

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 24ms
19ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 6920
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 563Q182XKKBGBPYA
x-amz-id-2: bdPUe4HjGqrAVg8eEZZYoC6KD28ITcgPDbSbHjAUGcQb3btZBQnFND4c/5y2yIgUVrant8QWGnY=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6d6b682a59f080fc-NRT
expires: Wed, 02 Feb 2022 13:08:09 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 20ms
16ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 6945
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: G7XVAWHV2A1TM5YQ
x-amz-id-2: YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6d6b682a59f380fc-NRT
expires: Wed, 02 Feb 2022 13:08:09 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 85ms
41ms Fetch
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame 9086 594 B
402 B 75ms
71ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%AE%89%E3%82%B6%E3%82%92%E5%85%A8%E3%83%BC%E3%83%B3%E3%82%A6%E3%83%AD%E3%83%80%E3%83%89%E8%A9%B3%E7%B4%B0%E3%81%AA%E3%83%A9%E3%83%96

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1643720889&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720889021&bpp=1&bdt=365&idt=445&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D02a7eb32686ca68a-22daa14b50d0000d%3AT%3D1643720889%3ART%3D1643720889%3AS%3DALNI_MaLmQmYFStckSBg6sl09TF5UIvOvg&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=uaQuywA3pT&p=https%3A//ja.scriptcult.com&dtd=448

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c874a0cc60c9c017679a1ca4903267d12b8c9b1a7f4507ed39f51d8f4c15892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 13:08:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 13:08:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 9086 1 KB
875 B 2ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:13 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 3712 18 KB
7 KB 4ms
4ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:04:12 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 3712 2 KB
1 KB 4ms
4ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3712 123 KB
38 KB 143ms
108ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 3712 14 KB
6 KB 4ms
4ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:05:49 GMT

GET
H3 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame 3712 27 KB
11 KB 41ms
5ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 01:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 01:14:13 GMT

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame AF2A 35 KB
13 KB 7ms
4ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:32:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 04:32:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 309B 8 KB
888 B 67ms
65ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888961&bpp=1&bdt=305&idt=470&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cHirxoRVx9&p=https%3A//ja.scriptcult.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 11:40:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 13:08:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 309B 1 KB
875 B 19ms
18ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888961&bpp=1&bdt=305&idt=470&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cHirxoRVx9&p=https%3A//ja.scriptcult.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:13 GMT

GET
H3 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4C6F 84 KB
29 KB 17ms
16ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=9063506610&adk=2157201699&adf=177543962&pi=t.ma~as.9063506610&w=800&fwrn=4&fwrnh=100&lmt=1643720889&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888959&bpp=1&bdt=302&idt=398&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jns0YK9wMS&p=https%3A//ja.scriptcult.com&dtd=402

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 02 Feb 2022 03:59:01 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3287104372007466909/ Frame 3712 17 KB
17 KB 4ms
3ms Image
image/jpeg 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3287104372007466909/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60566ed91cbc3841e31c2cd1e334871e6a3c470b16b8bda8a17af6dcede14a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 08:31:59 GMT
x-content-type-options: nosniff
age: 362171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16900
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 01:24:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Jan 2023 08:31:59 GMT

GET
DATA 200
OK truncated
/ Frame 3712 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3712 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 9086 18 KB
7 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:04:12 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 9086 2 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9086 123 KB
38 KB 94ms
94ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 9086 14 KB
6 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:05:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9086 0
0 77ms
39ms Image
text/html 2404:6800:4004:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSn4UQJR9DBuQTkQKYO_NsAYj_b_pDXSIXdXJV0a0toAspfwfJWSJ6BxrGuVzZgUPudWxkDgsBXdSeIXDmBMyKFVYMKKA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1643720889&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720889021&bpp=1&bdt=365&idt=445&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D02a7eb32686ca68a-22daa14b50d0000d%3AT%3D1643720889%3ART%3D1643720889%3AS%3DALNI_MaLmQmYFStckSBg6sl09TF5UIvOvg&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=uaQuywA3pT&p=https%3A//ja.scriptcult.com&dtd=448
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:80b::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame 9086 27 KB
11 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 01:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 01:14:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3712 0
0 49ms
49ms Fetch
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXujTuTD5YfD4GMym9QXnnZGgCNi6rbJklsKgkr8I14LOjuQVEAEgxLXSIWCJ88WE9BOgAbL9hOMDyAEJqQKLtDbbXhmFPqgDAcgDywSqBNQBT9Bqn1Uoka7p7n2CusGPCfnG5CQ3DR7KOTTM6cFp_7nfFHURDXxic0YZLGTLMwdDd8lJTwSPq0TWzxfYHV81oRVZtucWYa4XtQx6v3GGtNjM9Z-QoHeTW7GFY7YDCjfHlSHCOu5BRtHATf1Qq4lFSYsI12i6mJfQwTr8lihzWTyzSlpteWBSEnCi7C4HpfWy03rwVRdz1Hv6AAslvRP1dvnoJblNTI7Yjul7uXppEPYzhHJvK7qQwj3s7aGCHaZvpC5mEAd_8LcIQWgP3-EztwBqaXjABNfZgpS8AZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe2gvscqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQgM8S0ggHCIBhEAEYH4AKAcgLAbgTiCfYEw2IFAbQFQGYFgGAFwGyFxwKGggAEhRwdWItMjE3MzA2MzcyMDk0MDg4NhgA&sigh=mLzrvuCbqFQ&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=3645182774&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888960&bpp=1&bdt=304&idt=416&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=GK22Sd03lm&p=https%3A//ja.scriptcult.com&dtd=419
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 01 Feb 2022 13:08:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 309B 18 KB
7 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888961&bpp=1&bdt=305&idt=470&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cHirxoRVx9&p=https%3A//ja.scriptcult.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:04:12 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 309B 2 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888961&bpp=1&bdt=305&idt=470&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cHirxoRVx9&p=https%3A//ja.scriptcult.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 309B 123 KB
38 KB 83ms
83ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888961&bpp=1&bdt=305&idt=470&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cHirxoRVx9&p=https%3A//ja.scriptcult.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 309B 14 KB
6 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888961&bpp=1&bdt=305&idt=470&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cHirxoRVx9&p=https%3A//ja.scriptcult.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:05:49 GMT

GET
H3 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame 309B 27 KB
11 KB 3ms
3ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888961&bpp=1&bdt=305&idt=470&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cHirxoRVx9&p=https%3A//ja.scriptcult.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 01:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 01:14:13 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/53505307/
Redirect Chain

https://mc.yandex.ru/watch/53505307?wmode=7&page-url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqe37688zjz%3Afp%3A805%3Afu%...
https://mc.yandex.ru/watch/53505307/1?wmode=7&page-url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqe37688zjz%3Afp%3A805%3Af...

350 B
432 B

215ms
215ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/53505307/1?wmode=7&page-url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqe37688zjz%3Afp%3A805%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A205002047509%3Ahid%3A876940836%3Az%3A0%3Ai%3A20220201130810%3Aet%3A1643720890%3Ac%3A1%3Arn%3A18864742%3Arqn%3A1%3Au%3A1643720890410259034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643720888081%3Ads%3A10%2C9%2C548%2C3%2C0%2C0%2C%2C426%2C35%2C%2C%2C%2C997%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643720890%3At%3AACSUP%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB-2020%E5%B9%B4%E3%81%AB.ACSUP%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%92%E9%96%8B%E3%81%8F%E6%9C%80%E3%82%82%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%20-%20%E6%8B%A1%E5%BC%B5%20-%202022&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d6e06ff9ddcf7185c1fac856e7a8704ed4c5e39a3a528f4d17b2aff305ca3440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 01-Feb-2022 13:08:10 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.scriptcult.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Tue, 01-Feb-2022 13:08:10 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
last-modified: Tue, 01-Feb-2022 13:08:10 GMT
location: /watch/53505307/1?wmode=7&page-url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqe37688zjz%3Afp%3A805%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A205002047509%3Ahid%3A876940836%3Az%3A0%3Ai%3A20220201130810%3Aet%3A1643720890%3Ac%3A1%3Arn%3A18864742%3Arqn%3A1%3Au%3A1643720890410259034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643720888081%3Ads%3A10%2C9%2C548%2C3%2C0%2C0%2C%2C426%2C35%2C%2C%2C%2C997%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643720890%3At%3AACSUP%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB-2020%E5%B9%B4%E3%81%AB.ACSUP%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%92%E9%96%8B%E3%81%8F%E6%9C%80%E3%82%82%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%20-%20%E6%8B%A1%E5%BC%B5%20-%202022&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ja.scriptcult.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 01-Feb-2022 13:08:10 GMT

GET
DATA 200
OK truncated
/ Frame 309B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 309B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/18273264089004239298/ Frame 9086 6 KB
6 KB 3ms
3ms Image
image/png 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18273264089004239298/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be82f69108bad199b0c8a477e0d2d55c8d84206d07f8282dfc0b1976910e76f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:22:54 GMT
x-content-type-options: nosniff
age: 503116
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5847
x-xss-protection: 0
last-modified: Wed, 26 May 2021 16:05:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Jan 2023 17:22:54 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13068454850728887132/ Frame 9086 21 KB
21 KB 4ms
3ms Image
image/png 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13068454850728887132/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ef9af78f4293d594cf253736d119845dca6fbfbba9c817e13f5e8694404f293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 23:04:49 GMT
x-content-type-options: nosniff
age: 482601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21147
x-xss-protection: 0
last-modified: Wed, 26 May 2021 16:06:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Jan 2023 23:04:49 GMT

GET
DATA 200
OK truncated
/ Frame 9086 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf3b27e13fa1655736876763c4c3016eee8e3f91688ffab0c4eb003aeb085e2e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9086 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

B26966257.323563040;dc_pre=CJuNlb7J3vUCFYCF6QUdvNMD8A;dc_trk_aid=515910339;dc_trk_cid=163309495;ord=3533396023;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/ Frame 9086
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B26966257.323563040;dc_trk_aid=515910339;dc_trk_cid=163309495;ord=3533396023;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B26966257.323563040;dc_pre=CJuNlb7J3vUCFYCF6QUdvNMD8A;dc_trk_aid=515910339;dc_trk_cid=163309495;ord=3533396023;dc_lat=;dc_rd...

42 B
63 B

86ms
49ms

Fetch
image/gif

172.217.174.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B26966257.323563040;dc_pre=CJuNlb7J3vUCFYCF6QUdvNMD8A;dc_trk_aid=515910339;dc_trk_cid=163309495;ord=3533396023;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?

Requested by

Protocol

Server

172.217.174.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B26966257.323563040;dc_pre=CJuNlb7J3vUCFYCF6QUdvNMD8A;dc_trk_aid=515910339;dc_trk_cid=163309495;ord=3533396023;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9086 0
0 42ms
42ms Fetch
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgrwKuTD5YcPPHtiX9AW0sLjIC7yLuvRnjYyVuJIPpOfy7ZUCEAEgxLXSIWCJ88WE9BOgAdzfoZMDyAEBqAMByAPLBKoE2QFP0IhiEPUQS5ThCkNiaLFCMlwW-bM97AAZilf9_A5G3dd8f14C9axa7qNnrr_Tvx0_JfheCWwwW1Uiytx_CHmc0iDgqA5xKll3Cu0voTZgyilCiarh2UXfGwapiy52X7t_fBI3tGY3geoSRGeQ4c-n-uUj9zZUDcEAPjGugvFB2XAV0ESagTEIbztjTGOf-wAH4dfm8tsUpWg8PI7GVA_FplSEwK79lM5EJISMXhsfToB3erpj1lJz61QgOrF6FAgPIVwRhMAfE96zwaB-XKqI5i5ewHXk1C01wASEoO6A6gKSBQQIBBgBkgUECAUYBKAGLoAHjKDebKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEI3bBNIIBwiIYRABGB-ACgHICwG4E50n2BMMiBQE0BUBmBYBgBcBshccChoIABIUcHViLTIxNzMwNjM3MjA5NDA4ODYYAA&sigh=Z09ZghDgupE&uach_m=[UACH]&template_id=5021

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1643720889&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720889021&bpp=1&bdt=365&idt=445&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D02a7eb32686ca68a-22daa14b50d0000d%3AT%3D1643720889%3ART%3D1643720889%3AS%3DALNI_MaLmQmYFStckSBg6sl09TF5UIvOvg&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=uaQuywA3pT&p=https%3A//ja.scriptcult.com&dtd=448
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 01 Feb 2022 13:08:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 309B 0
0 46ms
45ms Fetch
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1Q0iuTD5YcidHJbO9AW9uLDwCf273YFo_O3ppoIPiv2ghMMBEAEgxLXSIWCJ88WE9BOgAf_bisgDyAEJqAMByAPLBKoE2gFP0DX45VFsBo8OZ6plTwrO1s12RH71dNoGant2TolFWwFPVdr7rRm6KjVjxiMIcFKZz9RjNMLIPOK_gcydIPBvy6v9AL8pN2OGxZ6pZp8tAq03A2AUto64pPE8Df6Nb0uJ7SjAj9RJ4QeEhKTv5B__p2Iyo8NoL1-hm1DyzisccxOBGWWwZh04YsMrceXF6Bu84-3Ab2b1NV7HTAvg-xqUQqSIcBspYhFNCSH2dGU_vxUurX1G5iN7KJqRdMh5dz1d7eI83kTrGF71c22BbAx6dOpj-yP_NEdMN8AE-tb58rMDkgUECAQYAZIFBAgFGASgBi6AB_DurKICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ64AI0ggHCIBhEAEYH4AKAcgLAbgTiCfYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItMjE3MzA2MzcyMDk0MDg4NhgA&sigh=QzSSYjIw7MI&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888961&bpp=1&bdt=305&idt=470&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cHirxoRVx9&p=https%3A//ja.scriptcult.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888961&bpp=1&bdt=305&idt=470&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cHirxoRVx9&p=https%3A//ja.scriptcult.com&dtd=472
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 01 Feb 2022 13:08:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 215ms
215ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 01 Feb 2022 14:08:10 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 4C6F 18 KB
7 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:04:12 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 4C6F 2 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C6F 123 KB
38 KB 88ms
87ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 4C6F 14 KB
6 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:05:49 GMT

GET
H2 200 7429942958704029348_9361895978620553086.jpeg
static.doubleclick.net/dynamic/5/169801748/ Frame 4C6F 9 KB
10 KB 73ms
3ms Image
image/jpeg 172.217.174.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/169801748/7429942958704029348_9361895978620553086.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f6.1e100.net

Software

sffe /

Resource Hash

097c924417eb32b9a490e73bff883aab54569e382ae7b6c5fe869d35d43ba180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 06:26:08 GMT
x-content-type-options: nosniff
age: 110522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9256
x-xss-protection: 0
last-modified: Wed, 20 May 2020 04:17:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 06:26:08 GMT

GET
H2 200 13587977236756627849_2299194978479254703.jpeg
static.doubleclick.net/dynamic/5/169801748/ Frame 4C6F 24 KB
24 KB 74ms
4ms Image
image/jpeg 172.217.174.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/169801748/13587977236756627849_2299194978479254703.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f6.1e100.net

Software

sffe /

Resource Hash

63b6aab7eeec19d0ddb5947a53b70c945876941624313d9e09b37cfc3d11bb84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 08:52:10 GMT
x-content-type-options: nosniff
age: 15360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24295
x-xss-protection: 0
last-modified: Sun, 17 May 2020 14:35:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 08:52:10 GMT

GET
H2 200 4611055221144127725_10442223023446737641.jpeg
static.doubleclick.net/dynamic/5/169801748/ Frame 4C6F 20 KB
21 KB 72ms
3ms Image
image/jpeg 172.217.174.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/169801748/4611055221144127725_10442223023446737641.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f6.1e100.net

Software

sffe /

Resource Hash

e7e898dc6a3b58d888f116e67c7622ed7ad9e80586b8c835705966628193199d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 29 Jan 2022 14:59:54 GMT
x-content-type-options: nosniff
age: 252496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20990
x-xss-protection: 0
last-modified: Wed, 20 May 2020 04:19:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Jan 2023 14:59:54 GMT

GET
H3 200 11189941446222564306
tpc.googlesyndication.com/simgad/ Frame 4C6F 45 KB
45 KB 4ms
3ms Image
image/jpeg 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11189941446222564306

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b08ac747dff21149d1f83ed629ab28d7fa8290833c53aee519296b0455c497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 00:08:34 GMT
x-content-type-options: nosniff
age: 46776
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45974
x-xss-protection: 0
last-modified: Wed, 20 May 2020 15:13:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 00:08:34 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1228650/ 3 KB
1 KB 102ms
95ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1228650/1?pv=5&cbuster=1643720890141940195591&uniqId=0cb06&niet=4g&nisd=false&jsv=es6&w=800&h=213&wrongImageSize=1&p3_w=258&p3_h=167&maxw_3=258&maxh_3=167&cols=3&ref=&cxurl=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&lu=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&sessionId=61f930ba-0e666&pageView=1&pvid=17eb566561aa90c9f47&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228650.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae5e40faf86ee427a0bc3b4728126b1399796d2928a8b68fc5ac57572cb72a4d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6d6b682b6c8580fc-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/1228650/ 3 KB
1 KB 108ms
103ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1228650/1?w=800&h=213&wrongImageSize=1&p3_w=258&p3_h=167&maxw_3=258&maxh_3=167&cols=3&pv=5&cbuster=164372089014549189238&uniqId=06928&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&lu=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&sessionId=61f930ba-0e666&pageView=0&pvid=17eb566561aa90c9f47&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228650.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21bb1ee10e2a86ee0b074fd756543fc1aaaf25211f3dcb0b2baa9613b2abae73

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6d6b682b6c8980fc-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/1228643/ 4 KB
2 KB 97ms
94ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1228643/1?w=1600&h=307&p3_w=304&p3_h=261&maxw_3=304&maxh_3=261&cols=5&pv=5&cbuster=1643720890146382328060&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&lu=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&sessionId=61f930ba-0e666&pageView=0&pvid=17eb566561aa90c9f47&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6bde6bdca87ad63be0e0d377df0a5e2a8b3a914445f809e116560e1ddd38043

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6d6b682b6c8780fc-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 36ms
36ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ja.scriptcult.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 37ms
36ms Script
application/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.scriptcult.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/ Frame 6856 10 KB
5 KB 2ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Mon, 31 Jan 2022 16:28:39 GMT
expires: Mon, 14 Feb 2022 16:28:39 GMT
cache-control: public, max-age=1209600
age: 74371
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/ Frame C6D9 10 KB
5 KB 2ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Mon, 31 Jan 2022 16:28:39 GMT
expires: Mon, 14 Feb 2022 16:28:39 GMT
cache-control: public, max-age=1209600
age: 74371
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

B10454358.278117076;dc_pre=CN2ctL7J3vUCFUHZvQodsfgJtw;dc_trk_aid=472257882;dc_trk_cid=135238852;ord=2450333238;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= Show response
ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/ Frame 4C6F
Redirect Chain

https://924-img.c3tag.com/v.gif?cid=924&c3ce=700&C3NO=1&adid=2450333238&c3=N349404.134426GOOGLEDISPLAYNETWO-278117076&creative=135238852&redirect=~{https://ad.doubleclick.net/ddm/trackimp/N349404.1...
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.278117076;dc_trk_aid=472257882;dc_trk_cid=135238852;ord=2450333238;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.278117076;dc_pre=CN2ctL7J3vUCFUHZvQodsfgJtw;dc_trk_aid=472257882;dc_trk_cid=135238852;ord=2450333238;dc_lat=;dc_rd...

42 B
63 B

49ms
49ms

Fetch
image/gif

172.217.174.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.278117076;dc_pre=CN2ctL7J3vUCFUHZvQodsfgJtw;dc_trk_aid=472257882;dc_trk_cid=135238852;ord=2450333238;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Server

172.217.174.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10454358.278117076;dc_pre=CN2ctL7J3vUCFUHZvQodsfgJtw;dc_trk_aid=472257882;dc_trk_cid=135238852;ord=2450333238;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4C6F 0
0 43ms
43ms Fetch
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBbRwuTD5YaPyF4Sm9AXrw4CIBPeVkZJorNiRuPML2dkeEAEgxLXSIWCJ88WE9BOgAfDwlfoDyAEJqAMByAPLBKoE3QFP0LydbrFx0yytpAo6t1LEThQRTFCJJOBrwQg2ix7zqBY3I7rVquOCPWxKlguJgsbEYx59-Tj1B91PayPzzmtzDd8VDa_aXASYjwpiK_O3L8_SLRocEAMeQY7yNRTsxJK5-yY6LL4nnqA1DsRyGsQiwvmjBlBwsJgq45Ydv_AWAktczXC79riRHBdHTUzSLAqBDcfHDx_2WusJc1PVCWogcLjtShkJnEQA80oKKCA8dfTBTMvPkKMO97jW_mo4qERK9Lp4FPyW-CemigLIgOzY2qkZl7rgkZIIKQf8-8AE3P79u_oCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-OQ7DSoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ6fUJ0ggHCIBhEAEYH4AKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi0yMTczMDYzNzIwOTQwODg2GAA&sigh=fAJx4d-_Qz8&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=9063506610&adk=2157201699&adf=177543962&pi=t.ma~as.9063506610&w=800&fwrn=4&fwrnh=100&lmt=1643720889&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888959&bpp=1&bdt=302&idt=398&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jns0YK9wMS&p=https%3A//ja.scriptcult.com&dtd=402
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 01 Feb 2022 13:08:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 1 Show response
servicer.mgid.com/1228642/ 12 KB
4 KB 88ms
87ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1228642/1?w=800&h=2926&p6_w=300&p6_h=250&maxw_6=300&maxh_6=250&cols=1&pv=5&cbuster=16437208902232918526&uniqId=0e228&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&lu=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&sessionId=61f930ba-0e666&pageView=0&pvid=17eb566561aa90c9f47&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228642.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95140b7c22e6358e209de79b8e47ff1aa1869d1f949157f3b97f732b3cf5959a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6d6b682bed7f80fc-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
11 KB 335ms
335ms XHR
text/plain 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1600168022173450&correlator=3594272128928912&output=ldjh&impl=fif&eid=44752541%2C21065725&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220201&iu_parts=121764058%3A22612148122%2Cstrephonsays.com_1st_group_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&cookie=ID%3D02a7eb32686ca68a-22daa14b50d0000d%3AT%3D1643720889%3ART%3D1643720889%3AS%3DALNI_MaLmQmYFStckSBg6sl09TF5UIvOvg&bc=31&abxe=1&dt=1643720890255&lmt=1643720890&dlt=1643720888657&idt=758&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=1200&adks=124212634&ucis=1&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=700x-1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=false&fws=640&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

83cbba3e8104482b9f015ebdea1b4630354952c3cd2f09131398bfbdd5bfcf62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10981
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.scriptcult.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 056B 6 KB
4 KB 114ms
39ms Document
text/html 2404:6800:4004:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 01 Feb 2022 13:08:10 GMT
expires: Wed, 01 Feb 2023 13:08:10 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 483ms
482ms XHR
text/plain 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1600168022173450&correlator=3594272128928912&output=ldjh&impl=fif&eid=44752541%2C21065725&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220201&iu_parts=121764058%3A22612148122%2Cstrephonsays.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&cookie=ID%3D02a7eb32686ca68a-22daa14b50d0000d%3AT%3D1643720889%3ART%3D1643720889%3AS%3DALNI_MaLmQmYFStckSBg6sl09TF5UIvOvg&bc=31&abxe=1&dt=1643720890266&lmt=1643720890&dlt=1643720888657&idt=758&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=1200&adks=3954341808&ucis=2&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=700x-1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=false&fws=640&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

3da28eab8c8e7dfd582334ac0e8cdc8767e648a281874119b2259ee150774788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9281
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.scriptcult.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
361 B 164ms
163ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=251
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d6b682c3bae8a96-NRT
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 03D7 143 B
163 B 2ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=9063506610&adk=2157201699&adf=177543962&pi=t.ma~as.9063506610&w=800&fwrn=4&fwrnh=100&lmt=1643720889&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888959&bpp=1&bdt=302&idt=398&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=jns0YK9wMS&p=https%3A//ja.scriptcult.com&dtd=402

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 01 Feb 2022 12:43:55 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1455
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3712 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a62bf6095986d7440bbf22104ab3179c61723123987e097016da09595b21d4dd

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame 3712 15 KB
15 KB 43ms
4ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12X2hgmVljrhSXhzW1e-NiMW7l3n1UTMub-Rxo_PW5ihYCLtp1znF77qoTrp-3BC8KgqLx4wOVJFksMQ96ahe5AhpLh55TrN5nll-vR__A7Mu_4IoY8Fxp5paSZTO8F_s9pO8r7xGn0gtGlARzdnrdMCs6tLA9XKn9JVcbukeN0YhJVIvHVNEEYqPD6IkWZVl91jsILW9Q&skey=fbc48de1c6e1b00c&v=v40

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%96%E3%80%82%E9%96%8B%E3%83%AB%E3%82%88%E3%82%81%E5%8B%95%E3%83%AD%EF%BC%81%E3%81%8D%E7%94%BB%E3%83%A7%E3%81%A9%E3%83%95%E3%81%99%E3%81%90%E3%81%AB%E3%83%88%E5%A7%8B%E3%81%AE%E3%82%A4%E5%A4%89%E3%83%BC%E3%83%B3%E3%81%A7%E3%83%AA%E4%BF%A1%E3%82%8B%E6%8F%9B%E3%82%82%E3%83%AC%E3%82%B8%E3%82%B9%E3%81%8F%E9%A0%BC%E3%81%86%E4%BB%8A%E3%81%BE%E3%82%BD

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2023cf3891d4b1a19f8e9e2aeeca8ba81b7efcf0f42d0361f1840909edf09ad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 09:47:55 GMT
x-content-type-options: nosniff
age: 12015
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15572
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 01 Feb 2022 09:47:55 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 3712 15 KB
15 KB 44ms
6ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqZ07TlBQmUkjrhQnhzWFe-NyMW8V3n3ETMur-R-o_PWpihbyLtplznFb7qpDrp63BBz6gqLB4wM1JFkcMQ6KahdpAhmbh59jrN6Xll-_R__w7MvP4Ioo8E8J5paCZTJ8F_sNpOw77xF30gtWlAQDdnrNMCratLDNLyqdJRWrqQTN03mJVLvnZlAEcxHDCKoWZjoNt_jQ&skey=72472b0eb8793570&v=v40

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19782d49060ec7fe054ca14078fa641c8b482a91de024a370fa06cfbb53316f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 09:48:47 GMT
x-content-type-options: nosniff
age: 11963
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15588
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 01 Feb 2022 09:48:47 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 3712 17 KB
17 KB 41ms
3ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

953f95177cf9d22c325e2c95b1ad88160975a71ed6ce0454f261aec4b13fe610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 18:10:13 GMT
x-content-type-options: nosniff
age: 586677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17140
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 18:10:13 GMT

GET
DATA 200
OK truncated
/ Frame 9086 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b700b83d94ba528b894e13cc9b9fec48a5b0cc72a82e7808bf5bf66d641780ec

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/937112939012161927/ Frame 309B 10 KB
10 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/937112939012161927/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888961&bpp=1&bdt=305&idt=470&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cHirxoRVx9&p=https%3A//ja.scriptcult.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d9c23f2a735d6fda0717c9e91a26bc1e22a5c8606a75901b23db9da3fb63b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:53:09 GMT
x-content-type-options: nosniff
age: 569701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10138
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 22:19:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Jan 2023 22:53:09 GMT

GET
DATA 200
OK truncated
/ Frame 309B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c46b1855ad7fb4f62d7a8b93456719b979612ccf63817ea238655d3cf8f96c54

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1 Show response
servicer.mgid.com/1228644/ 1 KB
1 KB 89ms
89ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1228644/1?w=800&h=393&cols=1&pv=5&cbuster=1643720890333782561751&uniqId=0eab8&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&lu=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&sessionId=61f930ba-0e666&pageView=0&pvid=17eb566561aa90c9f47&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228644.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b1663d3ec18352f3af0d8915bc67b84bffef9bce44a68ecf379a164e6445a27

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6d6b682c9c9c8a96-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 1 Show response
servicer.mgid.com/1228644/ 1 KB
1 KB 91ms
91ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1228644/1?w=340&h=305&cols=1&pv=5&cbuster=1643720890334445434827&uniqId=16549&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&lu=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&sessionId=61f930ba-0e666&pageView=0&pvid=17eb566561aa90c9f47&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228644.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc90a59d26496119579e9c5f5237796319b4a49866b7191c58cc6000b2a7395

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6d6b682c9c9d8a96-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 309B 28 KB
28 KB 7ms
5ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 18:12:46 GMT
x-content-type-options: nosniff
age: 586524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 18:12:46 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 9086 7 KB
7 KB 7ms
7ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12VaZGu_91vyLBlrNTaZW0IigjzQpiXyw9-Qv-_GHvipJEL57DzwXd7C6VrFthBwrcgcTX4OXjRv_44bm_GTB9oQ&skey=fbc48de1c6e1b00c&v=v40

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%AE%89%E3%82%B6%E3%82%92%E5%85%A8%E3%83%BC%E3%83%B3%E3%82%A6%E3%83%AD%E3%83%80%E3%83%89%E8%A9%B3%E7%B4%B0%E3%81%AA%E3%83%A9%E3%83%96

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f80b5282515427aee98b9111bec836addada254253cf678ad2ab0dd88dbc061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 00:16:10 GMT
x-content-type-options: nosniff
age: 46320
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7388
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 00:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Tue, 01 Feb 2022 00:16:10 GMT

GET
DATA 200
OK truncated
/ Frame 4C6F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3697226791c6fcad0dcde1c142b05c5f00a1586e06961f9061462c1a011834e5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame 6856 4 KB
634 B 38ms
38ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 12:19:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 13:08:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6856 205 B
229 B 2ms
2ms Image
image/png 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 21:43:42 GMT
x-content-type-options: nosniff
age: 55468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 31 Jan 2023 21:43:42 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6856 604 B
628 B 3ms
3ms Image
image/png 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:06:59 GMT
x-content-type-options: nosniff
age: 572471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 25 Jan 2023 22:06:59 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 6856 18 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7952
x-xss-protection: 0
server: cafe
etag: 4804491876264876803
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C6D9 1 KB
782 B 38ms
37ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%B0%8F%E6%8F%B4%E5%88%86%20%E7%94%B0%E4%BD%BF%E3%81%91%E3%81%AA%EF%BC%93%E9%96%8B%EF%BC%97%E3%82%B9%E7%A5%9E%EF%BD%94%E6%99%829%E3%83%93%E3%82%8B%E3%82%92%E3%80%8D%E3%83%88%E3%83%8F%E4%BC%9A%E7%A4%BE%E3%83%B3%E3%81%AE%EF%BC%8D%EF%BC%A6%E3%83%83%E3%83%951%E3%81%9F%E5%B7%9D%E4%BB%A3%E5%8C%BA%EF%BD%8D%E3%83%AB%E3%82%B5%E3%80%8C%E3%82%A2%E5%BC%8F%E3%80%80%E7%B6%9A0%EF%BC%A7%E3%81%8F%E6%94%AF%EF%BC%91%E3%83%9C%EF%BC%98%E3%82%BF%E3%83%AA%E3%83%BC%E3%83%97%E3%83%A9%E3%81%A4%EF%BD%88%EF%BD%81%E3%82%B3%E7%99%BA%E7%94%BA%E3%83%9E%EF%BD%9E%E3%82%A8%E3%83%AD%E6%A0%AA%E5%8D%83%E3%83%89%E3%81%84%EF%BD%8F

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f7d0fb526c2ac2af0f6fe8b733b5f3defc1b2325752e6d3808bdf0fb46e1adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 13:08:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 13:08:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame C6D9 1 KB
875 B 2ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6D9 0
0 45ms
44ms Fetch
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChYvwuTD5YYWuFZPG9AXv-IuYDPCQq4xjodeqx5oPwI23ARABIMS10iFgifPFhPQToAHvgaOsAcgBCakCTVqSQnKrQj6oAwHIA8sEqgTkAU_QxK33LuigefM2Z1EV8wWV6IWa_Mfxr10rcJ1BZYRLZNr290VlUmDMqsYuTS-XM_aKBNDOPr9z6727iTM_fsn4iHir1sen2Ii3lt5Ac967oNBOr6L4D7skKTk7WYBZo32XzeFlIxQVRUd0lzY6RWnMhQqgtIvaRAZFczVmB-keaJ63GUpEgxRRv7eX9kG3YX1Ep51Bbxxmlve92JV2e4mem8BIKeX4HCxAjHTXtL2ivqIC4BlLJgd8J_2Tzo7D2aO3nHnBB38v2yAFDOUnD3XUzYcaWNWw7PEIe-i9whbD2KByY8AEitaS39UDkgUECAQYAZIFBAgFGASgBi6AB_n93NMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQtOUJ0ggHCIBhEAEYH4AKAcgLAbgTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItMjE3MzA2MzcyMDk0MDg4NhgA&sigh=ttsbpZ9BDYg&uach_m=[UACH]&template_id=520

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 01 Feb 2022 13:08:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame C6D9 18 KB
7 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:04:12 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame C6D9 2 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6D9 123 KB
38 KB 69ms
68ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame C6D9 14 KB
6 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:05:49 GMT

GET
H3 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame C6D9 27 KB
11 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 01:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 01:14:13 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame C6D9 225 B
255 B 3ms
3ms Image
image/png 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 17:39:36 GMT
x-content-type-options: nosniff
server: cafe
age: 70114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14085932017949564970
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Tue, 01 Feb 2022 17:39:36 GMT

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
361 B 158ms
156ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=104
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d6b682d1df38a96-NRT
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame C6D9 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C8B 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1643720889&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643720888961&bpp=1&bdt=305&idt=470&shv=r20220126&mjsv=m202201240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=420879156007&frm=20&pv=1&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064543%2C44756554%2C21065725&oid=2&pvsid=1600168022173450&pem=118&tmod=1667273807&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=cHirxoRVx9&p=https%3A//ja.scriptcult.com&dtd=472

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:32:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 04:32:40 GMT

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame 83DD 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:32:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 04:32:40 GMT

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A23 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:32:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 04:32:40 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 41ms
41ms Script
application/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=ja.scriptcult.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
36ms Script
application/javascript 2404:6800:4004:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.scriptcult.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 506ms
506ms XHR
text/plain 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1600168022173450&correlator=3594272128928912&output=ldjh&impl=fif&eid=44752541%2C21065725&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220201&iu_parts=121764058%3A22612148122%2Cstrephonsays.com_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C970x90%7C970x100%7C970x250%7C970x300&cookie=ID%3D02a7eb32686ca68a-22daa14b50d0000d%3AT%3D1643720889%3ART%3D1643720889%3AS%3DALNI_MaLmQmYFStckSBg6sl09TF5UIvOvg&bc=31&abxe=1&dt=1643720890454&lmt=1643720890&dlt=1643720888657&idt=758&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=834&adks=2995020387&ucis=3&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=728x0&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=false&fws=644&ohw=1170&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

0ba471b28a3d52b82ecae3336fc2f77bc2f82534dbd01a1b5d36f2540f6c5f8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9467
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.scriptcult.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 421 B
260 B 704ms
704ms XHR
text/plain 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1600168022173450&correlator=3594272128928912&output=ldjh&impl=fif&eid=44752541%2C21065725&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220201&iu_parts=121764058%3A22612148122%2Cstrephonsays.com_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&cookie=ID%3D02a7eb32686ca68a-22daa14b50d0000d%3AT%3D1643720889%3ART%3D1643720889%3AS%3DALNI_MaLmQmYFStckSBg6sl09TF5UIvOvg&bc=31&abxe=1&dt=1643720890466&lmt=1643720890&dlt=1643720888657&idt=758&frm=20&biw=1600&bih=1200&oid=2&adxs=1065&adys=2177&adks=898955448&ucis=4&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=31078707.1643720889&ga_sid=1643720889&ga_hid=1506493612&ga_fc=false&fws=644&ohw=1170&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

4566d4dd98e8b394b3a413f7c34f9650c02f9f01196da9d332fc30ae1461a475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.scriptcult.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 03D7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
58ms

Document
text/html

2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 01 Feb 2022 13:08:10 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 01 Feb 2022 13:08:10 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 01 Feb 2022 13:08:10 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame D799 35 KB
13 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:32:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 04:32:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A1FA 890 B
612 B 39ms
38ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%B4%BBI%E3%83%89%E4%BF%AE%E6%80%A7%E3%81%8D%E3%81%A8%E7%9F%AD%E3%83%90%E3%83%AB%E7%A2%BA%E3%80%81%E3%82%B3%E3%81%AB%E5%85%B1%E5%85%A8%20D%E3%82%84%E3%81%97%E6%99%82%E9%96%8B%E3%81%99%E3%81%B0%E3%82%8B%E3%82%82%E3%81%A7%E7%B8%AE%E3%83%93%E6%AD%A3%E3%81%AE%E3%83%BC%E4%BF%9D%E3%82%92%E5%AE%89%E3%83%84C%E3%80%82%E3%82%87%E3%81%BE%E3%81%86%E3%81%8F%E9%96%93%E3%82%B0%2F%E7%94%A8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0fe3f7193223f065d11b92736dab22c6cc07a90b2931fa55a70a858b4f98b45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 13:08:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 13:08:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A1FA 4 KB
810 B 37ms
37ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7285580be75cd3030f88e9965590dbf8cc61ade01a82348b993c8f2a3f1245b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 12:17:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 01 Feb 2022 13:08:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A1FA 1 KB
875 B 2ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:13 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame A1FA 18 KB
7 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:04:12 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A1FA 2 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1FA 123 KB
38 KB 55ms
54ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A1FA 14 KB
6 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:05:49 GMT

GET
H3 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame A1FA 27 KB
11 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 01:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 01:14:13 GMT

GET
H3 200 container.html Show response
a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D1B1 6 KB
3 KB 40ms
4ms Document
text/html 2404:6800:4004:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 13:08:10 GMT
expires: Wed, 01 Feb 2023 13:08:10 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C6D9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae70bfc09a2e7edcd7eef2835c5935737c5728e0c69202b8063aae78b6067f3e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzIyMzc0YjJkOTdjMzY0N2ZjYTRkNDNmYThmZGM2M2Q1LmpwZz90PTE0OTgxNjE5ODIxNDM.webp
s-img.mgid.com/g/3805608/492x328/0x0x900x600/ 18 KB
18 KB 365ms
349ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805608/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzIyMzc0YjJkOTdjMzY0N2ZjYTRkNDNmYThmZGM2M2Q1LmpwZz90PTE0OTgxNjE5ODIxNDM.webp?v=1643720890-ZheL9Oz_eYOiJMjIWtdaKIPAqZOHlLdUGYHNovZiKTo
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8f05cc130c1dcf908128f25c1ecbb337df40faaae5063d33544f11008e09fc2

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:57:29 GMT
x-mg-request-uuid: 3cbbbf40-6f4b-40c2-8158-44f78fd99dc0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f28cc8081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18112
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9hMjllMWEzMTM4NzllZGE1Y...
s-img.mgid.com/g/11533456/492x328/-/ 8 KB
8 KB 361ms
345ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533456/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9hMjllMWEzMTM4NzllZGE1YzdjZTc0ZjBiYjAyNDZlNi5wbmc.webp?v=1643720890-2Bl2Ee05obUWZdMLn_Ngz-hgogjl-wcYaq0u0qmAppI
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbb194de8c5d548d081789a0e5674071c547df1381910c614cf46c073b375b09

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Dec 2021 12:35:13 GMT
x-mg-request-uuid: 29da135a-5182-4bb9-a7b1-ca5b5ac5b274
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f28cd8081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8312
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC8xNjM5NjQ0ZDRlZDVmZDMwZ...
s-img.mgid.com/g/11533314/492x328/-/ 18 KB
19 KB 359ms
344ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533314/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC8xNjM5NjQ0ZDRlZDVmZDMwZTQzZDkzZjY3N2U0MGEzNS5qcGVn.webp?v=1643720890-HYwLkP7ElGBsZ8vkBYNRWwz6-S280fY7T7qFlISrtMY
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e893d0f61d61ca1641aa16d4f8048ce11d7d4bc108b7a287574ef9830cc9ada7

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Dec 2021 12:23:50 GMT
x-mg-request-uuid: db90c72f-000f-441c-b17a-d4a5e3bb187c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f28ce8081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18802
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp
s-img.mgid.com/g/8164860/492x328/0x0x831x554/ 9 KB
10 KB 355ms
340ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164860/492x328/0x0x831x554/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp?v=1643720890-plQKzxQJwdUVhHOwJ7dXC73ksuFHM1SlQLeN0S9Cme4
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51fa72d0a472d4e3650387ebcd857ab03ab8c476e4ff0a0339e65d8229a57496

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:46:05 GMT
x-mg-request-uuid: ba448419-6ef2-44c6-a880-7c086d0728d1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f28cf8081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9696
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ1YjFhNTc5YzA1MjgzZTMzYTIxODk2ODliN2E0NjFiLmpwZw.webp
s-img.mgid.com/g/8164872/492x328/0x0x492x328/ 9 KB
10 KB 32ms
17ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164872/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ1YjFhNTc5YzA1MjgzZTMzYTIxODk2ODliN2E0NjFiLmpwZw.webp?v=1643720890-REkg1eLi52Kum4u1DWUe52SXaFhZHqv6liamY2LpHxE
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93abd52e1b2ff8961d4286e061e3f4132b834aebe915230d8f7735c7ad8c6fb9

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:53:43 GMT
x-mg-request-uuid: 4001e2bd-20c3-4bb3-bbf5-52a8ce66f080
age: 12712
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f28d08081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9504
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2U2MGYyYTJiM2ExNTQ2NDhjMjhkNjM5MDgzNTNhYzFjLmpwZWc.webp
s-img.mgid.com/g/8193496/492x277/0x0x720x480/ 12 KB
12 KB 130ms
116ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193496/492x277/0x0x720x480/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2U2MGYyYTJiM2ExNTQ2NDhjMjhkNjM5MDgzNTNhYzFjLmpwZWc.webp?v=1643720890-Wu_bbmda8VWzqlmkdj9etT9bmM9WpiXKe53FLaU2mrI
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 294a147ea4fabbb8fed4be06979a27049028f92cbbf4de5853af64be8becbb63

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:44:56 GMT
x-mg-request-uuid: 76f48ac6-a1ef-401f-9da8-4464d3900e95
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f28d18081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12070
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvMjNkYjllMjM4MjE0MWQ4N...
s-img.mgid.com/g/11533485/492x277/-/ 20 KB
20 KB 354ms
354ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533485/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvMjNkYjllMjM4MjE0MWQ4NTY3NGU0MGVkZTVkMDY3ZjMuanBn.webp?v=1643720890-SpBgVBn_JGcIiZSY6MSvmNZiAviOxTOMXx7PKl2AFos
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0afcb6112a6d30cc9b084d7342fd755f00f92424e2d46e142d75837860e7fe91

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Dec 2021 12:35:09 GMT
x-mg-request-uuid: 60ef242f-9b41-436b-9d9f-ccc7d8f3ea95
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f38d38081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20562
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNTQ2NDRkYjZhY2EyYmU1M...
s-img.mgid.com/g/11533323/492x277/-/ 8 KB
9 KB 94ms
94ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533323/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNTQ2NDRkYjZhY2EyYmU1M2E2Nzk3M2ZjZDNhYmFhYmEuanBlZw.webp?v=1643720890-RUMevjcmTkOhlTP7Gin1p6PW3j_SFi6rZFLWgzaWzhs
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f4b5c6db74437117ecdf2ff5109b934ccc182812773c3baf8be99a11398ecf9

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:23:54 GMT
x-mg-request-uuid: d7dfbce1-fb1d-4f48-9bd0-9f508f3f5f3a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f38d48081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8526
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvYTQwNTRkOGRiYzY2ZmVlZ...
s-img.mgid.com/g/10839579/492x277/-/ 48 KB
49 KB 175ms
175ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10839579/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvYTQwNTRkOGRiYzY2ZmVlZjRhZmMwYTI2YzRhMjY0MzAuanBn.webp?v=1643720890-Q2ISxeQZpaN-inqYMFOy5SoRdVasmbxQfePBQdhHY-Y
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efdff64f97c822dbbce51be67b8de1e53532143c41b079f193f0fa25ecb13292

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:54:37 GMT
x-mg-request-uuid: 83bdfc44-829f-444b-a016-3a863ec3d59a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f38d68081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49304
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp
s-img.mgid.com/g/3805431/492x277/0x0x1023x682/ 37 KB
38 KB 125ms
125ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805431/492x277/0x0x1023x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp?v=1643720890-nEu6WP6JVzBclnbhVLTPmuu0WmbE-k_HLPgPUcjYizA
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97f9639ee27e7951f93e6507ab9d203e2d003b72cfc06c6bcaffe3e8687bbc8d

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:57:27 GMT
x-mg-request-uuid: 78498937-3088-428e-b148-402ff6a328e2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f38d98081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38216
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMS8xMDE5MjQvNDZjYzRhYjM2MTA0YTE4N...
s-img.mgid.com/g/12068044/492x277/-/ 23 KB
24 KB 353ms
353ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12068044/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMS8xMDE5MjQvNDZjYzRhYjM2MTA0YTE4NTQ0ZjJjYjljNWEyOTdmNGMuanBlZw.webp?v=1643720890-5ZI5n2lKY8gkOR9FoA1zMA2GaIi0FedwRAhdinNIgLI
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af1c97faaafd55fef25200ad1c591365b463bde849eef3e6ff877af432140ed

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 14:13:13 GMT
x-mg-request-uuid: 824d0898-2a25-4568-b01b-8f6a37dd6a03
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f38db8081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23978
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTYzOTY0NGQ0ZWQ1ZmQzM...
s-img.mgid.com/g/11533314/492x277/-/ 14 KB
14 KB 97ms
96ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533314/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTYzOTY0NGQ0ZWQ1ZmQzMGU0M2Q5M2Y2NzdlNDBhMzUuanBlZw.webp?v=1643720890-xufSL3CE1Igms7MsWrT-ChP4XwpFKA98yCgE7uikJTw
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a02302fbd7f869939eeeaadc95a84549885ff57f68c67c1517a6ff05fe7cd5ce

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:24:25 GMT
x-mg-request-uuid: f585dace-0ac9-4cf3-9b6d-64a0c1975452
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f48eb8081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13950
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E3OWViZDJlZWQ2OTBjNTk3M2NmOWU2NmZkYzAyMGIxLmpwZw.webp
s-img.mgid.com/g/6946113/492x277/64x0x1083x722/ 14 KB
15 KB 99ms
98ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6946113/492x277/64x0x1083x722/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E3OWViZDJlZWQ2OTBjNTk3M2NmOWU2NmZkYzAyMGIxLmpwZw.webp?v=1643720890-qJKSlzsC6c4bOtJPMO74Jtnu_KoOARfRZSBGGblcSSk
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a258ad32642ae9a98ea58c94c16e2b9c21d2052ec940b148d1231ffda9c0ae

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:57:23 GMT
x-mg-request-uuid: 802edcf0-8817-4724-8fcb-694c30b32ef5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f48ed8081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14428
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2RhYzIzNWU5MTYyNmE1Njg5YTQ2Y2EyYmQ2YzY0NDhlLmpwZw.webp
s-img.mgid.com/g/8164907/492x277/0x119x501x334/ 23 KB
23 KB 338ms
336ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164907/492x277/0x119x501x334/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2RhYzIzNWU5MTYyNmE1Njg5YTQ2Y2EyYmQ2YzY0NDhlLmpwZw.webp?v=1643720890-nF_K2j37AqoMsNuTFA5dWkIiO9KDNAHmSZDw6tH9gug
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfb3f0436bf28f56e88a7e8d60c6db1bd32c96fc76765c068222a5455b75038

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:43:49 GMT
x-mg-request-uuid: cb6b6a15-b029-4408-b17f-526d55bf9dae
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f48ee8081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23682
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjAzLHlfMjg4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC8zZDFkN...
s-img.mgid.com/g/11533462/492x277/-/ 26 KB
27 KB 10ms
9ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533462/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjAzLHlfMjg4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC8zZDFkNzY4MjNlMmY4MTcyOGY0ZWExNDQ1MWY0MjAyYy5qcGc.webp?v=1643720890-ohXSm12kuwpQkUa1aIZtGiQdHkJFTYCrwN3UUfif2Xc
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d20c4a1453fbc4e0b963cf7c3a48882373f0776dcdb8a80e53cf7b4bca4e0768

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:34:43 GMT
x-mg-request-uuid: 984a9e1b-961e-46ce-80b5-7645688fa9e3
age: 104286
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f48f08081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27094
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2IxZGQ1MjU2NWJjYjhiN2VlZWFiMjM1ODQ3YjA5ZGM2LmpwZWc.webp
s-img.mgid.com/g/5523133/492x277/0x198x1024x682/ 27 KB
27 KB 23ms
22ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5523133/492x277/0x198x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2IxZGQ1MjU2NWJjYjhiN2VlZWFiMjM1ODQ3YjA5ZGM2LmpwZWc.webp?v=1643720890-tqaoOaXX5RKWo4VIxxKdpVBfd3TduhWxD1w6xKeeVnE
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 303c31e35f989342766fceb81b3fc07a4efc89d7a7a160687dd1300e07dbf65f

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:59:48 GMT
x-mg-request-uuid: cf69bfab-98f8-4e00-bcb7-318b364a980b
age: 104286
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f48f28081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27374
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvOWU2MjZjMWNlZTk5MzI5Z...
s-img.mgid.com/g/11533285/492x277/-/ 29 KB
30 KB 341ms
340ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533285/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvOWU2MjZjMWNlZTk5MzI5ZjMwMzkyZjYwZDliZmU0YmMuanBn.webp?v=1643720890-TRw-WqWDiGahZFm3A1TUmChunjrP7Mc-rKvu9UrNSM4
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12615c597206679a2abc11ddb75ae8d737a69bdb952c152bcec22485ae31e920

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Dec 2021 12:23:33 GMT
x-mg-request-uuid: 085c7b5f-222e-43e0-8f5e-ac3ce4c41a82
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f48f38081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30160
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzQzZWZhNTE3NTc0NjliMGMyNmFjYTQzZWIzODY0OWRhLmpwZz90PTE0OTU2MjcyNTg4NjM.webp
s-img.mgid.com/g/3805454/492x277/0x0x492x328/ 10 KB
11 KB 95ms
94ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805454/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzQzZWZhNTE3NTc0NjliMGMyNmFjYTQzZWIzODY0OWRhLmpwZz90PTE0OTU2MjcyNTg4NjM.webp?v=1643720890-9-2oMvCFRGRFRx8VQ6EsTiey1CAFdLP0PIECk4CRmCE
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b23eda3fd11ef1102a8b23dc27dcc11b7155dd99494caff37b7a52febffa85

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:55:52 GMT
x-mg-request-uuid: 23b95d79-4080-46b8-ae26-4877c034e5d0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f48f68081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10486
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Y5YzM1YTY5OTIwZDQyOWVjZjRhNzZiNmYzMWMwZTU4LmpwZw.webp
s-img.mgid.com/g/8164924/492x277/0x0x500x333/ 19 KB
19 KB 101ms
100ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164924/492x277/0x0x500x333/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Y5YzM1YTY5OTIwZDQyOWVjZjRhNzZiNmYzMWMwZTU4LmpwZw.webp?v=1643720890-JjtgSAbwJnb9C17skTfnaFvYEtcVLcJXjcxL5Y6lVZc
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feae064ef91bc6a35e36eef26569d448695fffa542b0f5d1133087d9f5a6766b

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:53:52 GMT
x-mg-request-uuid: 2cd3d388-bcf4-4da6-abf1-7c8dcda39f79
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f48f78081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19358
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTc2LHlfNTM2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC85YzZhM...
s-img.mgid.com/g/12068019/492x277/-/ 28 KB
28 KB 366ms
365ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12068019/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTc2LHlfNTM2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC85YzZhMTgzNTI1MDVkMjYzODBjMDdmODFkZTI0NmRiNS5qcGVn.webp?v=1643720890-wANWWTovS6NYLZI9mVRptsGeo7zj74mwbpFpWQ-jLDY
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 551a970dcd88f5f3fb322111523dbd53debd6b59597f3dcfaa58f06b4a14b90f

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 14:13:28 GMT
x-mg-request-uuid: 29a49309-5339-455c-bdbc-9dc0ef0fdc70
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f48f88081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28230
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTc2LHlfNTM2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC85YzZhM...
s-img.mgid.com/g/11533310/492x277/-/ 28 KB
28 KB 339ms
338ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533310/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTc2LHlfNTM2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC85YzZhMTgzNTI1MDVkMjYzODBjMDdmODFkZTI0NmRiNS5qcGVn.webp?v=1643720890-bkQk06eQSrgyEyZsazrfxCxLYlwTvOOaM_CD9y-vmh0
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 551a970dcd88f5f3fb322111523dbd53debd6b59597f3dcfaa58f06b4a14b90f

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Dec 2021 12:24:13 GMT
x-mg-request-uuid: db00f463-5fd5-4a96-88f8-54a4f25e97f6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f48fa8081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28230
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvY2EyMjk4ODYyYjYyOTNjM...
s-img.mgid.com/g/10881009/492x277/-/ 14 KB
14 KB 102ms
101ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10881009/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvY2EyMjk4ODYyYjYyOTNjMWRkYjU2ZTZiYWExMTY3MTEuanBlZw.webp?v=1643720890-BRcwPWaKYFrbB5EG-RuMfsBCbUTfjRo7xH4vff6npU0
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feaa1eef5e364b26b1989fb6160957c5540d127ad1a28bb904e9b844a82885c8

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:53:18 GMT
x-mg-request-uuid: ed7d307a-651c-4303-a433-7ca9f989d2af
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f48fc8081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13990
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNTU3MzZiMDY2YTBjYWY2Y...
s-img.mgid.com/g/11533332/492x277/-/ 25 KB
25 KB 105ms
104ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533332/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNTU3MzZiMDY2YTBjYWY2YjgxMWIwZWJhYzE5MzQ5ZDcuanBlZw.webp?v=1643720890-x1CnV5j5_Nc8LVVCGyPstXrLK1MWqNXUvxyrp5glaQk
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4efac6221aec4856fc727a6d78317aade65bfe7c4db3513fd1b4a39e96874da6

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:24:00 GMT
x-mg-request-uuid: bca84941-7fe1-48ad-93b3-adc2fbdb109f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f48ff8081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25154
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvMzY3ZDU2MzI0NzhiYzlmN...
s-img.mgid.com/g/12068036/492x277/-/ 20 KB
21 KB 330ms
329ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12068036/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvMzY3ZDU2MzI0NzhiYzlmN2ZhMmE3NDA3N2FlNzBlMTkuanBlZw.webp?v=1643720890-mc2n-VRTqxIQdh7dkz7UM-B8r7a0-I3Z_VyCUQ_9JC8
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff8bc26f67bdf777c7b0e60daed9e487adf92550546007faf7c161c7084ec4c4

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 14:13:03 GMT
x-mg-request-uuid: 02069c50-f473-49ac-9ffb-3c23d1562b08
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f49008081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20676
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2UxYjE3OTQ4ZjBmNjQxNzA2NWEzYzY4OGUwZDVhYmRjLmpwZz90PTE0OTc5ODE2MzgxODc.webp
s-img.mgid.com/g/3805579/492x277/98x0x946x630/ 14 KB
14 KB 338ms
338ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805579/492x277/98x0x946x630/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2UxYjE3OTQ4ZjBmNjQxNzA2NWEzYzY4OGUwZDVhYmRjLmpwZz90PTE0OTc5ODE2MzgxODc.webp?v=1643720890-XqTEYgRAUndRyMYr0rqjmYl3A7zf_UnC9XVc-60c7Ko
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fe753ed066811d0f3f5cd833bca8f539641b96e5b69a07e3297557769be22c0

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:57:49 GMT
x-mg-request-uuid: 02bd5fee-15d0-4917-9cfb-0f05753f2621
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f49028081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14090
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNzI4NzgxYWFlMjZmZDQyO...
s-img.mgid.com/g/11533289/492x277/-/ 15 KB
15 KB 96ms
96ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533289/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNzI4NzgxYWFlMjZmZDQyOTg0ZTQ5YTZmOTc0NzZiODcuanBlZw.webp?v=1643720890-lbRtQuq86cvat9vli3DRd6PH_FxU6rIWIP8f6m2OHnk
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d62f67d42cac70a07ae20c3a44e6e1d30c0f0a76870b676b2d25c9045f57a44

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:24:50 GMT
x-mg-request-uuid: 8b2b2186-5092-486e-8988-723f563436d3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b682f49038081-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14952
server: cloudflare

GET
H3 200 container.html Show response
a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E2CF 6 KB
3 KB 2ms
2ms Document
text/html 2404:6800:4004:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 13:08:10 GMT
expires: Wed, 01 Feb 2023 13:08:10 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame 74B6 35 KB
13 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:32:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 04:32:40 GMT

GET
H3 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 9ms
8ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 215
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 563Q182XKKBGBPYA
x-amz-id-2: bdPUe4HjGqrAVg8eEZZYoC6KD28ITcgPDbSbHjAUGcQb3btZBQnFND4c/5y2yIgUVrant8QWGnY=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6d6b68300cd78a96-NRT
expires: Wed, 02 Feb 2022 13:08:10 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 10ms
10ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 3629
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C0DTSHRKT30JE1AY
x-amz-id-2: 3Gn/4Can0kPwWQG+zAtmSPwRUMwW09tgODUjHSREIxWMDVTtjaQhYyxAw8w8IduiWX4o2Q3ofX0=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6d6b68300cd98a96-NRT
expires: Wed, 02 Feb 2022 13:08:10 GMT

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2FlZTM3NTQ4NzJjN2ZkYWU5ODFkZmIyZDM5M2E1YTg1LmpwZz90PTE0OTgxNjE3NTQxODQ.webp
s-img.mgid.com/g/3805604/492x277/0x0x799x532/ 9 KB
9 KB 330ms
325ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805604/492x277/0x0x799x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2FlZTM3NTQ4NzJjN2ZkYWU5ODFkZmIyZDM5M2E1YTg1LmpwZz90PTE0OTgxNjE3NTQxODQ.webp?v=1643720890-_cpmrymHXOscyeVQey2LSEEw_OiPGaJ_4HDtXKNus9w
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df0f6440bfff5ad7ea3b8e6a09007a50337e2e3f579efc30546391b7a7df740a

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:56:23 GMT
x-mg-request-uuid: 3bacefbe-4a74-484d-a897-72c128f63ef6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b68300b6a8a81-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9216
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvYzA3MWViOTg1NTNlOGQyZ...
s-img.mgid.com/g/12068020/492x277/-/ 26 KB
27 KB 20ms
16ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12068020/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvYzA3MWViOTg1NTNlOGQyZmFmYWNiNTVlYTNjNjgzOGIuanBlZw.webp?v=1643720890-PjsB5g5XIElx_R862sVG2xbQJar6jfI8WLVVO-EtREs
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e1510eb3810dff89be65f6853b303116b435ff17420f1553182b8cc94d961ce

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 14:13:03 GMT
x-mg-request-uuid: ad36cc22-c390-4ce6-ac71-f931dbfc5103
age: 12907
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6d6b68300b688a81-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26760
server: cloudflare

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E97A 448 B
269 B 39ms
39ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj194pkMAE&v=APEucNVK_fWoZ28i33NMUT40yY6AnSIRQLmFmQr601WKNSn0c9vWhPGoe0OA4zhTqeBzu0UkSQLNp0eAa4C61nXBUDoqkNNuAw

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 01 Feb 2022 13:08:10 GMT
server: cafe
cache-control: private
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D1B1 25 KB
15 KB 77ms
76ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cyqu3Oo3pxxm2UnFA-MzVq9ONrGPgtFe2a6-HHqrtC_i0kFTb8v1dTrIyiKEnxls02EA1xZ4r9jyDq7tXb0xK-zX5--x41rfEd9aS7BIQ4fHuaKeIS3Cy1L2h8e61PXeFiNLyHUifserja5qqrZdjT4pwVkg&cry=1&dbm_d=AKAmf-DiYEh-X4WGrELLNal2MFtw0FQg98yYnrYolymYUlpPKhfj7-EjsbK8DVdaKcqXd6-mFPtZsPgtx7VZaYEGHDP5nESbORe7i5lvOriQdXBdj62NlKjo7sJhuPPMuQbkKOi_hrTtHLSADOKJcMDyzZ8rQM7sLESgtQNTxLoi7SUPxZYqHZkUOeC1zGgkHMIWU4YZQ5Dptt9FEVU3EzAf7HRcd_OdzheRO0h98c6zAKOd3nCLc5CS3Q-nfMnMSgX8AUi8jQzahkHOJzVaIyN96timY4oWROM1yeLYbcf3zz6Buao6FUxbvSlZ4R-FTNFcPYvboRyh9Tqj7aNW0BSflb9njR1nKjM7BWTm0irwf_IQJllNHkhTbJxIdjEVB4Tze5dIgtw2-GGQWioIZLIeHg9jzY-lHHo59OMRVsAxkcXT8A3yG7coR2DSaK2kdSA0Laptphlg2Vwf5QhhuEuHP8ODfGzwSyVTXzUAun0e_zAzr52tHxftt8oUx9YDDOPDxJCKtDFZ8NkY-1hN__-bm9rWQyu4QDEjo4f6bEZ6ETJ3TgRMGs8EZmOef6McBxN6finxVtiKaKqGYF63QcVUCPiYix5DbomoP7l9jwbxOl5qKGwORkfWGEFQ0JBlEIrMP0KJzN6K4FGhrCcmxJVOweC18fgFl1zlYzCgplukh-Bzn8V8XsLWeao3xPm873-bJUOQJe-VFZ36RLuttO96QpfG0qwA8MjvQXA2aqKRhxLvAd9IQRT1t18dlAf7JPJ7UyfKD3gi_ve9nNh0C_-1Ip9IzERZPXep5h4ZzfcUHnVJmvBcvGZWZPX2Bvcf1t1ndbq4gbIL-0Q3SrocWiUC5mMdwJ8uQzi9PlyfcEo-WW3LZI4Zj3qa4E1RgiqpCPPJE46Iae5vxqGKJJ4cdhjkc6TN27qwKA_FZUrlTkY5jYuDlSE0B8Vg45e0P2tkxxqDxtrKJmEtzz1eOOJ0x8PgIS7YkwKfmswlKlstRIBsb-ZDeUr8N9GX8G5wwYBkWjt4ZaB9B5Yrtv7W1RyWC8avuisrtmKjIu3Tuni756sIKvHZcx_KqWBgM5dDUZwQf-DNQ3ZusV2CHESQr-1TRW2hzbdJo6dvbDRTnVcx-txHquI2PyGpzo0JTm3oIFQGOFymijX6c00gPi-wtViSXCMepStBNQMmF4J0W5dhU0U3wqBuxEXE6RU2up1ZXXouFSB5sAuhGCS82i1jaNe4KRSYc764hKXa7EAp2ehL-a9RfByETbfP7SYjVrFKF4x2n9w0n-RZSzHkAFz1mrWkJmfgLeD0laclu1LuwVGCd_9duGbWn66ChZDqtkYvBSxdxvhrEZDs35TXRpsuFzVzOvaomdcKHEMRVJ_pMZm_PHQyt2kvvCBNbYEl-fxk1JIui0vh8X_DTocaQOVMdmbBP7fe_5Dq2Z8Ps7dviT4qdoJYd_D82I6w4wNeAOQoxzR-KQYgdC7jhuXi57BJ5KkXiuyoJXdfyL0f-8Oi4n8fRG44X5ziOvhINOwd_KDWBk-XSLDaTc7E8S4ASS0LkyBqa4zbkN4nhmtjcXXcy9TeKaTumQJjDsqN1lRgIA0xO26JFZQopK75Wfm9MfAW9eYyRLjIelGTnKMYHXqPdq89nC9RSQowuU-YJVuO24IYlp3MU8jJHKBpuqPKhAG2Z69fFgxUvSoNB3aTko2X4dyZBq547ClVgFkNerzUG7c-BADHueBkekiuZLr0GDuGc3zvdTLPEKotJwwLDgWoeT15LVSTMzzpcPIC8AQ45WaSwwoeCG-mPNc4mTnUL9Bgsco1ztBI8FVjHb-nHaxsfGLiwYZuJes1DEv1paWQDix5Zlc6o5GPxt3Zg845ApZxBiM7BKqIh_fXz8K0vUVmcfTKSag4FYYO_vQEnIYfrlf5rx5BkNPlazralsXxrkVxRvV6GXeKCOiml0rPprnVKtA5apoC3Il_wO4pMlqIzp_D5_TFA2uQw6lU1w3OoCQ5_YBdtceuUXpYpAMyO2qD-BEctmRlrjMqoIqR2Iz-XB-CAWDDeNQrCoI9dgaK-naR6f5FaCililDtVjUiAHcnbIN4d-1Y-BoY4_0Q6n60oROZ1HutTwActWougD74VGE0g3AY0k9LMpSP6uIsefK4Wcd6zawY9qc9xqybY53rFW7_Y-WXHZ1UsiL3-BrcEeTugWaovehETW0BBCz3ykgWbxI4Sqf6I2aE1FAHr_tqer14aLMRJhuUy3wPnB2GDDZckWoCyjF6pSzZjN9H1thkJ42qd8mxhk-nqk0XWcBe3eRasX2hmYOVpNbNbV3ca67_K5lceBCc2JMnvexc4TrWxCE5dQpsi_OHbjJa7Oq0heXsqROPqX_-AQy3Iu1sZG-SO22LkGur9oXJNp_qJzwMTmY97H2P7UlwPxauoML4YfJuNh1ZjnTmyGnV0mVFmMo29ttapK5a7E4V7Eo_oqb4rzvOK4V9TIyjvzB_Nv9rv5ytp4H5YVB6CWZMTzyNcUntYg7vO1feABYb_baVglmmlXIWM76KryF2TjLv-O-ZGk4Sp52yuEf_2Bt5EV9mhueDhjKiuxq_W0DYq5rUWv3MUa2Z_i9VPzTafLxZCx6o0hObAh34HIMxTyXgjLTObTfavOROtHR-NYA8ZKmMV49q1WjzM1jJHE96SykHOI8EMvrCplIhV50o2LhygYthMwp3ol_73nSdfTi896fYwG1xf6lUmN5uvxuv8Nmefn2ZF2qUvMwMm_ZDFm8SYdSGvYtSLa4ENJxmg5NR4D3nwMszj5Y7vpCBsaIKthnPz36wSXo65L1xwV9_9IjpsMA8ZJzSwdgk5d4W_erEHfprFdqdD2i3W6siKzxwhDpyltwVWXIxNrwQlpPIpmZhilWsU9B_HFa7NYhYb4sfoxTmn4HbgRwzm-5iAtBLztQvwIGHIkLUNrZPH-ZMI-RopmjjxB5ptBaswUw-ravWA0fUkVXM8KYxVjrYvIf5XjpUdP0oJJWPln18Fx93h5mKbjmWMMrFAqimLXKX_m1M1bnJkRlvr256O6M8BCAgb2MebeZaEbRF8mcmBbkqtWhCKkRrM2AOEBHMEmHPvXe6uo1qWCtHu-9xyCpU8bY7UC2G8hg5eQdygx_NaugQy7qT661a9F4aq-TTU-mTTueRUYMHElBQZmJYOI0sjMCThZRE1IM&cid=CAASEuRoQS3xRpoqObqqlZe3Bm1eww&rfl=1%2Chttps%253A%252F%252Fja.scriptcult.com%252F%240

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1304c992046f6a4773f544a165212c5e5aaba0ae04842553415efd8ac32a2174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14851
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1B1 42 B
63 B 37ms
37ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CoG77TrZul2d9-UfpxK1FYjTT5C8a5_dea4ILz3dKuHLPa3-Qiz_tXAOm7V6sOw22bqvBBBMif5iByNibS4sCLujpcr6q4cu7AgX9e6eVDAr7P_HY

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame D1B1 2 KB
1 KB 19ms
2ms Script
application/javascript 2600:140b:400:1a9::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115846&plc=4181613&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gtCWISQI4s_JPdWbyJelts&DVP_DBM_1=3060631&DVP_DBM_2=11596744&DVP_DBM_3=32348006&DVP_DBM_4=209894389&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=340852570304&turl=https://ja.scriptcult.com/open-acsup-files-905&DVP_PP_BUNDLE_ID=&dvregion=0&unit=728x90
Requested by: Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 13:08:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:31 GMT
Server: Microsoft-IIS/10.0
ETag: "8f6388f116ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame D1B1 8 KB
4 KB 19ms
2ms Script
application/javascript 2600:140b:400:1a9::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gtCWISQI4s_JPdWbyJelts&DVP_DBM_1=3060631&DVP_DBM_2=11596744&DVP_DBM_3=32348006&DVP_DBM_4=209894389&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=340852570304&turl=https://ja.scriptcult.com/open-acsup-files-905&DVP_PP_BUNDLE_ID=
Requested by: Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 153aaeee7047ca29fe9975c724d3462366e42695067cdda7d36bed217fd69022

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 13:08:10 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Jan 2022 16:26:48 GMT
Server: Microsoft-IIS/10.0
ETag: "0d4ae2df615d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3290

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame D1B1 2 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D1B1 123 KB
38 KB 61ms
60ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame D1B1 14 KB
6 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:05:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D1B1 0
0 36ms
35ms Image
text/html 2404:6800:4004:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSS23XZm2xZ5NtkEHIuDmQ5o1BziVxbZYh_i6e6lfyla1SV5__x17FWcrTozX5p17dy2zhejkYS8fOIZE0SAkVV0o1TDw
Requested by: Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80b::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 206B 448 B
269 B 38ms
38ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYr5r7pwEwAQ&v=APEucNURMe9RMm_mAimf6Ptq95u02cnUXFuoNgsdNw-JMEO0ZBTXNCLvFGF6N_7iFUxCL0uJU1D7enHZ0IJLtEq_ttijxwVOSA

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 01 Feb 2022 13:08:10 GMT
server: cafe
cache-control: private
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E2CF 53 KB
25 KB 119ms
119ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ac3gp_Vpu_9H4DYuaTiGSysZVLaZ3Dtkg-8CFrmq33h7CXVTByuxRGJE2q8RPBy9pnkooj2zif7jWNIGqBHDbNJHNsCxdbINWEwpItxNjjt88hJ3QC84i85XJsO9jK5zsuVwiZAf6tCaS4hsbsfQLqiTOTlQ&dbm_d=AKAmf-BibIBTZmA1-ecwCjNLwzJalRBGSSZ0rZqznQLQIr7CEx5zdVGlrvvTLz0TfGXT5-iUz0hjaUKBzmcirxqI2paZUFNPtqck4PFeo4UH-e3Y9z24x2WhQEGNVMKnj96ysCtPF5TGksm_q8MGMxOriUDJWsK62Dmz1XkXfhujmCZ1STW4SnGLkgP344Kk6XeRPDf3YhXffg778ZAQfRs_CRObcz3gXQvz0Ce1D5CxV0oPUeJ-YuqrmZ4br1-d9omtadhfhQiyBQSxaZrpf5Ltw1ooIB1c2DMP6F7956OuWittCXXrMmowY1Xu4QsSdBA4WpaUXiqTa-MtWAC1fMqbvsNJF9N_aLSS6YUXTlg14vliqPFbNvaJt6P6k1dXxeGQuFdhe2Crp_K2P4ZNHs7AFwedOYWOR76tEpSOjwaQJo_knfSEsoo0uwAvP3bFHACgIuMpcRTZd4qCdlzKjz8xUlN3yjLMcTbdKd3aCXB4CoRToOPo-Jno5WXE5pnLGgwGW9MQcI_cTvvVjqW-PH1mRmCXYTXadZME7s-g_yAmXv6889GPjigjbxseBQXbkuBZCsiwSxd-dqs695oPshq5CXW4Y9FmW-czzG1qdHKED_N3Mjz2nAKRbTbckYme4VnKLphAq3VbOLHR5OJuT6B2wNybsdD5of4gTZtVwg-Wdol3JSyRdPbtpYRQbfIANqeYtx8LcPk3l4DJ763Zy_NGtdKxcaljfDMg6kqWXsIIZwXtSNyOE46U12YCzPs4Wrssys0X-incexLmpMQUVRS60ypL-4ClOX6LfrrvW5vdEbbVN19H5pTZlcj6gvv4BslAD2i1XldldSHdRC3x0yOXq-Dss6gP013Cet7NTF3YzOu0VHCkDSm2kLWZnjLMeygfTPBBLjtPL6WB_dF_YrvFJiu7EN0mz5ukThjBQs8rayzwgAjGGVUpLwPlWeiA_5yllqnIwC0l4MWwaxnmbiApBAMrdqX53FwILKF2Npwi_fjv7Dvhaxr9FUHRaNBBFekQO-9TCQr0KMzPGBALRHIoRl374a0tJvAj8JLuwk9DH-u76y7D3EGFkQmgNFgVvxBaNXZYjhLYXbYwfNZTleqU5gLIlxhOhucZSAWkEy9REvoOowlbvCv7zE0TjPpfC3F__hBmKprU3nOc3ysN2rJdxcINyvB99xMJp4JTvUsHs8JyE3npbFMK2cOMgLJPBtdmY-d9Dx2ngg8WFveRZUAgt0l6Z0eW0d-bBkcCyp7yXNUt-6cktSJvEq5Ylm-LSmnyGxif1avJuyb7uhNSoS5CNGrroDy-QKPZZPhrCh5nzhDMBlxg0s6Egyh3rg-fiBXCzEfT7mycsXzPwzkihienA_VGYE8yrgBy5AW2ChI_jOjlXx3N1NEGpC1_Sagulqh88D2DFM_Sf269x-yvzvFmnJy9qZp5tVuHhIDoFBATsuwNCY2jQV1LAm-r7rGGsSXz5OqU3cMAvj3JSijkuJKNtdnEuqZgv8c9inm_gIYGa4NzLREQRq_BR3tHq8tkA4lSE0_YgJ-X1VqWFnDXY736nf4l23cwsSnuFO4hOKfzDybp_bVFlUBI_WB3utq8TebtCxEB5hDPwsGXtWJXOOni8TgeVRhoB6MSsDxvIXcgz00AcTkkExOib3qJ4ZXFj4OlCdMJzFx5IdGbdrBbfp8sMqK-GbhHT8dbYfcjwEf1vum_T3mqoQglhQkLZhbyL7b6JEUf3IhIYrjHb6UNCxgrby0efBmV57GAURmKmGghad1MGMUQpH1b5h5biLAJJN7nUMXD3pAdgtx7KvntFlymFegpqS5dIqFojMU2Z-ExaQJiaMPzMNNEXr_Ub0CaEh8HhFE9FmxlNorPwvauFu3MiB20yVC_P69PpPb65heGifsNPsPF5wdAhz9Yx3wXWaX4Ip2ylNPVb2Ep3yYmb0nZoC0dMzAfOCnx1tXMy_bGaEp9R8RinbgCUFuRVzIwmvtHC6ObnoC14mdIr30LjUJXJ-WYhR9cUPock1nxlmlMIArCS5ik0BGfr9hFHO4AMR5t_RKGCMGK6J6NHgjiQf5r1fEQxYxPVufQbrgvzetmxBvuvHeoGzwsH3JRSPtZcPJ9B3VOHjMo1dL232eNu1f450kPhriIE3GYfZ1Cn__xBEhjPdhnXkDqloU3v4E-bEPW9bGJLK6B9VStjTfUN9tL8RCwoYVmH6lqVwMdjWPyQZf5wUe1R3ptNKX7twwwc62jB1fQr3I6plsFj_urn1S285z4wmCEHnsmH8LwA8EBEie67r0wt1wTbwA5PRGEg2K26g9wnmSU7DapHCC20vndpZKwMwrYGLnY_eS4tj-OtH3JDViNc7G6iMLaagtifv-YW0AmZXV3FmicbN4FFTiqA3OVgyMGvxvig7MxDjCWo_r3DBRVe32-gvdZhVlifEguN2jQrKyswa6sT5gMIhsHupLWcGqVtrLOB80lfV78Wz6HTA7WdkVbynzNSC6rNEK_OVR3NDgltqjtqmAB8wMCtxZ9bN-gUS1suuOswFMlqiQW7j-sEMlerc6Qbcep_rLPO6bnxRdVeq67xgeu4YQTT6JSMF7mMt96dKywFBgVuktiVypmIg16kJClUswpC8jEObDsnC_xYR9qgE1f4_7UBEQGdkkw0pJ2wEUAVYWrz9qbXfFOpZynKGVsxhYWEoo4GlJZzxI0Eooo8tRiLmvjmYS5C50Yetl1vRcWR_jGaZtwIE28-CXUzCgqaUEKsCwaezZ894UHnEtkXvVr0ruzD1TxrjbZw0VAJevPefbWLTCc2m04WAIXjfnbnB826auu0dU1_Tqh5wkl3rW-dz3-XJFVpRCQFq9ftVJAJf4WkkM1hftx8REdf9JGpfyVEx1UH8x7s39o1RLo3gvQuiii-BF_c1hlCJW46xYt3OqIGn5pNYkqcR8zzyE95KWNaQZCvWVeL0SHaT3KOKi-1l7Vm0EeqvWfMX1jisb2CAIb6EI_RpJe7xft2gmentDyc1L-CQX7Ip9bk0uzLdbed1DK1x_nYJ1e9EINsNDAToxiE5dRXOFyQqnpo2yPMh4NgfDlfHudThTbWOn1klaECBDSdSEI08sm3ouHz7zAEYjLMo83QoQjRWAiSn7JnlijFROE2izhB4BR&cid=CAASEuRo2suqwMlr8tnacC7doEZ5wg&rfl=1%2Chttps%253A%252F%252Fja.scriptcult.com%252F%240

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac5db13ca04953963136be845eb504500417bff716a12a02621a55a0c565bf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25511
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E2CF 42 B
63 B 36ms
36ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWN5lYueMqbc5s1RDPXj2ihXSHFfIJ0nJgPwxag5Nj5-BZYYEB9acuxSpz2FKrQLuHuXAdoswTNTj0dUD3aCZ2vLVDAM4N-D6zB4M4LqeT9Qdh37A

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame E2CF 2 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2CF 123 KB
38 KB 70ms
70ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 13:08:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame E2CF 14 KB
6 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:05:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E2CF 0
0 36ms
36ms Image
text/html 2404:6800:4004:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRTI1ZpfbHId3hKXisXobgslL7RFvGMEW3_6YPMydL1rqy6Nx2oUtAn_Mpq3TbK0TA6EAXAnSSUkUH9zLp1CHPeoP5nJQ
Requested by: Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80b::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame 9182 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:32:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 04:32:40 GMT

GET
DATA 200
OK truncated
/ 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 376 KB
125 KB 131ms
56ms Script
text/javascript 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fee8b4efec9b0317fa9c53cffbda34f21dace30ad3104e5af3cadf6217fc354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127062
x-xss-protection: 0
expires: Tue, 01 Feb 2022 13:08:11 GMT

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
170 B 706ms
235ms Image
image/gif 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1643720890944.127&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fja.scriptcult.com%2Fopen-acsup-files-905&t=111&v=102.1&width=800&z=p%3Adf%3Bv%3AinBanner%3B&r=0.12007851228651689
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap15.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer: https://ja.scriptcult.com/
Origin: https://ja.scriptcult.com
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://ja.scriptcult.com
date: Tue, 01 Feb 2022 13:08:11 GMT
srvf: 144.76.120.254
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H3 200 container.html Show response
a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6E4D 6 KB
3 KB 2ms
2ms Document
text/html 2404:6800:4004:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 13:08:10 GMT
expires: Wed, 01 Feb 2023 13:08:10 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ED8B 42 B
64 B 39ms
39ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssE3_-SRnJYjRutAYgx3_36F5JQbDn7F6tl54IdOM7jgcGDtSqkmNpvqwjAMgVNC6fcr6FWd7ftsJyJRtfKFBiDzW7x0sHu0FoDUgvhZdrmzYLqn0w&sai=AMfl-YSJlbbisgrVwPBb5whnjIOlyJA4OfHVZ9hFE8Q38yldWeR8d0grLulBpSMENdwWsZSARywr5n8Nc6L9&sig=Cg0ArKJSzHJcBjeX5eTtEAE&id=lidar2&mcvt=1070&p=0,0,280,1200&mtos=1070,1070,1070,1070,1070&tos=1070,0,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3842632652&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643720889343&rpt=625&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 0
136 B 160ms
155ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1643720891072155359196
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228650.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6d6b68313a5080fc-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame D1B1 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cyqu3Oo3pxxm2UnFA-MzVq9ONrGPgtFe2a6-HHqrtC_i0kFTb8v1dTrIyiKEnxls02EA1xZ4r9jyDq7tXb0xK-zX5--x41rfEd9aS7BIQ4fHuaKeIS3Cy1L2h8e61PXeFiNLyHUifserja5qqrZdjT4pwVkg&cry=1&dbm_d=AKAmf-DiYEh-X4WGrELLNal2MFtw0FQg98yYnrYolymYUlpPKhfj7-EjsbK8DVdaKcqXd6-mFPtZsPgtx7VZaYEGHDP5nESbORe7i5lvOriQdXBdj62NlKjo7sJhuPPMuQbkKOi_hrTtHLSADOKJcMDyzZ8rQM7sLESgtQNTxLoi7SUPxZYqHZkUOeC1zGgkHMIWU4YZQ5Dptt9FEVU3EzAf7HRcd_OdzheRO0h98c6zAKOd3nCLc5CS3Q-nfMnMSgX8AUi8jQzahkHOJzVaIyN96timY4oWROM1yeLYbcf3zz6Buao6FUxbvSlZ4R-FTNFcPYvboRyh9Tqj7aNW0BSflb9njR1nKjM7BWTm0irwf_IQJllNHkhTbJxIdjEVB4Tze5dIgtw2-GGQWioIZLIeHg9jzY-lHHo59OMRVsAxkcXT8A3yG7coR2DSaK2kdSA0Laptphlg2Vwf5QhhuEuHP8ODfGzwSyVTXzUAun0e_zAzr52tHxftt8oUx9YDDOPDxJCKtDFZ8NkY-1hN__-bm9rWQyu4QDEjo4f6bEZ6ETJ3TgRMGs8EZmOef6McBxN6finxVtiKaKqGYF63QcVUCPiYix5DbomoP7l9jwbxOl5qKGwORkfWGEFQ0JBlEIrMP0KJzN6K4FGhrCcmxJVOweC18fgFl1zlYzCgplukh-Bzn8V8XsLWeao3xPm873-bJUOQJe-VFZ36RLuttO96QpfG0qwA8MjvQXA2aqKRhxLvAd9IQRT1t18dlAf7JPJ7UyfKD3gi_ve9nNh0C_-1Ip9IzERZPXep5h4ZzfcUHnVJmvBcvGZWZPX2Bvcf1t1ndbq4gbIL-0Q3SrocWiUC5mMdwJ8uQzi9PlyfcEo-WW3LZI4Zj3qa4E1RgiqpCPPJE46Iae5vxqGKJJ4cdhjkc6TN27qwKA_FZUrlTkY5jYuDlSE0B8Vg45e0P2tkxxqDxtrKJmEtzz1eOOJ0x8PgIS7YkwKfmswlKlstRIBsb-ZDeUr8N9GX8G5wwYBkWjt4ZaB9B5Yrtv7W1RyWC8avuisrtmKjIu3Tuni756sIKvHZcx_KqWBgM5dDUZwQf-DNQ3ZusV2CHESQr-1TRW2hzbdJo6dvbDRTnVcx-txHquI2PyGpzo0JTm3oIFQGOFymijX6c00gPi-wtViSXCMepStBNQMmF4J0W5dhU0U3wqBuxEXE6RU2up1ZXXouFSB5sAuhGCS82i1jaNe4KRSYc764hKXa7EAp2ehL-a9RfByETbfP7SYjVrFKF4x2n9w0n-RZSzHkAFz1mrWkJmfgLeD0laclu1LuwVGCd_9duGbWn66ChZDqtkYvBSxdxvhrEZDs35TXRpsuFzVzOvaomdcKHEMRVJ_pMZm_PHQyt2kvvCBNbYEl-fxk1JIui0vh8X_DTocaQOVMdmbBP7fe_5Dq2Z8Ps7dviT4qdoJYd_D82I6w4wNeAOQoxzR-KQYgdC7jhuXi57BJ5KkXiuyoJXdfyL0f-8Oi4n8fRG44X5ziOvhINOwd_KDWBk-XSLDaTc7E8S4ASS0LkyBqa4zbkN4nhmtjcXXcy9TeKaTumQJjDsqN1lRgIA0xO26JFZQopK75Wfm9MfAW9eYyRLjIelGTnKMYHXqPdq89nC9RSQowuU-YJVuO24IYlp3MU8jJHKBpuqPKhAG2Z69fFgxUvSoNB3aTko2X4dyZBq547ClVgFkNerzUG7c-BADHueBkekiuZLr0GDuGc3zvdTLPEKotJwwLDgWoeT15LVSTMzzpcPIC8AQ45WaSwwoeCG-mPNc4mTnUL9Bgsco1ztBI8FVjHb-nHaxsfGLiwYZuJes1DEv1paWQDix5Zlc6o5GPxt3Zg845ApZxBiM7BKqIh_fXz8K0vUVmcfTKSag4FYYO_vQEnIYfrlf5rx5BkNPlazralsXxrkVxRvV6GXeKCOiml0rPprnVKtA5apoC3Il_wO4pMlqIzp_D5_TFA2uQw6lU1w3OoCQ5_YBdtceuUXpYpAMyO2qD-BEctmRlrjMqoIqR2Iz-XB-CAWDDeNQrCoI9dgaK-naR6f5FaCililDtVjUiAHcnbIN4d-1Y-BoY4_0Q6n60oROZ1HutTwActWougD74VGE0g3AY0k9LMpSP6uIsefK4Wcd6zawY9qc9xqybY53rFW7_Y-WXHZ1UsiL3-BrcEeTugWaovehETW0BBCz3ykgWbxI4Sqf6I2aE1FAHr_tqer14aLMRJhuUy3wPnB2GDDZckWoCyjF6pSzZjN9H1thkJ42qd8mxhk-nqk0XWcBe3eRasX2hmYOVpNbNbV3ca67_K5lceBCc2JMnvexc4TrWxCE5dQpsi_OHbjJa7Oq0heXsqROPqX_-AQy3Iu1sZG-SO22LkGur9oXJNp_qJzwMTmY97H2P7UlwPxauoML4YfJuNh1ZjnTmyGnV0mVFmMo29ttapK5a7E4V7Eo_oqb4rzvOK4V9TIyjvzB_Nv9rv5ytp4H5YVB6CWZMTzyNcUntYg7vO1feABYb_baVglmmlXIWM76KryF2TjLv-O-ZGk4Sp52yuEf_2Bt5EV9mhueDhjKiuxq_W0DYq5rUWv3MUa2Z_i9VPzTafLxZCx6o0hObAh34HIMxTyXgjLTObTfavOROtHR-NYA8ZKmMV49q1WjzM1jJHE96SykHOI8EMvrCplIhV50o2LhygYthMwp3ol_73nSdfTi896fYwG1xf6lUmN5uvxuv8Nmefn2ZF2qUvMwMm_ZDFm8SYdSGvYtSLa4ENJxmg5NR4D3nwMszj5Y7vpCBsaIKthnPz36wSXo65L1xwV9_9IjpsMA8ZJzSwdgk5d4W_erEHfprFdqdD2i3W6siKzxwhDpyltwVWXIxNrwQlpPIpmZhilWsU9B_HFa7NYhYb4sfoxTmn4HbgRwzm-5iAtBLztQvwIGHIkLUNrZPH-ZMI-RopmjjxB5ptBaswUw-ravWA0fUkVXM8KYxVjrYvIf5XjpUdP0oJJWPln18Fx93h5mKbjmWMMrFAqimLXKX_m1M1bnJkRlvr256O6M8BCAgb2MebeZaEbRF8mcmBbkqtWhCKkRrM2AOEBHMEmHPvXe6uo1qWCtHu-9xyCpU8bY7UC2G8hg5eQdygx_NaugQy7qT661a9F4aq-TTU-mTTueRUYMHElBQZmJYOI0sjMCThZRE1IM&cid=CAASEuRoQS3xRpoqObqqlZe3Bm1eww&rfl=1%2Chttps%253A%252F%252Fja.scriptcult.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:05:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D1B1 41 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:41:01 GMT

GET
H2

204

microad
bid.g.doubleclick.net/xbbe/match/ Frame E97A
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://bid.g.doubleclick.net/xbbe/match/microad?mid=&cmps_error=3

0
0

257ms
132ms

Image
text/html

142.251.8.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bid.g.doubleclick.net/xbbe/match/microad?mid=&cmps_error=3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj194pkMAE&v=APEucNVK_fWoZ28i33NMUT40yY6AnSIRQLmFmQr601WKNSn0c9vWhPGoe0OA4zhTqeBzu0UkSQLNp0eAa4C61nXBUDoqkNNuAw
Protocol: H2
Server: 142.251.8.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tb-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
server: nginx
location: https://bid.g.doubleclick.net/xbbe/match/microad?mid=&cmps_error=3
strict-transport-security: max-age=31536000
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E97A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1&C=1

43 B
892 B

158ms
158ms

Image
image/gif

23.51.209.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj194pkMAE&v=APEucNVK_fWoZ28i33NMUT40yY6AnSIRQLmFmQr601WKNSn0c9vWhPGoe0OA4zhTqeBzu0UkSQLNp0eAa4C61nXBUDoqkNNuAw
Protocol: HTTP/1.1
Server: 23.51.209.187 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-209-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 13:08:11 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 01 Feb 2022 13:08:11 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E97A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yfkwu9KvDdXI7pm9NdjvpQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1

43 B
892 B

161ms
159ms

Image
image/gif

23.51.209.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj194pkMAE&v=APEucNVK_fWoZ28i33NMUT40yY6AnSIRQLmFmQr601WKNSn0c9vWhPGoe0OA4zhTqeBzu0UkSQLNp0eAa4C61nXBUDoqkNNuAw
Protocol: HTTP/1.1
Server: 23.51.209.187 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-209-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 13:08:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

microad
bid.g.doubleclick.net/xbbe/match/ Frame 206B
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://bid.g.doubleclick.net/xbbe/match/microad?mid=&cmps_error=3

0
0

216ms
90ms

Image
text/html

142.251.8.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bid.g.doubleclick.net/xbbe/match/microad?mid=&cmps_error=3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYr5r7pwEwAQ&v=APEucNURMe9RMm_mAimf6Ptq95u02cnUXFuoNgsdNw-JMEO0ZBTXNCLvFGF6N_7iFUxCL0uJU1D7enHZ0IJLtEq_ttijxwVOSA
Protocol: H2
Server: 142.251.8.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tb-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
server: nginx
location: https://bid.g.doubleclick.net/xbbe/match/microad?mid=&cmps_error=3
strict-transport-security: max-age=31536000
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 206B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1&C=1

43 B
892 B

175ms
174ms

Image
image/gif

23.51.209.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYr5r7pwEwAQ&v=APEucNURMe9RMm_mAimf6Ptq95u02cnUXFuoNgsdNw-JMEO0ZBTXNCLvFGF6N_7iFUxCL0uJU1D7enHZ0IJLtEq_ttijxwVOSA
Protocol: HTTP/1.1
Server: 23.51.209.187 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-209-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 13:08:11 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 01 Feb 2022 13:08:11 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 206B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yfkwu2fl3PxGqu07POLexgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1

43 B
892 B

62ms
61ms

Image
image/gif

23.51.209.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYr5r7pwEwAQ&v=APEucNURMe9RMm_mAimf6Ptq95u02cnUXFuoNgsdNw-JMEO0ZBTXNCLvFGF6N_7iFUxCL0uJU1D7enHZ0IJLtEq_ttijxwVOSA
Protocol: HTTP/1.1
Server: 23.51.209.187 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-209-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 13:08:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame E2CF 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ac3gp_Vpu_9H4DYuaTiGSysZVLaZ3Dtkg-8CFrmq33h7CXVTByuxRGJE2q8RPBy9pnkooj2zif7jWNIGqBHDbNJHNsCxdbINWEwpItxNjjt88hJ3QC84i85XJsO9jK5zsuVwiZAf6tCaS4hsbsfQLqiTOTlQ&dbm_d=AKAmf-BibIBTZmA1-ecwCjNLwzJalRBGSSZ0rZqznQLQIr7CEx5zdVGlrvvTLz0TfGXT5-iUz0hjaUKBzmcirxqI2paZUFNPtqck4PFeo4UH-e3Y9z24x2WhQEGNVMKnj96ysCtPF5TGksm_q8MGMxOriUDJWsK62Dmz1XkXfhujmCZ1STW4SnGLkgP344Kk6XeRPDf3YhXffg778ZAQfRs_CRObcz3gXQvz0Ce1D5CxV0oPUeJ-YuqrmZ4br1-d9omtadhfhQiyBQSxaZrpf5Ltw1ooIB1c2DMP6F7956OuWittCXXrMmowY1Xu4QsSdBA4WpaUXiqTa-MtWAC1fMqbvsNJF9N_aLSS6YUXTlg14vliqPFbNvaJt6P6k1dXxeGQuFdhe2Crp_K2P4ZNHs7AFwedOYWOR76tEpSOjwaQJo_knfSEsoo0uwAvP3bFHACgIuMpcRTZd4qCdlzKjz8xUlN3yjLMcTbdKd3aCXB4CoRToOPo-Jno5WXE5pnLGgwGW9MQcI_cTvvVjqW-PH1mRmCXYTXadZME7s-g_yAmXv6889GPjigjbxseBQXbkuBZCsiwSxd-dqs695oPshq5CXW4Y9FmW-czzG1qdHKED_N3Mjz2nAKRbTbckYme4VnKLphAq3VbOLHR5OJuT6B2wNybsdD5of4gTZtVwg-Wdol3JSyRdPbtpYRQbfIANqeYtx8LcPk3l4DJ763Zy_NGtdKxcaljfDMg6kqWXsIIZwXtSNyOE46U12YCzPs4Wrssys0X-incexLmpMQUVRS60ypL-4ClOX6LfrrvW5vdEbbVN19H5pTZlcj6gvv4BslAD2i1XldldSHdRC3x0yOXq-Dss6gP013Cet7NTF3YzOu0VHCkDSm2kLWZnjLMeygfTPBBLjtPL6WB_dF_YrvFJiu7EN0mz5ukThjBQs8rayzwgAjGGVUpLwPlWeiA_5yllqnIwC0l4MWwaxnmbiApBAMrdqX53FwILKF2Npwi_fjv7Dvhaxr9FUHRaNBBFekQO-9TCQr0KMzPGBALRHIoRl374a0tJvAj8JLuwk9DH-u76y7D3EGFkQmgNFgVvxBaNXZYjhLYXbYwfNZTleqU5gLIlxhOhucZSAWkEy9REvoOowlbvCv7zE0TjPpfC3F__hBmKprU3nOc3ysN2rJdxcINyvB99xMJp4JTvUsHs8JyE3npbFMK2cOMgLJPBtdmY-d9Dx2ngg8WFveRZUAgt0l6Z0eW0d-bBkcCyp7yXNUt-6cktSJvEq5Ylm-LSmnyGxif1avJuyb7uhNSoS5CNGrroDy-QKPZZPhrCh5nzhDMBlxg0s6Egyh3rg-fiBXCzEfT7mycsXzPwzkihienA_VGYE8yrgBy5AW2ChI_jOjlXx3N1NEGpC1_Sagulqh88D2DFM_Sf269x-yvzvFmnJy9qZp5tVuHhIDoFBATsuwNCY2jQV1LAm-r7rGGsSXz5OqU3cMAvj3JSijkuJKNtdnEuqZgv8c9inm_gIYGa4NzLREQRq_BR3tHq8tkA4lSE0_YgJ-X1VqWFnDXY736nf4l23cwsSnuFO4hOKfzDybp_bVFlUBI_WB3utq8TebtCxEB5hDPwsGXtWJXOOni8TgeVRhoB6MSsDxvIXcgz00AcTkkExOib3qJ4ZXFj4OlCdMJzFx5IdGbdrBbfp8sMqK-GbhHT8dbYfcjwEf1vum_T3mqoQglhQkLZhbyL7b6JEUf3IhIYrjHb6UNCxgrby0efBmV57GAURmKmGghad1MGMUQpH1b5h5biLAJJN7nUMXD3pAdgtx7KvntFlymFegpqS5dIqFojMU2Z-ExaQJiaMPzMNNEXr_Ub0CaEh8HhFE9FmxlNorPwvauFu3MiB20yVC_P69PpPb65heGifsNPsPF5wdAhz9Yx3wXWaX4Ip2ylNPVb2Ep3yYmb0nZoC0dMzAfOCnx1tXMy_bGaEp9R8RinbgCUFuRVzIwmvtHC6ObnoC14mdIr30LjUJXJ-WYhR9cUPock1nxlmlMIArCS5ik0BGfr9hFHO4AMR5t_RKGCMGK6J6NHgjiQf5r1fEQxYxPVufQbrgvzetmxBvuvHeoGzwsH3JRSPtZcPJ9B3VOHjMo1dL232eNu1f450kPhriIE3GYfZ1Cn__xBEhjPdhnXkDqloU3v4E-bEPW9bGJLK6B9VStjTfUN9tL8RCwoYVmH6lqVwMdjWPyQZf5wUe1R3ptNKX7twwwc62jB1fQr3I6plsFj_urn1S285z4wmCEHnsmH8LwA8EBEie67r0wt1wTbwA5PRGEg2K26g9wnmSU7DapHCC20vndpZKwMwrYGLnY_eS4tj-OtH3JDViNc7G6iMLaagtifv-YW0AmZXV3FmicbN4FFTiqA3OVgyMGvxvig7MxDjCWo_r3DBRVe32-gvdZhVlifEguN2jQrKyswa6sT5gMIhsHupLWcGqVtrLOB80lfV78Wz6HTA7WdkVbynzNSC6rNEK_OVR3NDgltqjtqmAB8wMCtxZ9bN-gUS1suuOswFMlqiQW7j-sEMlerc6Qbcep_rLPO6bnxRdVeq67xgeu4YQTT6JSMF7mMt96dKywFBgVuktiVypmIg16kJClUswpC8jEObDsnC_xYR9qgE1f4_7UBEQGdkkw0pJ2wEUAVYWrz9qbXfFOpZynKGVsxhYWEoo4GlJZzxI0Eooo8tRiLmvjmYS5C50Yetl1vRcWR_jGaZtwIE28-CXUzCgqaUEKsCwaezZ894UHnEtkXvVr0ruzD1TxrjbZw0VAJevPefbWLTCc2m04WAIXjfnbnB826auu0dU1_Tqh5wkl3rW-dz3-XJFVpRCQFq9ftVJAJf4WkkM1hftx8REdf9JGpfyVEx1UH8x7s39o1RLo3gvQuiii-BF_c1hlCJW46xYt3OqIGn5pNYkqcR8zzyE95KWNaQZCvWVeL0SHaT3KOKi-1l7Vm0EeqvWfMX1jisb2CAIb6EI_RpJe7xft2gmentDyc1L-CQX7Ip9bk0uzLdbed1DK1x_nYJ1e9EINsNDAToxiE5dRXOFyQqnpo2yPMh4NgfDlfHudThTbWOn1klaECBDSdSEI08sm3ouHz7zAEYjLMo83QoQjRWAiSn7JnlijFROE2izhB4BR&cid=CAASEuRo2suqwMlr8tnacC7doEZ5wg&rfl=1%2Chttps%253A%252F%252Fja.scriptcult.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:05:00 GMT

GET
H2 200 11488213324284825159
s0.2mdn.net/simgad/ Frame E2CF 18 KB
19 KB 149ms
3ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11488213324284825159

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee49d1e4a0e1881fa9f760097fe822b9124c3bf388b84724c8b37500ffff13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:02:15 GMT
x-content-type-options: nosniff
age: 7556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18550
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 14:01:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Feb 2023 11:02:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame E2CF 8 KB
3 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 12:52:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 12:52:25 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E2CF 0
571 B 126ms
48ms Ping
image/gif 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZ3ZRPDIAEW4zYOFUwDw-1AeBViAo6EQAb8wXxcXVpGiWkHefc5AjAeb4twOcs1VZxFa49jp_ZEJcM55rkEzrjkz3vXT4b4rvSCNnE4qbeCEK8hygopxA8NzKQfdRydOHbR5EXclSIY9hkISt5PV8nslZjbpC8yeyZcdzAgxyEe7Vh4TsmVPp0Bkow8XHhfqcGk_6eogYoSwFk3CfYWFsOYBJfGpaO9vm_zS8FESwzvHq_t9b5Ljm31XyTYgPHVCWQyTLsg7loE13MkYNvkfAIKEivKBXeY2c7zo1iJ9I5Mjq7ek8qWyvmJ-JEpJTkgZ5ReOs4KH1mLIcGFEh3GapQVHuJW6obBiditydY05IDesZH5RQhQyV4bSTyh3g4K3exhicwwyALH6-OKUXHoHRJw51qGHAl8RTOwueSEcy2pTN_5P2tYR1ciaza3P7Yk21oDmYS8DEREa5i4rI8NKEqYE4ph3sjY0cnaAs2WrrgtLZgRbX2hhoO5bz1GIldGI3CxYzMKv2kFkcxF4BPVjyH6hbYMqjXYfUaqzFsPxHqm2fv8tQ0Nv6vyHBgfecyMVfYY-wcSJQsnUVADPlEhcJZ2U4Q7G9MuQpwMLG5whYdJ1UY28-td6uLaMSTiK5e-0HlwDxY6sEXOp7jPdcldUgaiGAcDu7G_NdZ_JQI1xjeDo5X6hM5x4tzFGsyQxXL7mDjIDwNRSbSNSVwVJ7C01WZ7xoktOzM5MX5i6jvNi1ryZhRVzHr9WbyVMJ2JD6qt0mtEYa9xMlXTSdeXPsrlQ1zUdX0Uw8OrFo0fk5019dQwNjZP3NWHv7-qVsi5W9cF7kKWVYpzl7BXHP6F_lbkUCQc16hEYipEDC-bkR8lyRtzEOpI2wIHa7vRUxFFyiaG7vUm_sPSybyNSkR8wZ-KPi4bO-eJ2bZ3HpDyE1TpAVjFg3xYXg2U6y7BNoOGga5nRuuR6L4bgDpLjg8kXZdZs-ZbaRD_ZXnt_KQdGkOcgPrgL-SLVAJCbqJGZuZkjWzUxJPSVWDivH0_44ir09dfpEvhX-FI8Z5kIayzz2EuQv4d_oApiyfX8yLf8SEFsOmC2EnfS1aychkDPOM26s1PRjo4wZY8fWnAkLkgTxCip5uL-WDmsMjMOfpMLPUPNA-YxOPK-vrFp3WMDBnVqZRpzyECHI7_uEacJWf3HSQw4O2ue1cNoUS6s8D4JsOTj8Kw6mkkQakxyTCp4o&sai=AMfl-YR1uK8KYsVZG0ROef_TkRBYLszoJlnvp4HUyrUczYyACvih4qa1qZnZ_TTjMvG-OFjF9uM5FA4GU7Kyf1sepv-qshF_w6LJTBG_5ddZB16RGDk1o0xQZZ4QAF2rF8537Pqga05cJevH6ygFtkGyHTpvbBwM8Q&sig=Cg0ArKJSzNy5OyxtLvYQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220126.94637&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 01 Feb 2022 13:08:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E2CF 41 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:41:01 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 40ms
40ms Fetch
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 3201 0
71 B 150ms
150ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1643720891171518593857
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228650.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6d6b6831db4a80fc-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3266 448 B
276 B 38ms
38ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYyLnnwAEwAQ&v=APEucNXXlJ0jVhXW5O0LXOfDfWm393fnpKrrGDI3ArADr6y9m_qkcX8_ZD7mOCtBk-CQrhXvBV0E0m1aLBQAuezGpR2j7xVwYg

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 01 Feb 2022 13:08:11 GMT
server: cafe
cache-control: private
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6E4D 55 KB
27 KB 84ms
83ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwzXt8I6WymfjN6_nbr6iGiSYhOCaaDDWxbjECB8caNIO7rGcbZSttJw9_sS--LaEWhc2Hg1oCWLaswT-eZY1973xZuCa4Qal5_P9bhrIxV1_MpZb7_EAbm5vp3l7xvjWCj4XzwgrrkFZWGelR853nuQzKCQ&dbm_d=AKAmf-BgtwAXPDtDDH8ns11eRS9KIVd542Gmt90n1_lLWqXEv6ZR6db1FIuhzqjU-WsWJYD4yBuzEyGd3TvcuFAuVBkgAwxbSSKHtK1pOFLzyxAWdv0T6ja-mpRnFH9AtHTmo3DfITVFtKyYhxGPp9lKp-_wroPApniJUNZ_F4_HqRteUXcTjm7xpY0ntcR196Uo_PN8y9CvBiCnsdtLevn__UVg8RA7DRfvRLYOTep-5LwPBYsOgkh6_tTOcKCllFBYBzexRd0XPEkjymPh0Op19FigBf5leDSoIceOkykTA8ZC0_BIE4PJP-2ggTAjCPsI5-AwUgbHjbFyDaA0bii0DYy_GJnlA4MaSDgwWOUN8mOXZValzaL-fqCkbpJ0Qu8KxqQWs5F2E3y7rGJXQSy-7U14myejG6OqWYoxThTQj7gV8mee9T3RlTspuFrXGpiHJ77fNFwY60YwjIWU9YbsrK0f_wip7VWm6qwdzkcUHLn1PuzbdpBnEBa1XZq316kJsE4zJFoGgiwphkq4hhU0NLlH4FRqJORpYMMjcSIvuJ4uVwafGdBmJSmjNfynWf5nMN9MzXc4saO1t3WN2qWGyOLOZgLxG_rn07RrxDwBGHg1a4OIvfyBZlJP-oG-PBc1wvqnXoZU4YK2VtbJo6wv2_CtNtQ5EAQ8nCvyq8BtsfSRr3zqwaToXw7ww-wbcXRaDnXKcxqL181F8iknHOp9YtR_vKvLV8vyJfjPwGZeEYz56a8-Dqiz0sNvmHbS-iC4ww2VtVOmAMqnnLP6972CEBE2BbyW0yUdGO-tK5BTndfeJWcl57Il4ZFg5nbmS6LXiC1iqNILfctIrEkDTOyceZajvebbdBP_WV9hpWwwMeZ84V53mWGddGMKnR10mPUqHX_S39ryBNRMd57Vm3rM4graj3qPkmjgwJOE79SDzdpvCBPH_DFfUmvQeOtgjEV5iPncIEkSM3o5SY6KuH5lhg4ZUnEayCFiKqDniv4PsNOJmOtN_feIcaWX60vQG62o18wr8wRYlKGvtNukj2QpQMq6GwOVVvFS-g_tKUkM7nhVX-BTvceIm-yxVR28AG1ev7hfXeHAEvspZH1npDY1_AWet5X-Xyi2_hUp7p01W_VM7gj8N-N-Qz2tgriVFnwwmDOWSckRTrDoYkxkmDIMkbGbOfLmkQSGHM_LlNX2M6O5Er0D3C1frlckD8CFwW0OWBdQ_73hdL2Lo9UHv8L6NJI6Q0-OWJmM04wWrWd0JDO7JEDZjo9iKppPItyCGJDUJNQSr04Q8hXqD5Y_snTSv9jhi9TnjsD8mzYxa1rw_0QfHWT3eWb8NplaoqQxJPTqxUWsvitX6ebpDuVmY2W_6Y5eAJd--Dm058bw-47IQIL7VKPTrTpZquYu6xrYHPBLI01IuNb09xHKNXAGCC8cK5BC_UT-5l6YvTeNEz3X9KvDblIakWkNyCR93n4yvzb7vFM49DmHCUf5PTZo0qypgK9a2-5Qj39QFNIYRACME4UQoK9cHOSnr2d_hlYwJfnngf3wyyCUBOIwxAa1HcT-uODPYMbc6BGEp7Q_2Mlaliy6TX3dztcvMHm_jJiKM4QRUQMXz3EG5YDBWEGxEaSKl7KJU7L6rv47uKDj66fM1RucZm61-v2KjH7jo0gIKuoDuImoRZ9SPNpZkg4bDmr2EP3n93yWjvi3AXtU4F2WtsA7bovR59b-zbzeFk5GMH87T1_ljvGg0Zjuwp7rYrNmh_qaCX7fEa4np9U9KzXpGIk6CzhuWeoKEQnaj3NDsRyob1ttxxPcEgId9ZS1ZdeW4I1NJYkttVMhWMntU0mvGzp2uAgaLgzfIz8D_SQ0UUD31NUT1PjgPUR7PVm-XZG_VEV7qQRb1P7lPgCU45bBki-sIcuI5Ung19s29uadw8FHk0lHW7ipZlYElpTwuMbNDSM-cKksDCpBPsE_p2nbO-X1WHRQQbTmFQ9_xyuW4kM8AMydkHIbDu-D9TpDsFx7PM9xBKU0xyWCM6CnFxf-OMWCMSkrIrUcSOxLQV0HX6XMrckWvoGz24CqpHMGLn1Yr8bfhNEXTEr8kU6j-02rnaLLrolhpRta4i7toKD6Z77yx5ZFl7sMop2ow-XMQzceObNHU9IXPCNCtv680augG6eodVS44QZkZBe-IMEngHc1bjKQNG6SvMi3VhT0G5pm3zw0oEa_LFUqCMeovWoddXSKzk63TuLvF-TfrE_jThupgBglSjGq-4GQ_ecnE8LZ1O7JnxRygnNTmZkHfFVQwKV1LBmDriUcks7-L-LDiLMa-pL5Fqc3y-U2nRDCk2dMPY7rCf-A52NKBb9kJX80TMQdEqIBESHbsmcFctzrmnBuHfj52SqrWC-VoVds5-1HFpyEeZUnjbkcG-NsEOQPBheRseVuKsNb8_IXALLauuAdl-sOIRIJt0-efZIq3AZB3-2VSuujJZ6BCzPAr4Y3LF7rantMjnpI13SS4Bs1ENfzs9XyQKMpsk9n4c8_jc-XVKPtHgMmsUAEwbTqoVMeejSwLGK4SqyjALtB1I-5k97Dl3Qb4VcDNmmCLlij1esLvHxtkrveBsvMlvV-CCUGBlcC64I8gOiaaDEIljv-F8DsCAnPe8xZlrKavkapSE2i-5n8ZBfkGFAkJy-thPS9CeImyUGQOpH1C9J1-1cJ41A9pfCGnGCroMYg2F7_GoNWTvmYC4E5yk2xsdSi3hTp_E9v-9ob4zI_yth10CFp2qYnYGI8_sFSaWsTWe2__52AWCj22k6AMncYVlK0xFW6q7n9FqMwoo80-i_lmUEL4nS0Jm62xZD-fFGvwuLFDo0eLPj_u29Udj6y1D_XzO6mCAx7Kml1Ovd62TgmjgpuOzkq9X2iNczvdUa7W-DQ82WKeckoDj0kL1p0tdgkITgovngtT8nxQovY5diNIaId4w4muenslRVUFN-Y1zS659V8y-W6aclDiqkFXL1_36uKUA7f6sKNKSzPNpjoD3cB1smhla-0gikqUsd6UlKNpD0gkga-ztGqv6frYodyN5tnxe24WsGwPhXf5ldiTKs-woWF-EFzLhQohp2CDeoJzFUftiMigJiEuT2Gm_JGIVAzJfAG9H7YEMCHPAmBh7XUJI7Bp09X0XeaVI7LRMisVU8LL9d0VeR5KvQZbK1xD1ROnkoVlpeS95Pu2pqnSSIm4SurFNsHM0tTPL_yY7N0PB0dGXJy2AFmMj18RJSoG6J_lFs1eAEakmcFRkmUeKjiPhalFpu5IfW7EN-TJL5uEM8W-OIrkCHB74T98FJmqMd7m6HYOlOYFMOKdV09I5ore3E5kYF85GCZppupHtnVRJssXppic3-cCQ&cid=CAASEuRojvoAGFPfNoujQmwXRtrZ5Q&rfl=1%2Chttps%253A%252F%252Fja.scriptcult.com%252F%240

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e86a4aa0e119529bdad329e02cc3bc53ca60e949727a174ca94264cc21290c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E4D 42 B
67 B 36ms
36ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C07vb11V4_kxnkUtaayyxmkbYSBW0tr3kWDwlFu81mI4-CQYoofedMK7fnG1ROMivprRODGrp7ksrFZ6rIBmDlhGu4wSudatsc7jT8olv88J3wEnw

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 6E4D 2 KB
1 KB 2ms
1ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:07:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E4D 123 KB
38 KB 61ms
60ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 13:08:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 6E4D 14 KB
6 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:05:49 GMT

GET
H/1.1 200
OK dvbs_src_internal101.js Show response
cdn.doubleverify.com/ Frame D1B1 55 KB
18 KB 3ms
2ms Script
application/javascript 2600:140b:400:1a9::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115846&plc=4181613&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gtCWISQI4s_JPdWbyJelts&DVP_DBM_1=3060631&DVP_DBM_2=11596744&DVP_DBM_3=32348006&DVP_DBM_4=209894389&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=340852570304&turl=https://ja.scriptcult.com/open-acsup-files-905&DVP_PP_BUNDLE_ID=&dvregion=0&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 13:08:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:46 GMT
Server: Microsoft-IIS/10.0
ETag: "08517fa16ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18088

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A04F 22 KB
8 KB 5ms
4ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 23:14:04 GMT
expires: Sat, 28 Jan 2023 23:14:04 GMT
cache-control: public, max-age=31536000
age: 309247
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3B6A 1 KB
754 B 2ms
1ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 31 Jan 2022 21:40:41 GMT
expires: Tue, 01 Feb 2022 21:40:41 GMT
cache-control: public, max-age=86400
age: 55650
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E2CF 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c76d7c98d22bc600af5f8a8798fd81d3a5ad820c2ef9cf4f32388cf1eed19b7

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C4CD 22 KB
8 KB 2ms
2ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 23:14:04 GMT
expires: Sat, 28 Jan 2023 23:14:04 GMT
cache-control: public, max-age=31536000
age: 309247
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame D1B1 2 KB
1 KB 226ms
77ms Script
text/javascript 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_273501532428&jsTagObjCallback=__tagObject_callback_273501532428&num=6&ctx=1828362&cmp=115846&plc=4181613&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=273501532428&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=97&bridua=3&dup=null&turl=https://ja.scriptcult.com/open-acsup-files-905&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gtCWISQI4s_JPdWbyJelts&DVP_DBM_1=3060631&DVP_DBM_2=11596744&DVP_DBM_3=32348006&DVP_DBM_4=209894389&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=340852570304&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=14&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTau%3B2%5DD4C%3AAE4F%3DE%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3B2%5DD4C%3AAE4F%3DE%5D4%40%3ETar9EEADTbpTauTau2ee%60b62_5f3ccfc2b72b3hbb52f66hbe%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3B2%5DD4C%3AAE4F%3DE%5D4%40%3ETau%40A6%3F%5C24DFA%5C7%3A%3D6D%5Ch_d&dvp_exetime=5.00&callbackName=__verify_callback_273501532428
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 211e9944e7f15969966bccd49dfee2b3b65eb34a3cd81c3bee8ed50d50fe5035

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:11 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Connection: keep-alive
Expires: 01/31/2022 13:08:11

GET
H2

204

microad
bid.g.doubleclick.net/xbbe/match/ Frame 3266
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://bid.g.doubleclick.net/xbbe/match/microad?mid=&cmps_error=3

0
0

522ms
397ms

Image
text/html

142.251.8.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bid.g.doubleclick.net/xbbe/match/microad?mid=&cmps_error=3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYyLnnwAEwAQ&v=APEucNXXlJ0jVhXW5O0LXOfDfWm393fnpKrrGDI3ArADr6y9m_qkcX8_ZD7mOCtBk-CQrhXvBV0E0m1aLBQAuezGpR2j7xVwYg
Protocol: H2
Server: 142.251.8.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tb-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
server: nginx
location: https://bid.g.doubleclick.net/xbbe/match/microad?mid=&cmps_error=3
strict-transport-security: max-age=31536000
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3266
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1

43 B
892 B

158ms
158ms

Image
image/gif

23.51.209.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYyLnnwAEwAQ&v=APEucNXXlJ0jVhXW5O0LXOfDfWm393fnpKrrGDI3ArADr6y9m_qkcX8_ZD7mOCtBk-CQrhXvBV0E0m1aLBQAuezGpR2j7xVwYg
Protocol: HTTP/1.1
Server: 23.51.209.187 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-209-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 13:08:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3266
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yfkwu9KvDdXI7pm9NdjvpQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1

43 B
892 B

71ms
71ms

Image
image/gif

23.51.209.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLX3AIQmrKE5wEYyLnnwAEwAQ&v=APEucNXXlJ0jVhXW5O0LXOfDfWm393fnpKrrGDI3ArADr6y9m_qkcX8_ZD7mOCtBk-CQrhXvBV0E0m1aLBQAuezGpR2j7xVwYg
Protocol: HTTP/1.1
Server: 23.51.209.187 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-209-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 13:08:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-2inaPLIUASKbIaRYx4t8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 6E4D 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwzXt8I6WymfjN6_nbr6iGiSYhOCaaDDWxbjECB8caNIO7rGcbZSttJw9_sS--LaEWhc2Hg1oCWLaswT-eZY1973xZuCa4Qal5_P9bhrIxV1_MpZb7_EAbm5vp3l7xvjWCj4XzwgrrkFZWGelR853nuQzKCQ&dbm_d=AKAmf-BgtwAXPDtDDH8ns11eRS9KIVd542Gmt90n1_lLWqXEv6ZR6db1FIuhzqjU-WsWJYD4yBuzEyGd3TvcuFAuVBkgAwxbSSKHtK1pOFLzyxAWdv0T6ja-mpRnFH9AtHTmo3DfITVFtKyYhxGPp9lKp-_wroPApniJUNZ_F4_HqRteUXcTjm7xpY0ntcR196Uo_PN8y9CvBiCnsdtLevn__UVg8RA7DRfvRLYOTep-5LwPBYsOgkh6_tTOcKCllFBYBzexRd0XPEkjymPh0Op19FigBf5leDSoIceOkykTA8ZC0_BIE4PJP-2ggTAjCPsI5-AwUgbHjbFyDaA0bii0DYy_GJnlA4MaSDgwWOUN8mOXZValzaL-fqCkbpJ0Qu8KxqQWs5F2E3y7rGJXQSy-7U14myejG6OqWYoxThTQj7gV8mee9T3RlTspuFrXGpiHJ77fNFwY60YwjIWU9YbsrK0f_wip7VWm6qwdzkcUHLn1PuzbdpBnEBa1XZq316kJsE4zJFoGgiwphkq4hhU0NLlH4FRqJORpYMMjcSIvuJ4uVwafGdBmJSmjNfynWf5nMN9MzXc4saO1t3WN2qWGyOLOZgLxG_rn07RrxDwBGHg1a4OIvfyBZlJP-oG-PBc1wvqnXoZU4YK2VtbJo6wv2_CtNtQ5EAQ8nCvyq8BtsfSRr3zqwaToXw7ww-wbcXRaDnXKcxqL181F8iknHOp9YtR_vKvLV8vyJfjPwGZeEYz56a8-Dqiz0sNvmHbS-iC4ww2VtVOmAMqnnLP6972CEBE2BbyW0yUdGO-tK5BTndfeJWcl57Il4ZFg5nbmS6LXiC1iqNILfctIrEkDTOyceZajvebbdBP_WV9hpWwwMeZ84V53mWGddGMKnR10mPUqHX_S39ryBNRMd57Vm3rM4graj3qPkmjgwJOE79SDzdpvCBPH_DFfUmvQeOtgjEV5iPncIEkSM3o5SY6KuH5lhg4ZUnEayCFiKqDniv4PsNOJmOtN_feIcaWX60vQG62o18wr8wRYlKGvtNukj2QpQMq6GwOVVvFS-g_tKUkM7nhVX-BTvceIm-yxVR28AG1ev7hfXeHAEvspZH1npDY1_AWet5X-Xyi2_hUp7p01W_VM7gj8N-N-Qz2tgriVFnwwmDOWSckRTrDoYkxkmDIMkbGbOfLmkQSGHM_LlNX2M6O5Er0D3C1frlckD8CFwW0OWBdQ_73hdL2Lo9UHv8L6NJI6Q0-OWJmM04wWrWd0JDO7JEDZjo9iKppPItyCGJDUJNQSr04Q8hXqD5Y_snTSv9jhi9TnjsD8mzYxa1rw_0QfHWT3eWb8NplaoqQxJPTqxUWsvitX6ebpDuVmY2W_6Y5eAJd--Dm058bw-47IQIL7VKPTrTpZquYu6xrYHPBLI01IuNb09xHKNXAGCC8cK5BC_UT-5l6YvTeNEz3X9KvDblIakWkNyCR93n4yvzb7vFM49DmHCUf5PTZo0qypgK9a2-5Qj39QFNIYRACME4UQoK9cHOSnr2d_hlYwJfnngf3wyyCUBOIwxAa1HcT-uODPYMbc6BGEp7Q_2Mlaliy6TX3dztcvMHm_jJiKM4QRUQMXz3EG5YDBWEGxEaSKl7KJU7L6rv47uKDj66fM1RucZm61-v2KjH7jo0gIKuoDuImoRZ9SPNpZkg4bDmr2EP3n93yWjvi3AXtU4F2WtsA7bovR59b-zbzeFk5GMH87T1_ljvGg0Zjuwp7rYrNmh_qaCX7fEa4np9U9KzXpGIk6CzhuWeoKEQnaj3NDsRyob1ttxxPcEgId9ZS1ZdeW4I1NJYkttVMhWMntU0mvGzp2uAgaLgzfIz8D_SQ0UUD31NUT1PjgPUR7PVm-XZG_VEV7qQRb1P7lPgCU45bBki-sIcuI5Ung19s29uadw8FHk0lHW7ipZlYElpTwuMbNDSM-cKksDCpBPsE_p2nbO-X1WHRQQbTmFQ9_xyuW4kM8AMydkHIbDu-D9TpDsFx7PM9xBKU0xyWCM6CnFxf-OMWCMSkrIrUcSOxLQV0HX6XMrckWvoGz24CqpHMGLn1Yr8bfhNEXTEr8kU6j-02rnaLLrolhpRta4i7toKD6Z77yx5ZFl7sMop2ow-XMQzceObNHU9IXPCNCtv680augG6eodVS44QZkZBe-IMEngHc1bjKQNG6SvMi3VhT0G5pm3zw0oEa_LFUqCMeovWoddXSKzk63TuLvF-TfrE_jThupgBglSjGq-4GQ_ecnE8LZ1O7JnxRygnNTmZkHfFVQwKV1LBmDriUcks7-L-LDiLMa-pL5Fqc3y-U2nRDCk2dMPY7rCf-A52NKBb9kJX80TMQdEqIBESHbsmcFctzrmnBuHfj52SqrWC-VoVds5-1HFpyEeZUnjbkcG-NsEOQPBheRseVuKsNb8_IXALLauuAdl-sOIRIJt0-efZIq3AZB3-2VSuujJZ6BCzPAr4Y3LF7rantMjnpI13SS4Bs1ENfzs9XyQKMpsk9n4c8_jc-XVKPtHgMmsUAEwbTqoVMeejSwLGK4SqyjALtB1I-5k97Dl3Qb4VcDNmmCLlij1esLvHxtkrveBsvMlvV-CCUGBlcC64I8gOiaaDEIljv-F8DsCAnPe8xZlrKavkapSE2i-5n8ZBfkGFAkJy-thPS9CeImyUGQOpH1C9J1-1cJ41A9pfCGnGCroMYg2F7_GoNWTvmYC4E5yk2xsdSi3hTp_E9v-9ob4zI_yth10CFp2qYnYGI8_sFSaWsTWe2__52AWCj22k6AMncYVlK0xFW6q7n9FqMwoo80-i_lmUEL4nS0Jm62xZD-fFGvwuLFDo0eLPj_u29Udj6y1D_XzO6mCAx7Kml1Ovd62TgmjgpuOzkq9X2iNczvdUa7W-DQ82WKeckoDj0kL1p0tdgkITgovngtT8nxQovY5diNIaId4w4muenslRVUFN-Y1zS659V8y-W6aclDiqkFXL1_36uKUA7f6sKNKSzPNpjoD3cB1smhla-0gikqUsd6UlKNpD0gkga-ztGqv6frYodyN5tnxe24WsGwPhXf5ldiTKs-woWF-EFzLhQohp2CDeoJzFUftiMigJiEuT2Gm_JGIVAzJfAG9H7YEMCHPAmBh7XUJI7Bp09X0XeaVI7LRMisVU8LL9d0VeR5KvQZbK1xD1ROnkoVlpeS95Pu2pqnSSIm4SurFNsHM0tTPL_yY7N0PB0dGXJy2AFmMj18RJSoG6J_lFs1eAEakmcFRkmUeKjiPhalFpu5IfW7EN-TJL5uEM8W-OIrkCHB74T98FJmqMd7m6HYOlOYFMOKdV09I5ore3E5kYF85GCZppupHtnVRJssXppic3-cCQ&cid=CAASEuRojvoAGFPfNoujQmwXRtrZ5Q&rfl=1%2Chttps%253A%252F%252Fja.scriptcult.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 13:05:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 6E4D 8 KB
3 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 12:52:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 12:52:25 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6E4D 0
24 B 83ms
48ms Ping
image/gif 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvn0rR2x5QIdAm690JXGk9bXIb-J-H2d5c4MSGuap2F6Oi4Sh67W45KkLgKJ0dnQjDeNChwvuvzMgcQFZYnNaEURRuK8p6UqmbUw1WX8w50s1Mhv945sZ4DJNkPae_tbpVM888MlwfdNBBCP9t-fhlxQLfDNRiiCoYp2wPmqeGH1wVdpCP8eDMC_5RKkBOy8bnh6vgHIHcJ8AXiDbU3k7NKFhjdjl133i9KhmknkHqTqCMQgGdA82pwDIJqp03NuAEdkLBnIZg5ZRFIaEzcf4FDxn8P-vcRBh9cwTgFm838EGQgVMqWummtHnJbuhMO9_yW47jxzzJDBNlC0JDFiag8ftRJTS3W7JmwTOl5NVz0kpmadO5uZLJJ5fXg77HaY4yzwWNPkJpvxXvKha9c5DJ6PmD3nM4bK95zEw96eEaS2v_2YZRnDG7mIlbMxaRJlhut5wkdHWuMSD34EfxuKqwM0eLKxo-1Zi15KGE80w2rMnEQJv1OkjHUd8IrCFKPlJgXjv0Ou6OWGdl_UIMsmdnqLCFdDbOyqUtq9w6JGvgZ_RRGrQT15TJ95n2HIGi4hssywGjIBF3tVfcqfzXYdYr5S_dFklmCq0kh8f_oObFE4TQ40hQBPA9xIJPw1g9nW6UKybTBIc3Bh3nUAwu0T8vuBNMb8dNlwJqedfIDwmoKZJw-OxhIifb_O-ThYEk_ix3YvxNhX6xBarC8Ve83t-ESYIpYkw7hQj8c_P3_7Gii5iFG86iQgiqXyIikRyEh-G8bnId8u4gDDSRsCbEIenMy7oOL3OG1OCdYDI2Dz7MxXTvZQccThPM7Z9Vq4chmDM6ScVL_1Ep0_6IMwqDEQaGL1MP8pfKk3TBTJka97C29zMryXag3ILxGmmdirsa5XwhLxdKi9H83BNIQHkHRgrhuTwzKCfjHFih4KBJPgCT5gTCAPeK4JqIjIP3qvvL9B4QfTzRT3wGreC6Y0ELuC9FstCDmLd7yceoZSCHC0Oi-fTtaVUae7jJdd8U3Q2SFLk8alqwJS00r5QHag3eTGq9qn2pQupFWrmS0N-EkmEfNJpM-HsRSOj6SvIv-era35ySpw2OqdjuSqBZxyiW8-mA6yzYkRIykjYmT1bCzB-1kW9sd92lLDyufOfB_6t8OlrdyCiFAGDp4gHypcz2x46bZ7apkX5Wx7yx4u6KoRfFH4OdM9LkEA9ymKgODkaWyZkiQkOiUX4LYB6zo40pYNA&sai=AMfl-YSA0rBxRUkvSZjp2vAqzbEh83jFgHnKbdI0EHv5PmMy9EdXJFgnkUG28CmwERN0_o6HbKfmDAVY2kKehgLtLbnLqlwe3pQGikYIuZ2BAsWqo5EAbDx1Y4-KFmNnqe-KfETEAFWiEVxwmj7S1oRh5FZRv8XX_w&sig=Cg0ArKJSzB0xrq8fZF05EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220126.83498&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 01 Feb 2022 13:08:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6E4D 41 KB
15 KB 2ms
1ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:41:01 GMT

GET
H3 200 8622127208396649535
s0.2mdn.net/simgad/ Frame 6E4D 34 KB
34 KB 40ms
4ms Image
image/png 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8622127208396649535?sqp=-oaymwENCNgFEFogAUhkUAFYAQ&rs=AOga4qlVmVNYV_zt4oD8ecUozPhoxaE_rA

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1624b2d7163174f65543633f1a26d5b8f09e3161e72cac2ed889d5baf33de4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 03:17:59 GMT
x-content-type-options: nosniff
age: 35412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34737
x-xss-protection: 0
last-modified: Sat, 29 Jan 2022 02:59:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Feb 2023 03:17:59 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B6A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHBZBx88WoRTU2qNOj3Xowg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHBZBx88WoRTU2qNOj3Xowg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGJvSUVhYzExTmVTVGg1&google_gid=CAESEHBZBx88WoRTU2qNOj3Xowg&google_cver=1&google_push=AYg5qPJUSAGTAJE6aawBYBVJ8aFnD4bQadX0Lw-vIge1bnm...

170 B
188 B

39ms
39ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGJvSUVhYzExTmVTVGg1&google_gid=CAESEHBZBx88WoRTU2qNOj3Xowg&google_cver=1&google_push=AYg5qPJUSAGTAJE6aawBYBVJ8aFnD4bQadX0Lw-vIge1bnm7HPQL2cyYZHiCm9QWWr-wEsqaY3MggYto76lmSR_bdaAcvWgnww

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:11 GMT
Server: PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-01a782bce8a23aa7c@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGJvSUVhYzExTmVTVGg1&google_gid=CAESEHBZBx88WoRTU2qNOj3Xowg&google_cver=1&google_push=AYg5qPJUSAGTAJE6aawBYBVJ8aFnD4bQadX0Lw-vIge1bnm7HPQL2cyYZHiCm9QWWr-wEsqaY3MggYto76lmSR_bdaAcvWgnww
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B6A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENOqX49L_0Ke4ej8uPKI-Qk&google_cver=1&google_push=AYg5qPKgwjXELjmN-cSeX_SSxuawxwesTPYJyImHGiM6vtSuBbjjqtXTJST8UMUvK1T6FudpTYgTVgJQoNbgumOnAdxrDnmKg8c
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=002C1E8793DF4F9595CED7F83FEDBC7B&google_push=AYg5qPKgwjXELjmN-cSeX_SSxuawxwesTPYJyImHGiM6vtSuBbjjqtXTJST8UMUvK1T6FudpTYgTVgJQoNbgumO...

170 B
188 B

38ms
37ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=002C1E8793DF4F9595CED7F83FEDBC7B&google_push=AYg5qPKgwjXELjmN-cSeX_SSxuawxwesTPYJyImHGiM6vtSuBbjjqtXTJST8UMUvK1T6FudpTYgTVgJQoNbgumOnAdxrDnmKg8c

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=002C1E8793DF4F9595CED7F83FEDBC7B&google_push=AYg5qPKgwjXELjmN-cSeX_SSxuawxwesTPYJyImHGiM6vtSuBbjjqtXTJST8UMUvK1T6FudpTYgTVgJQoNbgumOnAdxrDnmKg8c
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 31 Jan 2022 13:08:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B6A
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIzuF2BEzORhqypA_YNOkWQ&google_cver=1&google_push=AYg5qPL96uB8snMt0GIf6-bRGaQSfrwtTEGVQGu0fVyKly_c69B5LqaYGZuqmJwqan_PQ_dMGBaQCrC6g48hgAODbn5g...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIzuF2BEzORhqypA_YNOkWQ&google_cver=1&google_push=AYg5qPL96uB8snMt0GIf6-bRGaQSfrwtTEGVQGu0fVyKly_c69B5LqaYGZuqmJwqan_PQ_dMGBaQCrC6g48hgA...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL96uB8snMt0GIf6-bRGaQSfrwtTEGVQGu0fVyKly_c69B5LqaYGZuqmJwqan_PQ_dMGBaQCrC6g48hgAODbn5gUq2aKZ4&google_hm=yJ9rKj08SzKwF0OUQ6KVlw==

170 B
188 B

40ms
40ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL96uB8snMt0GIf6-bRGaQSfrwtTEGVQGu0fVyKly_c69B5LqaYGZuqmJwqan_PQ_dMGBaQCrC6g48hgAODbn5gUq2aKZ4&google_hm=yJ9rKj08SzKwF0OUQ6KVlw==

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL96uB8snMt0GIf6-bRGaQSfrwtTEGVQGu0fVyKly_c69B5LqaYGZuqmJwqan_PQ_dMGBaQCrC6g48hgAODbn5gUq2aKZ4&google_hm=yJ9rKj08SzKwF0OUQ6KVlw==
Date: Tue, 01 Feb 2022 13:08:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B6A
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKAmCsSF6CIL569FD47KpYU&google_cver=1&google_push=AYg5qPIlVs-g3cQtlrtUgtb6gnYakRTsp2FcgwnIpGTNtCwZ4Z-ry49ME0LzUa1b4yxD5jJCWw1wsorNNNyrc...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKAmCsSF6CIL569FD47KpYU&google_push=AYg5qPIlVs-g3cQtlrtUgtb6gnYakRTsp2FcgwnIpGTNtCwZ4Z-ry49ME0LzUa1b4yxD5jJCWw1wsorNNNyrc...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPIlVs-g3cQtlrtUgtb6gnYakRTsp2FcgwnIpGTNtCwZ4Z-ry49ME0LzUa1b4yxD5jJCWw1wsorNNNyrckrhC67NUOdhiXQ&google_hm=MVNHTXdDaWo2ZWNQSGcxa...

170 B
188 B

37ms
37ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPIlVs-g3cQtlrtUgtb6gnYakRTsp2FcgwnIpGTNtCwZ4Z-ry49ME0LzUa1b4yxD5jJCWw1wsorNNNyrckrhC67NUOdhiXQ&google_hm=MVNHTXdDaWo2ZWNQSGcxandnZVc=

Requested by

Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:12 GMT
P3p: CP="We do not support P3P header."
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPIlVs-g3cQtlrtUgtb6gnYakRTsp2FcgwnIpGTNtCwZ4Z-ry49ME0LzUa1b4yxD5jJCWw1wsorNNNyrckrhC67NUOdhiXQ&google_hm=MVNHTXdDaWo2ZWNQSGcxandnZVc=
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 235
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B6A
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEsQOEdX5AemxVEqrS0H7dE&google_cver=1&google_push=AYg5qPJfzenuG1bpoyLy_q_gu86nrlhkrIPjVAqf_UNjHv4w8vaJozenUhT8Hn9X_C95jlzVKjn6hC...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJfzenuG1bpoyLy_q_gu86nrlhkrIPjVAqf_UNjHv4w8vaJozenUhT8Hn9X_C95jlzVKjn6hCby2TVfYDMsIqZLAZV92LI&google_hm=NjQxMTY1NDk...

170 B
188 B

37ms
37ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJfzenuG1bpoyLy_q_gu86nrlhkrIPjVAqf_UNjHv4w8vaJozenUhT8Hn9X_C95jlzVKjn6hCby2TVfYDMsIqZLAZV92LI&google_hm=NjQxMTY1NDkyNDk2MjE5MDM1NA%3D%3D

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJfzenuG1bpoyLy_q_gu86nrlhkrIPjVAqf_UNjHv4w8vaJozenUhT8Hn9X_C95jlzVKjn6hCby2TVfYDMsIqZLAZV92LI&google_hm=NjQxMTY1NDkyNDk2MjE5MDM1NA%3D%3D
date: Tue, 01 Feb 2022 13:08:11 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B6A
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEOMiq4sxchYgZIEi7NYeHLc&google_cver=1&google_push=AYg5qPLYgpsGscgxiWegABWFTspKqMVbH7UA7dqtGzdPEKRISg5AbcTKnWUC8Xt789bJRdCviZ51Ozc4c8RVemGZp...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Mzk0YzNmNjgtODE1OS00MWJmLTg4ZWEtMzVkMmJiMmUzNzUz&google_push=AYg5qPLYgpsGscgxiWegABWFTspKqMVbH7UA7dqtGzdPEKRISg5AbcTKnWUC8Xt7...

170 B
188 B

37ms
37ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Mzk0YzNmNjgtODE1OS00MWJmLTg4ZWEtMzVkMmJiMmUzNzUz&google_push=AYg5qPLYgpsGscgxiWegABWFTspKqMVbH7UA7dqtGzdPEKRISg5AbcTKnWUC8Xt789bJRdCviZ51Ozc4c8RVemGZpv_U1HL8qqUo

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=Mzk0YzNmNjgtODE1OS00MWJmLTg4ZWEtMzVkMmJiMmUzNzUz&google_push=AYg5qPLYgpsGscgxiWegABWFTspKqMVbH7UA7dqtGzdPEKRISg5AbcTKnWUC8Xt789bJRdCviZ51Ozc4c8RVemGZpv_U1HL8qqUo
date: Tue, 01 Feb 2022 13:08:11 GMT
content-length: 0

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 3B6A
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEC53fWJ2-f5IlMp-HnOOxyM&google_cver=1&google_push=AYg5qPJOjO2L2Ou7LeM2JVLFIINoxyepKz4vGrm_Cx-4wtn1HbgpdiPg0y7f1UoBD9Y0a8f1bO6W5SpPxI-3VxV7W3ahDaSi3URs
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPJOjO2L2Ou7LeM2JVLFIINoxyepKz4vGrm_Cx-4wtn1HbgpdiPg0y7f1UoBD9Y0...

43 B
1009 B

1019ms
259ms

Image
image/gif

51.195.5.231
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPJOjO2L2Ou7LeM2JVLFIINoxyepKz4vGrm_Cx-4wtn1HbgpdiPg0y7f1UoBD9Y0a8f1bO6W5SpPxI-3VxV7W3ahDaSi3URs&gdpr_consent=&gdpr=

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

51.195.5.231 , France, ASN16276 (OVH, FR),

Reverse DNS

p35.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 13:08:11 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Date: Tue, 01 Feb 2022 13:08:11 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 271
X-XSS-Protection: 0
Referrer-Policy: no-referrer
X-Frame-Options: SAMEORIGIN
Expect-CT: max-age=0
Vary: Accept
X-Download-Options: noopen
Content-Type: text/plain; charset=utf-8
Location: https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAYg5qPJOjO2L2Ou7LeM2JVLFIINoxyepKz4vGrm_Cx-4wtn1HbgpdiPg0y7f1UoBD9Y0a8f1bO6W5SpPxI-3VxV7W3ahDaSi3URs&gdpr_consent=&gdpr=
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3B6A 0
12 B 36ms
35ms Image
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqHDng5KF5VAOwacld9fJtIVmx0EuJCnjjky_1VZxmqMRcukZQjnQiV06vcs2gIgUUggZ-THc

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E2CF 0
23 B 63ms
39ms Ping
image/gif 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame A04F 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:32:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 04:32:40 GMT

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame C4CD 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:32:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 04:32:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9F23 1 KB
754 B 2ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 31 Jan 2022 21:40:41 GMT
expires: Tue, 01 Feb 2022 21:40:41 GMT
cache-control: public, max-age=86400
age: 55650
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6E4D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdcddf7bc84e23f5a46a2efc600d1ad3f334338aaa04b3f90146e5f4f7bfc651

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DDA6 22 KB
8 KB 2ms
2ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 23:14:04 GMT
expires: Sat, 28 Jan 2023 23:14:04 GMT
cache-control: public, max-age=31536000
age: 309247
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6E4D 0
23 B 39ms
39ms Ping
image/gif 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9086 42 B
64 B 43ms
43ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQdY0EjEL3ZNAnreC7uxRPV-2uxG7JmhilfsafSVct15ULwUgx6hFaPLqGQE6gS_JMRDj7RV_sLird9iHj053VHg6Qemw90CMSQacddaO064NKejwYtLC8rSvYbpHLcVgJ9WQfdwF46Q&sai=AMfl-YSVginJkV3j-IPkDNGlfmuW_jYTFooygcOD-IXYY_-RgXvqUCL05dd5_fFvUHCYsqgPLS7wOWm6PWWPMJgNcTCVr10oCQE4oYhqrKFequUi85pNDCEEWoUJKy_jCFA&sig=Cg0ArKJSzN5n5yQPEOTPEAE&id=lidar2&mcvt=1023&p=0,0,280,336&mtos=627,1023,1023,1023,1023&tos=627,396,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=655493194&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643720889470&rpt=923&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame D1B1 10 KB
5 KB 3ms
3ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 12:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4819
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 14:44:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 01 Feb 2022 13:43:55 GMT

GET /
google2waycm.netmng.com/cm/ Frame 9F23 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9F23
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDXjMFbY0jj9UcGcIkUZMUw&google_cver=1&google_push=AYg5qPJ7u2z8jBw8zjtoBmvOEt8wIMgQG9N8aXs2eTgynnOvQozDO9N...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=52d6a9bf090212b7&is_secure=true&networkId=14000&version=1&google_gid=CAESEDXjMFbY0jj9UcGcIkUZMUw&google_cver=1&google_push=AYg5qPJ7u2z8...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGpQ_bnbrh_QNk4ICvAAAAAAA&expiration=1643807292&google_cver=1&is_secure=true&google_gid=CAESEDXjMFbY0jj9UcGcIkUZM...

170 B
188 B

39ms
39ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGpQ_bnbrh_QNk4ICvAAAAAAA&expiration=1643807292&google_cver=1&is_secure=true&google_gid=CAESEDXjMFbY0jj9UcGcIkUZMUw&google_push=AYg5qPJ7u2z8jBw8zjtoBmvOEt8wIMgQG9N8aXs2eTgynnOvQozDO9NJ7U2L-a91VnOGk1I691NjRek-wzsGLNAYOZHlSSyxFug

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGpQ_bnbrh_QNk4ICvAAAAAAA&expiration=1643807292&google_cver=1&is_secure=true&google_gid=CAESEDXjMFbY0jj9UcGcIkUZMUw&google_push=AYg5qPJ7u2z8jBw8zjtoBmvOEt8wIMgQG9N8aXs2eTgynnOvQozDO9NJ7U2L-a91VnOGk1I691NjRek-wzsGLNAYOZHlSSyxFug
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 9F23
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEENHUU7wLAaYRv3rE1CkErk&google_cver=1&google_push=AYg5qPIgDpe9kbunWULxgt1hAEFnOPhY5VJBOm4EQmkbB1EOV6D4vfIKnkk9H7gHigXkVHqhlqCSEbiVZLKRDgdlTZc2E7sTTcE&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEENHUU7wLAaYRv3rE1CkErk&google_cver=1&google_push=AYg5qPIgDpe9kbunWULxgt1hAEFnOPhY5VJBOm4EQmkbB1EOV6D4vfIKnkk9H7gHigXkVHqhlqCSEbiVZLKRDgdlTZc2E7sTTcE...

43 B
420 B

128ms
122ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEENHUU7wLAaYRv3rE1CkErk&google_cver=1&google_push=AYg5qPIgDpe9kbunWULxgt1hAEFnOPhY5VJBOm4EQmkbB1EOV6D4vfIKnkk9H7gHigXkVHqhlqCSEbiVZLKRDgdlTZc2E7sTTcE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIgDpe9kbunWULxgt1hAEFnOPhY5VJBOm4EQmkbB1EOV6D4vfIKnkk9H7gHigXkVHqhlqCSEbiVZLKRDgdlTZc2E7sTTcE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d6b6834d9c78093-NRT
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 351
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d6b6833e84f8093-NRT
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEENHUU7wLAaYRv3rE1CkErk&google_cver=1&google_push=AYg5qPIgDpe9kbunWULxgt1hAEFnOPhY5VJBOm4EQmkbB1EOV6D4vfIKnkk9H7gHigXkVHqhlqCSEbiVZLKRDgdlTZc2E7sTTcE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIgDpe9kbunWULxgt1hAEFnOPhY5VJBOm4EQmkbB1EOV6D4vfIKnkk9H7gHigXkVHqhlqCSEbiVZLKRDgdlTZc2E7sTTcE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9F23
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESENPcqv9CgqL_jMQQ523H-mg&google_cver=1&google_push=AYg5qPIMw3XvJAPO9FJmc5oI0FTvX1GLVIXrQMUL6gqYLFjr2aGKZYLFjeh4RLw4EFE7gcl6D1VV3_PhASEDwVB6mqdcj2wS...
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AYg5qPIMw3XvJAPO9FJmc5oI0FTvX1GLVIXrQMUL6gqYLFjr2aGKZYLFjeh4RLw4EFE7gcl6D1VV3_PhASEDwVB6mqdcj2wS-nkk

170 B
188 B

39ms
38ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AYg5qPIMw3XvJAPO9FJmc5oI0FTvX1GLVIXrQMUL6gqYLFjr2aGKZYLFjeh4RLw4EFE7gcl6D1VV3_PhASEDwVB6mqdcj2wS-nkk

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AYg5qPIMw3XvJAPO9FJmc5oI0FTvX1GLVIXrQMUL6gqYLFjr2aGKZYLFjeh4RLw4EFE7gcl6D1VV3_PhASEDwVB6mqdcj2wS-nkk
Date: Tue, 01 Feb 2022 13:08:11 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9F23
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAEVyYMa0aTn17UYbadsmsA&google_cver=1&google_push=AYg5qPLpts0tsTaE2hhhrWoF4HoEy1ocB_vNRxrgyYvPxKCiZoeKcgyNrFLTC__xbfpAxFwJip6GBq6TU5Acij0G...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLpts0tsTaE2hhhrWoF4HoEy1ocB_vNRxrgyYvPxKCiZoeKcgyNrFLTC__xbfpAxFwJip6GBq6TU5Acij0GgeSx_VUUZbcT

170 B
188 B

40ms
40ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLpts0tsTaE2hhhrWoF4HoEy1ocB_vNRxrgyYvPxKCiZoeKcgyNrFLTC__xbfpAxFwJip6GBq6TU5Acij0GgeSx_VUUZbcT

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 01 Feb 2022 13:08:11 GMT
via: 1.1 aaaa38f6638fefc2221f20ff18eceef2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: NRT57-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLpts0tsTaE2hhhrWoF4HoEy1ocB_vNRxrgyYvPxKCiZoeKcgyNrFLTC__xbfpAxFwJip6GBq6TU5Acij0GgeSx_VUUZbcT
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: UNXCXItm7zrvasqxCJvepZSmMoCzptocoUD-90eV8-BQSex1q9vPHw==

GET
H/1.1 200
OK sync
rtb2-useast.torchad.com/ Frame 9F23 42 B
233 B 650ms
216ms Image
image/gif 2604:9e00:1:129::2:a01
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.torchad.com/sync?exchange=309&google_gid=CAESEHs9yUtdmUTQWzTq8cQF8eA&google_cver=1&google_push=AYg5qPK6HMkcvIDZdM0YSXHjmKjE6m6lnfz6iwnGyz1AK-WI-X5QNKInPU01-_nNIV5p2Hd-IFbeVvakOv3jjyiN2wGK_McXcNW2
Requested by: Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2604:9e00:1:129::2:a01 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:12 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H/1.1 200
OK ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 9F23 11 B
218 B 11ms
3ms Image
text/html 35.213.109.249
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEKWeFMXmAVq9cHaAdCeP5oo&google_cver=1&google_push=AYg5qPKaTttG73U6S-WGY6Es0pGocnQuB-Etwp7my_ILoo7L2kXFpIg-4K7kGBc5_oMTKgrAxb6r3TAJBQGA79LWeqbrZcDwKDU
Requested by: Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 249.109.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 13:08:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 11
Content-Type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9F23 0
12 B 36ms
36ms Image
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Inc3AdnkbfLienMop0wNP8Vjl5j23qq7jnHCy3VK3K4zalluIRiJrtfeeDsvgkaXmf3KXA

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame DDA6 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:32:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 04:32:40 GMT

GET
H3 200 impl_v84.js Show response
www.googletagservices.com/dcm/ Frame D1B1 41 KB
17 KB 3ms
2ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v84.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17214
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:39:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 14:43:16 GMT

GET
H3 200 B9689862.280630144;dc_ver=84.245;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=943508956;ord=e4vi85;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame D1B1 41 KB
20 KB 80ms
79ms Script
text/javascript 172.217.174.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=84.245;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=943508956;ord=e4vi85;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fja.scriptcult.com%2F$0;xdt=1;crlt=E5vOgBL4_y;sttr=33;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f6.1e100.net

Software

cafe /

Resource Hash

73b51db343b611a2b091fd24fc83bc77f8d7cc5c037ff0b8b5f2c20012032248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20808
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame D1B1 8 KB
3 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=84.245;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=943508956;ord=e4vi85;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fja.scriptcult.com%2F$0;xdt=1;crlt=E5vOgBL4_y;sttr=33;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 12:52:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 12:52:25 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D1B1 0
23 B 39ms
39ms Ping
image/gif 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwF4YF1ewIuft3jOCW0XLCsLUwT-eBkF4-8Rdy5ktfgVHx9xpFH37M9CWRc4DH_O60PFUpLGjPPwesYoNEe0BJdbzH14xw-AeHqwMkzrGixheAijfSp88U1_R1oDcjS18vteDwJ6IsHrMgCNGr6zdA&sig=Cg0ArKJSzC2vJeuNNcxJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220126.99765&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D1B1 41 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jan 2023 03:41:01 GMT

GET
H3 200 17721130591974731406
s0.2mdn.net/simgad/ Frame D1B1 69 KB
70 KB 4ms
3ms Image
image/jpeg 2404:6800:4004:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17721130591974731406

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 23:09:43 GMT
x-content-type-options: nosniff
age: 482308
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71148
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:07:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Jan 2023 23:09:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A04F 0
24 B 41ms
41ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bf8qFujD5YfXwOLWAs8IP7aefyAcAAAAAOAHgBAI&bg=!KimlKW3NAAY6OBv_Ojg7ACkAdvg8WjA84Hy_E3WOvpHblUwix-WAM6MOnAIJKjWwcMh18DXDy-tzdQIAAADHUgAAAAFoAQeZAwnioyXlKdcKPtlxcWQeUx8u2fdNZuWr84LfWVKh7ud5KCnwimcNdj4Vv3jlrMPNyHuLNqM9ETL-dW5cgZ_79r9Bmgy3GpK8IZRIHVSmhoaWeAEo0XIXROA08rl-7shNTZ-Q_WXjBWCDCFW_bQn71JATRr0g8yZN-TW8Q29YB4Gn-paapO3D5EFPyu5EJ_ui9WxN3c3h1ZwL7v-R6Is75ZvyiK4H-_PwGM43qa4H-0Rf5O2ib5ViOWDm9hZo3JHc0jjHz2fYOQgm7fZLI7RvPQkWkIe13kz713GUzp5VfGnB-huYE7YtvfXvcDtrR5PduJO18cG7fjFOpVYMJScCREwAb_h67XNPBxnno6l3sqNBBThTxFyFhRtYTRHk5v955ynJfFe4gvzTJO_pXu_6Z0uotNRQHywnqs1gjVPwgoFYPia7Y4f7jXvI-Q2QJXs_fTqKGo_iqeYWA5yOGmI2EsDlvHHxmkU42X8x-7SELc3DGeGtlGPsZi9NzPlgTV6hk0Vl99GQQdQHZsOx6WNMxQEvbEbokrtOGDUj4zKEBr8ci-riNkXh_PRSDNp0BGEklGTs8aI4qz5QP_LE2I9adgdl9fQsZ0RvsJhbz19D8K6gt-g9XeJtwNy11KcL8ThmojUWDjOjBdpkeMltpMoTKMTFcRWQHMZHFS7Y9-BdiAfxjO0l7BD4S52U6t_k7y1Q-lfdjFUBy3mld9sN1xJzaE4zTd0ebAc7jtGMVcl6m0OJIBS7sh04j0a-lQS7xHRIl4eNOjrZbIT0QaMChIGFlUI68Jz8YGswr3W9pPnxJx3R6mncHI21Pa4cYAeqgnSGrrOxJXnan6Cw_NpPu_6efc3lTbt0_B0SpZVFKTNFVi6oFPXMgYjNz3zg6c2QbtW9s0PN_aZGwMpb_tiRJQAyXO7AN6par7mg1r2L2Oy7z4K9COc4AKPiUz1rgdjpK84Gu2jmt3MkVclwavjFOWWwijOgMQDveeP7KMBRcJ6QPyo0gs9uOTaKRKQVWovvlYxR7UgkWOgRj7kUYvY

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dv-measurements2105.js Show response
cdn.doubleverify.com/ Frame E2F4 501 KB
92 KB 3ms
3ms Script
application/javascript 2600:140b:400:1a9::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2105.js
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400:1a9::4469 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7f5da66516cf7931e640bda551914bc45ac2e42da640dfa067f2c260b830e7f2

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 13:08:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Jan 2022 14:22:12 GMT
Server: Microsoft-IIS/10.0
ETag: "0c2a3c5e415d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94006

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 72B1 1 KB
754 B 4ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 31 Jan 2022 21:40:41 GMT
expires: Tue, 01 Feb 2022 21:40:41 GMT
cache-control: public, max-age=86400
age: 55650
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D1B1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 751f4630d31b3b83de4591935d83d159560b063a4b12af065b5a0f38912132ab

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4CD 0
24 B 38ms
38ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFBUWujD5YZ_pPI2B9gXogZ2oCgAAAAA4AeAEAg&bg=!ubqluv7NAAY6OBv_Ojg7ACkAdvg8WtozkSuvzgK5egMvRBA9mwTziPFP6JUtCQPkqHU2kgPsnfd1lQIAAADhUgAAAAFoAQcKAFWeZQ8FEZmFdk_Xb3Ntn8hc4r9KbiTBHxFOcGRHd0AqdEEwBLAPdPS_eAiaWNJ8YzkEjOnWS2wJcoOBj1hlGlBuc8P6b9ZhdVbjyIUt1faWqs6i-xrgmQMlM9lsw9UG3gjFAt4014nVUcLOjiKIYXTWx8zBcSWuRx_fqFxG270atWiEA5z6UwjihxACnh9OfsvjGjlHIp97O1TbSNYV6eZ1QXWg1KwfTkZxwAfEV0-DPyTJ_rR2APlDyFw6TTl74_yhbrc_Qs3FmZmCyGqM_VDWi405Se0SCv_ZR4CkhpindMAv5OGy0zPp-bXCwC5IIAX7_7sFO-2ixjLyJb6MaBG25iuAT_teqo4h3mHBpGstX1OfrWDQYzylvJLSfWJpEimrc6iH39DkiIFesZtYeFF-iQN-gEziPSK9eiuBoZnnneegfC8C9F7EiNokBkLmnpq0gnmvPEWKDkVEDo4EqH47dJhvl7teUnEODeswdz37m8Vmym0bPtS420thZmq9ZDd4J-0A2z1H2G1CFgMHP7NIskE_IACwGGPlrAV1tNPKyE6o7YcYuyany8EAQkhV2pKSeft9JXTJPUlvtuJog2jv1d6OygFeZAZ6luukeSG_7d7sFuOKjMcTdAd-wDjNQI_vFBPgP4RgFvBdw3Lq-GcQOCEwPPgxawHsiG8kSTLqvncmumLeGPMLFtKfvUl6j063CJnaXpGWLirKY4jhGpKSj2eRg_AeUP-6_jVVrTRkOd7g7Qr7nKwFF8AX6kr7phOJoix2mwYoPn7v7TBwm7DqIxGbULsP0GNqf_-S1lLssZbZ4ORO74G1pf0JEGF0oEkzqolU8Igg_yCCyPU1Ffo0smwe55U1WujQHqfgumNA8ajMxICypMWhcL0xLLiVlcUXmy0DrSK3aOgt2KWQp82IxUfiy4FxXWyFikvjIYwmXZS3hKnluaasAIGOo6Nbf-CRX7FMzDzeg-pMU2sdzXdHc2KdodGy4EH-E_S_8DPXpyh1wKDHJFyHHNPtKIXXOhYWeVCXSE_hghJi-eFXddIS08LnNuhArwyV7nowEA0Gaxp1e_jq87XWXTUeAPGA6a6O0pTlNL5YoV0wQsdJ_bG_3bpI5nYzEwTW2Acd7Bx_prRSWs1-r6Hl9njdqDfHqRvFB2VhBzIPNvXIhJoEGwu7lV4jMM0zVZj0snuXHA

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D1B1 0
23 B 45ms
45ms Ping
image/gif 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D069 22 KB
8 KB 2ms
2ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 23:14:04 GMT
expires: Sat, 28 Jan 2023 23:14:04 GMT
cache-control: public, max-age=31536000
age: 309247
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DDA6 0
24 B 42ms
41ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgBrguzD5Yay0DIqGid4P96GPyAMAAAAAOAHgBAI&bg=!2tml2Z3NAAY6OBv_Ojg7ACkAdvg8WjetCMXBzufU638ppfAlW4dPtccTBzTym3Zw5iwUXYtejZ02HwIAAADuUgAAAAFoAQeZAwt_i5jEXwLCH8APvwdOIM1mDG0nM36hkZJTLoyL95V48mOcwe6JnbFWXS6mBxL87X1rICrLjiMpW9TO39VCr2OlzPJxSj6FtuJSMsDWxX6MlfFdsmM4lQC2-M_2zdtEcMug8-1FQXLoxh21lIMTanm-h_hlFOyYnkD18BNAIR3E68qhGF9Q7Dcg7fbumNdHdMSybRSjRvoh7MJC2KTMQQt16QICTk7-blcmnNQWzjkxdL4fBFLqICGOcqOG3_1m_RZlwh0mkugxvuB0F4HPNAlpxCMgOgG4REnoeKhbMXXzgIqigsS3I05tuRAvG3TdUaS3gLFlr6Q9h87OcjwbOeZohLQjhHsYCsfX7bECYeeCc7wLLc8cL9j2ri8Cqgn_bQaAO3WycOdrbN17Azd0Blw3RhT02t3fFWDDyWcYV7eRSBshN4YYdM8-A7HJsdLckKPGFoUxj7_tCMRG6L24PqRo5ajhbjwwKcPXJQo3w-AZkbXjV20Ec9nfLCZxNtmVNAG7Zpkv9hLnI2dBg7nJ5Z2XOCuNlWCXO8wuYMAVEQFikLFZzPVPoNzG6qrlNDiBlKmhsYc3XP9ee3-y9OrPSOhrn2Bc7CW9VDfkpvzELkEj2C8f1uNB0cUvLKmEjeRnKj02Yh7hC_q5ZXLLMIhPmtZVuKrkoblbi2fPeKf4HIj6YnkUtmN9Ll_a3wKnFxJjxZ2zyE53lUMc6NlTUv1SUkk4BS_tx-I65kAmrUO_o3_zpKaZb4ult3pDgyumRCLGJiG-NAO00LjCHnaQbsRABPu0U_Pbg5BcBsaMKW49nEALtZNDU56TVY3pZoS34AwmttEB3mFpfQoAB2gvpis3YG65rdGWn7f7NM9NkqRv5PBUYHTQtQbCoRwS3jKCK3GrO4w9HOXu7Nq97aPtDs9IMHz19KvyMP9-Z4638tCFl6zSDPfdZTxrD7AdxFcdpcz4-KHIAoyCQMzh1FWYHp3c4TVcimvBv0cawWouuq5BsmbF-wQOCuC5tmS0KXyunFbo9HJYCLB0V_8dX-b5Mw

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame E2F4 2 KB
1 KB 607ms
500ms Script
text/javascript 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=139&ttfrms=33&brid=3&brver=97.0.4692.71&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3B2%5DD4C%3AAE4F%3DE%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3B2%5DD4C%3AAE4F%3DE%5D4%40%3ETar9EEADTbpTauTau2ee%60b62_5f3ccfc2b72b3hbb52f66hbe%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3B2%5DD4C%3AAE4F%3DE%5D4%40%3ETau%40A6%3F%5C24DFA%5C7%3A%3D6D%5Ch_d&srcurlD=0&aUrlD=-1&ssl=https:&uid=1643720891888782&jsCallback=dvCallback_1643720891888649&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2105&tgjsver=2105&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fa6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=14&brh=2&sdf=2&dvp_epl=321&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://ja.scriptcult.com/open-acsup-files-905&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gtCWISQI4s_JPdWbyJelts&DVP_DBM_1=3060631&DVP_DBM_2=11596744&DVP_DBM_3=32348006&DVP_DBM_4=209894389&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=340852570304&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=13617119678.858856&dvp_tukv=58547260402.2104&dvp_uuid=671356106593.2476&dvp_strhd=0.39999961853027344&dvpx_strhd=0.39999961853027344&dvp_tuid=1258010330763
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2105.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ed15a19a2cefeef11818d71ad1da8593db291dd8261927a70fa8f558a264bf87

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:12 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 01/31/2022 13:08:12

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C6D9 42 B
64 B 38ms
38ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKKukEhxItZlPZTRQq6ZGXDA8Jis9TUEI4ExMSFt47RSyMrbuSULLJDPpO2cEQNzsDQ_xvfW3wD4S0v5UCdxsoiSQSeuCQpFrmNzmyRYApjWFKb1w&sai=AMfl-YTfyEonxxYcErUR1xtX_PEM8A9u4NJKs6NKjcrGVWvEGcUSJbpDKu6XsFRKUZTDakEII7UzcI5Woah4&sig=Cg0ArKJSzBDsvV9socODEAE&id=lidar2&mcvt=1044&p=0,0,124,1005&mtos=443,1044,1044,1044,1044&tos=443,601,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643720890162&rpt=689&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
google2waycm.netmng.com/cm/ Frame 72B1 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72B1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJaAa6J-SXHhtAagYMC_pq8&google_cver=1&google_push=AYg5qPJpIvDb6kX6TzceQhmvCyjGGPuZCR1WVn6udaVeTxQwpWF8AYqoknbtrm0YUTqGY7G12ScLYIeeUdRI_Udt...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJpIvDb6kX6TzceQhmvCyjGGPuZCR1WVn6udaVeTxQwpWF8AYqoknbtrm0YUTqGY7G12ScLYIeeUdRI_UdtC7ZkNya_F_t3

170 B
188 B

38ms
37ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJpIvDb6kX6TzceQhmvCyjGGPuZCR1WVn6udaVeTxQwpWF8AYqoknbtrm0YUTqGY7G12ScLYIeeUdRI_UdtC7ZkNya_F_t3

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 01 Feb 2022 13:08:12 GMT
Server: MT3 4133 baa842e master hkg-pixel-x1 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJpIvDb6kX6TzceQhmvCyjGGPuZCR1WVn6udaVeTxQwpWF8AYqoknbtrm0YUTqGY7G12ScLYIeeUdRI_UdtC7ZkNya_F_t3
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 01 Feb 2022 13:08:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72B1
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIzuF2BEzORhqypA_YNOkWQ&google_cver=1&google_push=AYg5qPKk_oqHT0rrUUqqX1CqGHzewu5hFYFI2a0a4fXF38Ydfb_e8zFhsPr7XH8uxUtFeEDknMi1hu2gz2DZo1AHaYxC...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=c89f6b2a-3d3c-4b32-b017-439443a29597
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=c89f6b2a-3d3c-4b32-b017-439443a29597
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=bead4f3d-f9a9-47c1-b203-4e0ad642e357&user_group=1&ssp=google&bsw_param=c89f6b2a-3d3c-4b32-b017-439443a29597
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKk_oqHT0rrUUqqX1CqGHzewu5hFYFI2a0a4fXF38Ydfb_e8zFhsPr7XH8uxUtFeEDknMi1hu2gz2DZo1AHaYxCvT6LSToy&google_hm=yJ9rKj08SzKwF0OUQ6KVlw==

170 B
188 B

38ms
38ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKk_oqHT0rrUUqqX1CqGHzewu5hFYFI2a0a4fXF38Ydfb_e8zFhsPr7XH8uxUtFeEDknMi1hu2gz2DZo1AHaYxCvT6LSToy&google_hm=yJ9rKj08SzKwF0OUQ6KVlw==

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKk_oqHT0rrUUqqX1CqGHzewu5hFYFI2a0a4fXF38Ydfb_e8zFhsPr7XH8uxUtFeEDknMi1hu2gz2DZo1AHaYxCvT6LSToy&google_hm=yJ9rKj08SzKwF0OUQ6KVlw==
Date: Tue, 01 Feb 2022 13:08:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72B1
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEOXnTAUqH0UvhLUjf0-gvsA&google_cver=1&google_push=AYg5qPJ8zZuqVsbZXD_KHGqicIkJvqwikrAfBNHTxByT00OTCDh6rkSAekw-jPGLJaBIAaGDMG42VJt9syso4aF5Ju9vixh7g_tS
https://rtb.openx.net/sync/dds?google_gid=CAESEOXnTAUqH0UvhLUjf0-gvsA&google_cver=1&google_push=AYg5qPJ8zZuqVsbZXD_KHGqicIkJvqwikrAfBNHTxByT00OTCDh6rkSAekw-jPGLJaBIAaGDMG42VJt9syso4aF5Ju9vixh7g_tS&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ8zZuqVsbZXD_KHGqicIkJvqwikrAfBNHTxByT00OTCDh6rkSAekw-jPGLJaBIAaGDMG42VJt9syso4aF5Ju9vixh7g_tS&google_hm=MJvSf_liygQq6plYLjef9Q==

170 B
188 B

37ms
37ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ8zZuqVsbZXD_KHGqicIkJvqwikrAfBNHTxByT00OTCDh6rkSAekw-jPGLJaBIAaGDMG42VJt9syso4aF5Ju9vixh7g_tS&google_hm=MJvSf_liygQq6plYLjef9Q==

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ8zZuqVsbZXD_KHGqicIkJvqwikrAfBNHTxByT00OTCDh6rkSAekw-jPGLJaBIAaGDMG42VJt9syso4aF5Ju9vixh7g_tS&google_hm=MJvSf_liygQq6plYLjef9Q==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: eu9n9nabv2qcisej94t53ejbj9mt7mct

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72B1
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEAJgJe3RmT-G_DNlryI9dYM&google_cver=1&google_push=AYg5qPKCSuSaTql6AcTidpK9LSnblKtmZ7TFp6tESGdZsXLu5haiOQ0VISnlvF7ndNV1cIbtR9vBWXUHiTCnWqA...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=LVJTGYVFTVx_eg7MPpRAvh_Mkaw&google_push=AYg5qPKCSuSaTql6AcTidpK9LSnblKtmZ7TFp6tESGdZsXLu5haiOQ0VISnlvF7ndNV1cIbtR9vBWXUHiTCnWq...

170 B
188 B

38ms
38ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=LVJTGYVFTVx_eg7MPpRAvh_Mkaw&google_push=AYg5qPKCSuSaTql6AcTidpK9LSnblKtmZ7TFp6tESGdZsXLu5haiOQ0VISnlvF7ndNV1cIbtR9vBWXUHiTCnWqA5D5lsfv4RsHXw

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=LVJTGYVFTVx_eg7MPpRAvh_Mkaw&google_push=AYg5qPKCSuSaTql6AcTidpK9LSnblKtmZ7TFp6tESGdZsXLu5haiOQ0VISnlvF7ndNV1cIbtR9vBWXUHiTCnWqA5D5lsfv4RsHXw
Date: Tue, 01 Feb 2022 13:08:12 GMT
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72B1
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAEVyYMa0aTn17UYbadsmsA&google_cver=1&google_push=AYg5qPKraMPwXx_nh-N8-hSm84o6kUdsUT8UcmTR9ZN5lhQX-Pmjy_HkNZk2z0mAF9j416pWlD4P2YdQbpCh_Xdt...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKraMPwXx_nh-N8-hSm84o6kUdsUT8UcmTR9ZN5lhQX-Pmjy_HkNZk2z0mAF9j416pWlD4P2YdQbpCh_XdtfDuuytdRG3kN

170 B
188 B

38ms
38ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKraMPwXx_nh-N8-hSm84o6kUdsUT8UcmTR9ZN5lhQX-Pmjy_HkNZk2z0mAF9j416pWlD4P2YdQbpCh_XdtfDuuytdRG3kN

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 01 Feb 2022 13:08:11 GMT
via: 1.1 aaaa38f6638fefc2221f20ff18eceef2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: NRT57-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKraMPwXx_nh-N8-hSm84o6kUdsUT8UcmTR9ZN5lhQX-Pmjy_HkNZk2z0mAF9j416pWlD4P2YdQbpCh_XdtfDuuytdRG3kN
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: ifGef1rSiSHckChVF9qD1cnCl85GFYLQRClxT9dxrx3NqoB-vZ4IvQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72B1
Redirect Chain

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEBWN84KkmtjS0AOk6dqM74Y&google_cver=1&google_push=AYg5qPJ7vaLgxImrFzbemGhshm-G9xyODZsIuu0_RoMB8EWljMisa6kAYb4Cnfw8bi40gnD-btkCJ8d_190dEpji2fPk...
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AYg5qPJ7vaLgxImrFzbemGhshm-G9xyODZsIuu0_RoMB8EWljMisa6kAYb4Cnfw8bi40gnD-btkCJ8d_190dEpji2fPkmTrH-MSR

170 B
188 B

37ms
37ms

Image
image/png

172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AYg5qPJ7vaLgxImrFzbemGhshm-G9xyODZsIuu0_RoMB8EWljMisa6kAYb4Cnfw8bi40gnD-btkCJ8d_190dEpji2fPkmTrH-MSR

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AYg5qPJ7vaLgxImrFzbemGhshm-G9xyODZsIuu0_RoMB8EWljMisa6kAYb4Cnfw8bi40gnD-btkCJ8d_190dEpji2fPkmTrH-MSR
date: Tue, 01 Feb 2022 13:08:11 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 72B1 0
12 B 36ms
35ms Image
text/html 172.217.174.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JNQ6vLc6kRgd6bFmQ8Ia1b6IuMDjF-byvAWuNOWeu2luMQf4CdIz9AtxoqgC_hyGuc34Wg

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.174.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js Show response
pagead2.googlesyndication.com/bg/ Frame D069 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jGbA3lvUbVA_isqhK0kcOmFQnhmy9VywXuVHQ76HhUI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c66c0de5bd46d503f8acaa12b491c3a61509e19b2f55cb05ee54743be878542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 15:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 594781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13685
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 15:55:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D069 0
24 B 40ms
40ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BijKXuzD5YYn2IsTm2gSMw7DIAgAAAAA4AeAEAg&bg=!trWltfHNAAY6OBv_Ojg7ACkAdvg8Wg3l-gD542miQ6tdp9PhEcOCY_gVVKz7G0A0WDD24yEL0iHHqQIAAABPUgAAAAFoAQeZAweZnAnx2yo_8D3i0ZUBosSKV4n3f8AXDk6HcL4XgXvb104h3YtHaPiS0smyhjpA6gWUkQqKp_jxTyUB3uHKmehfsb55-CVUQSF5oaDf8-a00oJJ20aqC7wn4KF6p5FoHfNFD5S-_wLEE7rihu2qUxP5DxQotT7pAcE-7auCjCVcLTel5tNRNvvEFOAbVXDAjm5sD1MhG83GgUcpJJcxfiCWOpBXt9QinDnBHNWGC4PfRSEgegIlFmMak1kiJw7a9pOtfAjk2CAxeEUTesSfQHzlPVzWMNvNMQU4X2btqHKle6Gptw-3-LdF_Rah3WYhqd51vURAV23GHdXaeXdG44vrtg6Dc3aQT9Q2amGkWmyOCZLqErsVWBwxC5PMzAC62EyRYhynEc_F2WcddaKL-F5qIJoKmHyrTPJ6zDPjSpzLBDCbIiz95M59k0h-cWbLpn5adsQ3r8jF_NnhnY_k2ToVlbQM9wcsLAMrTDttBdOnRPoDcg1eydx33Jh41M8aM0O-lca4EK0lxrdwkzGMEK3l5L-TFyyZS6oolkEuZAUxVlqWk_biZViFqU7GPlhQ4xjlK594m9l2rAf5kUo042gQ5iSWiJcZ8jnUUebJFKxNFbGHa8u03Dk3ue7YUks4o86xnTIDKWJvLC_Z2GlgFNmx2k3mZi_DRxa5QToBrsqoOEmj6aCsI7Orik7trVSLYah6Q9iX9miinmZMNVJbIFDbOmcJ7Kj1L4B02pu3Q7r1OU52ZnaAYivECHM46tbs6uY5Bn30wEQL8oQoHLCrfJ601HjNsPfF-ouI2HPxAh3p0Rg7Qhfs-SOtTKJryPfWYl8pDDELXLHcLfBPYS-7SkcM3yiHng7TR7vjl92sa813CB6E72vXADbzTkrdtl8VvPMVT2dOQB71EX0XFzcPRoo0l7dCYO0XUJ6Wr5edIJOH9qPyDm8VjxjjRweGHsoGdRE1lZ85jyv-67fjgx3Bx_RT9wl1HgVJ0mplpQK4LJ-FjpEFBVL1ojUydA4tkTkMEZ0g_1KJN3AJ

Requested by

Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 c
c.mgid.com/ 43 B
404 B 256ms
255ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=304|289|24|e_l0QqkJV-6eOaoLj07cbr92cStZ2j4qLfvg-_Pq437jV8KkoqTLBcCz1UdmgB29&fw=1&extjs=66044&cid=1228643&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=0135cff3-8360-11ec-958a-2cea7f934475&tt=Direct&iv=11&pageImp=1&pvid=17eb566561aa90c9f47&muid=m11aS7lknG85&cbuster=164372089211289679334&tpl=0
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: e38a0985-eb93-4026-a4d6-d26458b99865
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6d6b6837bf178a96-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 38ms
38ms Fetch
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.scriptcult.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 c
c.mgid.com/ 43 B
404 B 253ms
253ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=304|289|8|e_l0QqkJV-6eOaoLj07cbuZtvU1u0pDDuF4CNPunJDTGs-dkmDSEDDEV0_djylAm&extjs=66044&v=304|289|8|e_l0QqkJV-6eOaoLj07cbg0I8oso42o726TNLUIjlMKhT6WJikc5G4gzcYIKYcKo&v=304|289|8|e_l0QqkJV-6eOaoLj07cbmOC07SuS0QNRn6vSQoZPN35f-41XSo7eL5bT92Pi7bU&v=304|289|40|e_l0QqkJV-6eOaoLj07cbqOGcP5GIMNk4abLguAavSBnDRg-Bn1_RH4T-4kZA1nP&cid=1228643&h2=ciSw8JPaNooaj3aQCyVsBmwL_qLa1UqE-T3N8vOgPVU*&rid=0135cff3-8360-11ec-958a-2cea7f934475&tt=Direct&iv=11&pageImp=0&pvid=17eb566561aa90c9f47&muid=m11aS7lknG85&cbuster=1643720892211550313352&tpl=0
Requested by: Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-acsup-files-905
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: c25cae55-089f-4f43-8e9f-ab72f49f0b27
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6d6b683858848a96-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E2CF 42 B
64 B 43ms
43ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSLy3sHOdsVumhP5AzodRG7Wh2Em9jlEuEvruad74Cn5le9Kgsg7UD_58mzulRm1C_xPI59wKllN2BnTSAmXqaNbL6KL43BSk0wWn231ABzwxAi_I&sai=AMfl-YRzSQ57uD8f76bldECj9SAMGsmATndP2oHYqm2hy1iVxkx0ywX8werU_Yl0ugk43LaGcpDID84TCMTDi_0LRQ767rwRqnOIqrU-5AHP7ybe1afKBDcoy2PFS6A&sig=Cg0ArKJSzDeR8pB8hmauEAE&cid=CAASEuRo2suqwMlr8tnacC7doEZ5wg&id=lidar2&mcvt=1000&p=1110,436,1204,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3954341808&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643720890837&rpt=479&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6E4D 42 B
64 B 42ms
42ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCgVHP9lpIZCEecKlqmCOwDDYTtCfTGf55HCKCOfnsj_pJkxrDBlSM04An9T8FCLOHIW50LIeLkl4MVwiHWvoK8bh3QMG71OPg9_iwBswtNCqedJY&sai=AMfl-YRhLdoAvjPxbTvNzYPdNDdUbwOCELHZJFLm0B2fdkXjcpo8CdL7x4zF_JSyVAsDxW4B43NkrN3VtZL9hbdEeo8OAOoFRCKs7hWolom1ccP5HJZGJTQkvOQUleM&sig=Cg0ArKJSzCwP_5DnfDtWEAE&cid=CAASEuRojvoAGFPfNoujQmwXRtrZ5Q&id=lidar2&mcvt=1001&p=816,436,910,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=2995020387&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643720891044&rpt=337&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

event.png
tpsc-ae1.doubleverify.com/ Frame E2F4
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tpsc-ae1&param=akipv6&impid=e9371e26880f4f3c843b52e448c491cc&cbust=1643720892506648
https://tpsc-ae1.doubleverify.com/event.png?impid=e9371e26880f4f3c843b52e448c491cc&akipv6=2a00:1633:128:4::4

0
162 B

80ms
72ms

Image
text/plain

34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-ae1.doubleverify.com/event.png?impid=e9371e26880f4f3c843b52e448c491cc&akipv6=2a00:1633:128:4::4
Requested by: Host: a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
URL: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:12 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 01/31/2022 13:08:12

Redirect headers

Location: https://tpsc-ae1.doubleverify.com/event.png?impid=e9371e26880f4f3c843b52e448c491cc&akipv6=2a00:1633:128:4::4
Date: Tue, 01 Feb 2022 13:08:12 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 48ms
48ms XHR
application/json 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220126&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1edce9673f55dad03674ee7a6660b852fbf7491546eedeb6132d653f66360c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 13:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8942
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 74ms
74ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201240101/show_ads_impl_fy2019.js?bust=31064543

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 13:08:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5CCC 13 KB
5 KB 4ms
4ms Document
text/html 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 04:34:18 GMT
expires: Wed, 01 Feb 2023 04:34:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 30834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E157 783 B
535 B 39ms
38ms Document
text/html 2404:6800:4004:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

859f3a331654cc0a42383e1eb5b72936086b4b04f36acb8a21d51ff12e253059

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VpEF/CZu42BhnYc/HJ2BMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 01 Feb 2022 13:08:12 GMT
date: Tue, 01 Feb 2022 13:08:12 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VpEF/CZu42BhnYc/HJ2BMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D1B1 42 B
64 B 42ms
41ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvClpy9GSIX3Sz1Qssvq-fYwSFDUoQxX_JjM4ivrD5AeAehJmNhwMTyXDd4bh_1LjElu2xFUWDeSoaSh84IlaHWSDew77PKiYQWk-095zzN24sHgzw&sai=AMfl-YS-jXjK9UXssVylG_SMxIv6RNS0ph4I6jpSCXBVIR1q4lBQSUwHnZFTqd6QR2AltntEDVisqVxZRGyk7cypMmta6zhP-6OLeAa0Yx3FnjSAtlOiN0O3nBFIoSk&sig=Cg0ArKJSzEvW6s85FJg4EAE&cid=CAASEuRoQS3xRpoqObqqlZe3Bm1eww&id=lidar2&mcvt=1011&p=1110,436,1204,1164&mtos=0,1011,1011,1011,1011&tos=0,1011,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=124212634&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643720890708&rpt=1047&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D1B1 42 B
64 B 36ms
36ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstd6X27kYrj87xObhpeH8t0dPATW4p0v8cVF9Bv3vvmLDCF9f_NRrdKsRdLX1F81N4MGgmdu8DpgOzQrCjlxAA9C4jY3D0E&sig=Cg0ArKJSzEasoY8_1a0QEAE&id=lidar2&mcvt=1014&p=0,0,90,728&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=943508956&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643720890708&rpt=1049&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CCC 35 KB
13 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:32:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 04:32:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E157 0
0 51ms
51ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220126&jk=1600168022173450&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5CCC 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?47v1dg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
24 B 38ms
38ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220126&jk=1600168022173450&bg=!VValVhLNAAY6OBv_Ojg7ACkAdvg8WjX07a3yPidrVm8fHjFN-ru9h5gyO_I8_ANxodUGncobKYiecgIAAABWUgAAAAFoAQcKABO4HW83JliHzINFPByu7Xrka0irmQK-gU_wXa6dm_oPKWAFSTYkcSxgPTZXYKBTZKn6Bpplk3hdQTmZL8-SObvh_qqBAoPrZyN4AGLGrjz3Zy_xujCJ_5omGvj2okBpIdAzyHwUf5NLrYe90IVpqBCEiowJFnV2nLXQqZ6vPzRQ_JX4nvm_-xCYAol-yWjF5_qQthPF7dIROlvig51CtHyPNnhCU9YMVsTVvEGlm4fIKYCiBJmHz7Lc4e3l3r1eA-DrgbkDN9FCGctHCcPBB7KsEMw2hq6w_On9Z1JBzzny_Qq4IiPVXeUx09hgLqD387RfZtbwZ1A7CAtja9a0ZOYKiCPaGU7u7ZNx1hJdg896S8dJksw9XePnzAyj4u3To30tEOztZyHrPr2l50xrj5JDMS8DeHjxGkusOI2rl9mbU-qQ6xO-S4iaw0IO2WYwMKWHi77qybGa8SoZ0KdCUglw0EYLh85Xgn49wj4tzM2_tePgdddw1qN4QfNzBSb0qJYQ0e2mAM6UIh9mgxSw4QK9XyjX4eUYXgfvrqzYMH_2X3vEZRyJgz5khn3N33u6dvAPnUt_N4zOiREml_rcL1vxkwAeM-Yhfqy4hGSXTarCMMEan_YF22Uwm1aZyOJ584FAaVHRrwC2gI91aSJcOE0_8SWEMEteAP0FxBC6162suTLinPCsq6_UO7DUPHClUW89DPlFDif739Rr7zXa0lwxBHDIEO5MLVOSPD5qo7R-f3br_u782WIO0Teogsw2HLaAw1jYBtncr-PjNXnmURqNjnBDaGTBxv6Py5X_5joTZUJiSwVR-jlRJarhI_2v6wNE_MsTlXittNFXRXOf7zcUVJ6EOsEuSxnmM6N-MclTtpNS-Wz7EJl5qo7GU0z6SDUKNYboc6vfOO-dJrF1VB8IeCdphGIR02NdlmriddXlCaXzGniU_kO2ehvi-Mtyz0VqsWKL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.scriptcult.com%2F&domain=ja.scriptcult.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=8D3j9HwrNWYwV0Rjd1h4WVVZWmhlL2kxK3JEbzQvbU54akJzVDVyRHpUMSs3c3hSWWg3czFXSGYwRjFibmFMazk5eVQ1RUZQWkhzMzhUZFFlSXFoOTZZdVFVWDYrd01sMDZJYUw5TGFYb1BmNFVyNDFJVk93YWpYMk40Q2...

356 B
619 B

230ms
77ms

XHR
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8D3j9HwrNWYwV0Rjd1h4WVVZWmhlL2kxK3JEbzQvbU54akJzVDVyRHpUMSs3c3hSWWg3czFXSGYwRjFibmFMazk5eVQ1RUZQWkhzMzhUZFFlSXFoOTZZdVFVWDYrd01sMDZJYUw5TGFYb1BmNFVyNDFJVk93YWpYMk40Q24vcGlybThNRjFOR0I1NGI0MVhNVUNFN1RKVmVJS1V5dkhMWmwvRk5nL1VvdEtDUU9MTU5XaWFUZjNZTjB1MU1QZk92RU1PVHNyV0ZkRWl0bThjNXRycisxUGZ4STNGeXFjTGdqcGRjNDhWaEdyVzlvVjFrPXw&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

0303da5adef51f3894a450c2a06422cdb82c4270d52d84a5482a459199199148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:14 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1860
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:13 GMT
location: https://mug.criteo.com/sid?cpp=8D3j9HwrNWYwV0Rjd1h4WVVZWmhlL2kxK3JEbzQvbU54akJzVDVyRHpUMSs3c3hSWWg3czFXSGYwRjFibmFMazk5eVQ1RUZQWkhzMzhUZFFlSXFoOTZZdVFVWDYrd01sMDZJYUw5TGFYb1BmNFVyNDFJVk93YWpYMk40Q24vcGlybThNRjFOR0I1NGI0MVhNVUNFN1RKVmVJS1V5dkhMWmwvRk5nL1VvdEtDUU9MTU5XaWFUZjNZTjB1MU1QZk92RU1PVHNyV0ZkRWl0bThjNXRycisxUGZ4STNGeXFjTGdqcGRjNDhWaEdyVzlvVjFrPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ja.scriptcult.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1351
content-length: 482
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 453ms
151ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.scriptcult.com%2F&domain=ja.scriptcult.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://ja.scriptcult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://ja.scriptcult.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1273
date: Tue, 01 Feb 2022 13:08:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 06FE 52 KB
17 KB 27ms
3ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 31 Jan 2022 02:33:15 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 01 Feb 2022 13:08:13 GMT
Age: 38096
X-Served-By: cache-lga21968-LGA, cache-nrt18339-NRT
X-Cache: HIT, HIT
X-Cache-Hits: 1, 83099
X-Timer: S1643720893.281878,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 8CFE 442 B
436 B 252ms
251ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:13 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 11:46:26 GMT
vary: Accept-Encoding

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 3694 1 KB
726 B 1154ms
1146ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

date: Tue, 01 Feb 2022 13:08:14 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d6b683efecb7827-NRT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame B879 1 KB
749 B 287ms
281ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

date: Tue, 01 Feb 2022 13:08:13 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d6b683efec67827-NRT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 8D7D 442 B
367 B 251ms
250ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:13 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 12:58:19 GMT
vary: Accept-Encoding

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 11D1 442 B
344 B 251ms
251ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:13 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 11:46:26 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame FA4D 2 KB
823 B 238ms
238ms Document
text/html 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1643720889553

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A756 52 KB
17 KB 12ms
2ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 31 Jan 2022 02:33:15 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 01 Feb 2022 13:08:13 GMT
Age: 38095
X-Served-By: cache-lga21968-LGA, cache-nrt18326-NRT
X-Cache: HIT, HIT
X-Cache-Hits: 1, 82965
X-Timer: S1643720893.287997,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 9E06 2 KB
823 B 244ms
243ms Document
text/html 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1643720889553

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3845 15 KB
6 KB 21ms
2ms Document
text/html 23.51.209.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.209.108 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-209-108.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

server: Apache/2.2.15 (CentOS)
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=149575
expires: Thu, 03 Feb 2022 06:41:08 GMT
date: Tue, 01 Feb 2022 13:08:13 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3CD6 52 KB
17 KB 7ms
2ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 31 Jan 2022 02:33:15 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 01 Feb 2022 13:08:13 GMT
Age: 38096
X-Served-By: cache-lga21968-LGA, cache-nrt18339-NRT
X-Cache: HIT, HIT
X-Cache-Hits: 1, 83100
X-Timer: S1643720893.288938,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4692 15 KB
6 KB 18ms
3ms Document
text/html 23.51.209.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.209.108 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-209-108.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

server: Apache/2.2.15 (CentOS)
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=149575
expires: Thu, 03 Feb 2022 06:41:08 GMT
date: Tue, 01 Feb 2022 13:08:13 GMT
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1804 15 KB
6 KB 17ms
4ms Document
text/html 23.51.209.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.209.108 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-209-108.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

server: Apache/2.2.15 (CentOS)
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=149575
expires: Thu, 03 Feb 2022 06:41:08 GMT
date: Tue, 01 Feb 2022 13:08:13 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 1753 2 KB
823 B 239ms
239ms Document
text/html 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1643720889552

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5D3B 15 KB
6 KB 15ms
5ms Document
text/html 23.51.209.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.209.108 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-209-108.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

server: Apache/2.2.15 (CentOS)
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=149575
expires: Thu, 03 Feb 2022 06:41:08 GMT
date: Tue, 01 Feb 2022 13:08:13 GMT
vary: Accept-Encoding

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 5189 442 B
367 B 1094ms
1094ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:14 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 11:46:26 GMT
vary: Accept-Encoding

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 2EC2 1 KB
703 B 286ms
285ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

date: Tue, 01 Feb 2022 13:08:13 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d6b683f1f177827-NRT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 713F 1 KB
703 B 292ms
292ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

date: Tue, 01 Feb 2022 13:08:13 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d6b683f1f1c7827-NRT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 01E6 52 KB
17 KB 2ms
2ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 31 Jan 2022 02:33:15 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 01 Feb 2022 13:08:13 GMT
Age: 38096
X-Served-By: cache-lga21968-LGA, cache-nrt18339-NRT
X-Cache: HIT, HIT
X-Cache-Hits: 1, 83101
X-Timer: S1643720893.296995,VS0,VE0
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 243ms
240ms Image
text/plain 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ja.scriptcult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 06FE
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

99ms
91ms

Script
text/html

103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:13 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 39a83187-97fa-4cb6-949b-cb3d1dd89cd1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:13 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: d0a21d5a-8acb-48ab-a209-59e4e676db96
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame A756
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

76ms
75ms

Script
text/html

103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:13 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 5839d296-d184-4ae6-a300-94911f9183af
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:13 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 2dfa83f5-5fe4-4fe8-8edd-910a2f73b92c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 3CD6
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
805 B

154ms
103ms

Script
text/html

103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:13 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: eeaa6778-0997-4dfb-bca2-34c878eaf9d1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:13 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: b4cb13bf-4b76-4057-afa0-50f3e5272e6d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 01E6
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
803 B

115ms
96ms

Script
text/html

103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:13 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 82f8f26e-6956-46a3-a101-2a915307b535
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:13 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 034927dd-1ed4-40ac-9a61-6d07825fdda7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3845 4 KB
4 KB 9ms
2ms Script
text/html 103.231.99.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67402060&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.78 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 2ea3af3446074fb29dc8117c2f5e40e38443ad50d7016fe0e20d54d0774ab209

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:13 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B089
Redirect Chain

https://cr-p10.ladsp.jp/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://cr-pall.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://cr-pall.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYhGs8KrJkzFks8ADjqGv4xlXc8AAAF-tWZj4A

42 B
228 B

4ms
4ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYhGs8KrJkzFks8ADjqGv4xlXc8AAAF-tWZj4A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:13 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: ty6pug002:0:1308
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

content-length: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AYhGs8KrJkzFks8ADjqGv4xlXc8AAAF-tWZj4A
date: Tue, 01 Feb 2022 13:08:13 GMT
expires: -1
cache-control: no-cache
pragma: no-cache
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
server: Logicad
x-cache: Miss from cloudfront
via: 1.1 05e04c5e15a87c619e820e333918b7f2.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-P1
x-amz-cf-id: OMLo7oewcC84FrbJUjhIWFV3jg2RlAYRYKmQHTrfiN8CBvSUe06YOA==

GET
H2

200

usersync.aspx Show response
widget.eu.criteo.com/dis/ Frame 2CEA
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...

43 B
362 B

669ms
223ms

Document
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 01 Feb 2022 13:08:14 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Tue, 01 Feb 2022 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 354108
strict-transport-security: max-age=31536000; preload;

Redirect headers

date: Tue, 01 Feb 2022 13:08:12 GMT
server: Kestrel
content-length: 0
location: https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
server-processing-duration-in-ticks: 93525
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 90AA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fc9161f9-30bc-4000-aa72-1d8cc0cb5042&gdpr=0&gdpr_consent=

42 B
494 B

3ms
3ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fc9161f9-30bc-4000-aa72-1d8cc0cb5042&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 07:58:37 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: ty6pug014:0:1259
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Tue, 01 Feb 2022 13:08:13 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master hkg-pixel-x21 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fc9161f9-30bc-4000-aa72-1d8cc0cb5042&gdpr=0&gdpr_consent=
Expires: Tue, 01 Feb 2022 13:08:12 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2125
Redirect Chain

https://ds.uncn.jp/pm/0/sync
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_0d1157bf-e783-42b6-a79f-e7143a8cafdb

42 B
534 B

9ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_0d1157bf-e783-42b6-a79f-e7143a8cafdb
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 08:11:24 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: ty6pug013:0:758
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2022 13:08:13 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_0d1157bf-e783-42b6-a79f-e7143a8cafdb
Server: Apache
Content-Length: 170
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7408
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfkwvQAC8BSvhABB&gdpr=0&gdpr_consent=&_test=YfkwvQAC8BSvhABB

1 B
238 B

3ms
3ms

Document
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfkwvQAC8BSvhABB&gdpr=0&gdpr_consent=&_test=YfkwvQAC8BSvhABB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:13 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: ty6pug001:0:578
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfkwvQAC8BSvhABB&gdpr=0&gdpr_consent=&_test=YfkwvQAC8BSvhABB
accept-ranges: bytes
date: Tue, 01 Feb 2022 13:08:13 GMT
via: 1.1 varnish
x-served-by: cache-nrt18323-NRT
x-cache: HIT
x-cache-hits: 0
x-timer: S1643720894.572499,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5507
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1
https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dpubmatic%26rd%3Dhttps%253A%2F%2Fsimage2%2Epubmatic%2Ecom%2FAdServer%2FPug%253...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1&auid=23ad82d...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=9s5r2FmssoO

42 B
205 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=9s5r2FmssoO
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:13 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: ty6pug006:0:515
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Tue, 01 Feb 2022 13:08:13 GMT
Content-Length: 0
Connection: close
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=9s5r2FmssoO
Cache-Control: no-store,no-cache
Pragma: no-cache
expires: -1

GET
H/1.1 200
OK pxd Show response
dps.jp.cinarra.com/ Frame 8CAB 95 B
220 B 27ms
4ms Document
image/png 18.179.236.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.236.28 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-236-28.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Content-Type: image/png
Date: Tue, 01 Feb 2022 13:08:13 GMT
Content-Length: 95
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 539C
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=93ce53f86e354fcf9a42fa8e89d53a80

42 B
255 B

3ms
3ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=93ce53f86e354fcf9a42fa8e89d53a80
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:13 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: ty6pug007:0:666
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
x-xss-protection: 1; mode=block
status: 302
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=93ce53f86e354fcf9a42fa8e89d53a80
content-type: text/html;charset=UTF-8
content-length: 0
date: Tue, 01 Feb 2022 13:08:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3577
Redirect Chain

https://adsd-sync.amanad.adtdp.com/pubmaticsync?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=ba78c588-b8ed-41a0-a060-d54e09d2c2ce

42 B
378 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=ba78c588-b8ed-41a0-a060-d54e09d2c2ce
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 08:13:42 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: ty6pug012:0:344
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Tue, 01 Feb 2022 13:08:13 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=ba78c588-b8ed-41a0-a060-d54e09d2c2ce
Content-Length: 168
Connection: keep-alive

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 541E
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=YqUApL0xCzKl729dvTD5YQ

42 B
244 B

48ms
48ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=YqUApL0xCzKl729dvTD5YQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:13 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: ty6pug005:0:1840
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: nginx
date: Tue, 01 Feb 2022 13:08:13 GMT
content-type: text/html; charset=utf-8
content-length: 153
cache-control: no-store
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=YqUApL0xCzKl729dvTD5YQ
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3845
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zB8lw7kNSj2MIIvirNcIHA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

2ms
2ms

Image
text/html

23.51.209.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.51.209.108 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-209-108.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:13 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=149575
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Thu, 03 Feb 2022 06:41:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

info2
uip.semasio.net/pubmatic/1/ Frame 3845
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&sInitiator=external&gdpr=0&gdpr_consent=
https://uip.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&sInitiator=external&gdpr=0&gdpr_consent=
https://uip.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

238ms
238ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uip.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
frontend-id: 15
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
frontend-id: 1
location: /pubmatic/1/info2?sType=sync&sExtCookieId=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3845
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHOXHwlImJ8pwTq0Rni-Qwo&google_cver=1

42 B
284 B

4ms
3ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHOXHwlImJ8pwTq0Rni-Qwo&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 08:11:24 GMT
cache-control: no-store, no-cache, private
x-lat: ty6pug013:0:337
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHOXHwlImJ8pwTq0Rni-Qwo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 3845 43 B
409 B 80ms
76ms Image
image/gif 161.202.200.114
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.202.200.114 Tokyo, Japan, ASN36351 (SOFTLAYER, US),

Reverse DNS

72.c8.caa1.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 31 Jan 2022 13:08:13 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3845
Redirect Chain

https://tg.socdm.com/rtb/sync?proto=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=YfkwvcCo8YUAAD.SpB0AAAAA

42 B
216 B

6ms
5ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=YfkwvcCo8YUAAD.SpB0AAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:13 GMT
cache-control: no-store, no-cache, private
x-lat: ty6pug001:0:541
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

X-SO-Cluster-ID: 57
Date: Tue, 01 Feb 2022 13:08:13 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":57,"gdpr":true,"ipv4":"0.0.0.0","key":"YfkwvcCo8YUAAD.SpB0AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40373"}
X-SO-Ads-Time: 117
X-SO-Key: YfkwvcCo8YUAAD.SpB0AAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40373
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=YfkwvcCo8YUAAD.SpB0AAAAA
Cache-Control: private
X-SO-HostName: a-ad40373.dc2p.scaleout.jp
Connection: keep-alive
Content-Length: 0
X-SO-LB-Hostname: m-tgng33.dc4p.scaleout.jp
X-SO-IP: 31.204.145.172

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3845
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=45157b7c-f5c2-4b2e-b2d0-696f885df62b

42 B
450 B

2ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=45157b7c-f5c2-4b2e-b2d0-696f885df62b
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:13 GMT
cache-control: no-store, no-cache, private
x-lat: ty6pug009:0:582
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=45157b7c-f5c2-4b2e-b2d0-696f885df62b
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3845
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=6&t=pixel&ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=433&user_id=de1ev5kh8odj&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c89f6b2a-3d3c-4b32-b017-439443a29597&gdpr=&gdpr_consent=&gdpr_pd=

1 B
182 B

4ms
3ms

Image
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c89f6b2a-3d3c-4b32-b017-439443a29597&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:13 GMT
cache-control: no-store, no-cache, private
x-lat: ty6pug004:0:1160
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c89f6b2a-3d3c-4b32-b017-439443a29597&gdpr=&gdpr_consent=&gdpr_pd=
Date: Tue, 01 Feb 2022 13:08:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3845
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1545880462870164815&gdpr=0&gdpr_consent=

42 B
539 B

3ms
3ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1545880462870164815&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 08:21:06 GMT
cache-control: no-store, no-cache, private
x-lat: ty6pug011:0:365
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:13 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 45ced277-73cc-4b7b-ada0-57d1f56b23ae
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1545880462870164815&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3845 43 B
987 B 237ms
84ms Image
image/gif 2406:da18:929:5a01:c333:e796:2dd0:7cd2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2406:da18:929:5a01:c333:e796:2dd0:7cd2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:13 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 3845
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ItQd4ZhE2uVF.Qmncb63DJiXchHw0AI-~A&gdpr=0&gdpr_consent=

0
260 B

9ms
3ms

Image
text/plain

103.231.99.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ItQd4ZhE2uVF.Qmncb63DJiXchHw0AI-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Server: 103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:12 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ItQd4ZhE2uVF.Qmncb63DJiXchHw0AI-~A&gdpr=0&gdpr_consent=
date: Tue, 01 Feb 2022 13:08:13 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3845
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2395648763423468357

42 B
235 B

3ms
3ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2395648763423468357
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 08:11:24 GMT
cache-control: no-store, no-cache, private
x-lat: ty6pug013:0:1252
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:13 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2395648763423468357
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 3845
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3751787958688288976&gdpr=0&gdpr_consent=&us_privacy=

1 B
187 B

3ms
3ms

Image
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3751787958688288976&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:13 GMT
cache-control: no-store, no-cache, private
x-lat: ty6pug009:0:752
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3751787958688288976&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 01 Feb 2022 13:08:12 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H/1.1 204
No Content bsevent.gif
rtbc-ae1.doubleverify.com/ Frame D1B1 0
305 B 79ms
72ms Ping
text/plain 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ae1.doubleverify.com/bsevent.gif?impid=887bb194f5704581aa39d2e6f9fbc436&nav_pltfrm=Linux%20x86_64&cbust=1643720893493593
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:13 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 01/31/2022 13:08:13

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 8CFE 131 KB
34 KB 1258ms
549ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 8a6de9b4f117791b82a863258d8c3d5c5031a9010e62f9096db2b644a04cff4c

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:14 GMT
content-encoding: br
last-modified: Tue, 01 Feb 2022 11:16:29 GMT
server: nginx
etag: W/"30032986c3fde5b5fcec72d8228769e3"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 8D7D 131 KB
34 KB 1253ms
550ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 8a6de9b4f117791b82a863258d8c3d5c5031a9010e62f9096db2b644a04cff4c

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:14 GMT
content-encoding: br
last-modified: Tue, 01 Feb 2022 11:16:29 GMT
server: nginx
etag: W/"30032986c3fde5b5fcec72d8228769e3"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 11D1 131 KB
34 KB 1251ms
550ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 8a6de9b4f117791b82a863258d8c3d5c5031a9010e62f9096db2b644a04cff4c

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:14 GMT
content-encoding: br
last-modified: Tue, 01 Feb 2022 11:16:29 GMT
server: nginx
etag: W/"30032986c3fde5b5fcec72d8228769e3"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 4125 0
0 91ms
85ms Document
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://cdn.connectad.io/

Response headers

date: Tue, 01 Feb 2022 13:08:13 GMT
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d6b6840db367827-NRT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 464ms
155ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 867
date: Tue, 01 Feb 2022 13:08:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 06FE 0
733 B 75ms
74ms Script
text/html 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:14 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 91956362-f7ce-40cf-8f7f-e4c7dfeb9064
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A756 0
733 B 78ms
78ms Script
text/html 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:14 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 9f799023-6473-43cb-9022-961606e3e2cd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3CD6 0
733 B 75ms
75ms Script
text/html 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:14 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 0ed31575-b955-4bbf-852d-14bec93f8b25
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 01E6 0
733 B 74ms
74ms Script
text/html 103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:14 GMT
X-Proxy-Origin: 31.204.145.172; 31.204.145.172; 598.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: 78774ed7-0fc0-4c31-8a79-0ac42b7d5d5e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 5189 131 KB
34 KB 898ms
897ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 8a6de9b4f117791b82a863258d8c3d5c5031a9010e62f9096db2b644a04cff4c

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:14 GMT
content-encoding: br
last-modified: Tue, 01 Feb 2022 11:16:29 GMT
server: nginx
etag: W/"30032986c3fde5b5fcec72d8228769e3"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H3 204 1
sync-eu.connectad.io/syncer/ Frame B41F 0
0 98ms
91ms Document
text/plain 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://cdn.connectad.io/

Response headers

date: Tue, 01 Feb 2022 13:08:14 GMT
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d6b68463b55208f-NRT

POST
H/1.1 204
No Content event.png
tpsc-ae1.doubleverify.com/ Frame E2F4 0
305 B 72ms
72ms Ping
text/plain 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ae1.doubleverify.com/event.png?impid=e9371e26880f4f3c843b52e448c491cc&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=608&eoid=8&msrjs=2105&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=0&tetms=8&msltms=7&vltms=608&sei=289&vetms=17&engms=1&engisel=1&ttfurm=2650&cbust=1643720894507182
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2105.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:14 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 01/31/2022 13:08:14

GET
H2 200 MzE2NTg4YhskUDhnSE9vDmcIbDcXXBIJMVZseEVrb0BnbRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RC... Show response
www.wp.pl/ Frame A085 79 KB
20 KB 1083ms
546ms Document
text/html 212.77.98.9

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wp.pl/MzE2NTg4YhskUDhnSE9vDmcIbDcXXBIJMVZseEVrb0BnbRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELRRhvD2cIbHsQRCcJKVssew9BL1QtRiM4RUk
Requested by: Host: std.wpcdn.pl
URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.9 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 37f299a768428a21bda6fc09454983d2abea4ab04f2b107e92a84b70a3dab13d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ssp.wp.pl/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:16 GMT
content-type: text/html
last-modified: Tue, 01 Feb 2022 11:16:26 GMT
x-rgw-object-type: Normal
etag: W/"cb47062ca564925478d4af19c289b301"
cache-control: max-age=900,stale-while-revalidate=86400
content-encoding: br
timing-allow-origin: *
x-robots-tag: noindex,nofollow
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect, sec-ch-ua, sec-ch-ua-platform, sec-ch-ua-mobile, sec-ch-ua-full-version-list, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-model
accept-ch-lifetime: 604800
x-op-id-all: 5a1s

GET
H2 200 MzE2NTg4YhskUDhnSE9vDmcIbDcXXBIJMVZseEVrb0BnbRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RC... Show response
www.wp.pl/ Frame 1BDA 79 KB
20 KB 1239ms
707ms Document
text/html 212.77.98.9

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wp.pl/MzE2NTg4YhskUDhnSE9vDmcIbDcXXBIJMVZseEVrb0BnbRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELRRhvD2cIbHsQRCcJKVssew9BL1QtRiM4RUk
Requested by: Host: std.wpcdn.pl
URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.9 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 37f299a768428a21bda6fc09454983d2abea4ab04f2b107e92a84b70a3dab13d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ssp.wp.pl/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:16 GMT
content-type: text/html
last-modified: Tue, 01 Feb 2022 11:16:26 GMT
x-rgw-object-type: Normal
etag: W/"cb47062ca564925478d4af19c289b301"
cache-control: max-age=900,stale-while-revalidate=86400
content-encoding: br
timing-allow-origin: *
x-robots-tag: noindex,nofollow
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect, sec-ch-ua, sec-ch-ua-platform, sec-ch-ua-mobile, sec-ch-ua-full-version-list, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-model
accept-ch-lifetime: 604800
x-op-id-all: 5a1s

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 3845 0
128 B 4ms
3ms Script
text/plain 103.231.99.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=160120&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:14 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 MzE2NTg4YhskUDhnSE9vDmcIbDcXXBIJMVZseEVrb0BnbRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RC... Show response
www.wp.pl/ Frame ED7E 79 KB
20 KB 1337ms
879ms Document
text/html 212.77.98.9

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wp.pl/MzE2NTg4YhskUDhnSE9vDmcIbDcXXBIJMVZseEVrb0BnbRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELRRhvD2cIbHsQRCcJKVssew9BL1QtRiM4RUk
Requested by: Host: std.wpcdn.pl
URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.9 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 37f299a768428a21bda6fc09454983d2abea4ab04f2b107e92a84b70a3dab13d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ssp.wp.pl/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:16 GMT
content-type: text/html
last-modified: Tue, 01 Feb 2022 11:16:26 GMT
x-rgw-object-type: Normal
etag: W/"cb47062ca564925478d4af19c289b301"
cache-control: max-age=900,stale-while-revalidate=86400
content-encoding: br
timing-allow-origin: *
x-robots-tag: noindex,nofollow
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect, sec-ch-ua, sec-ch-ua-platform, sec-ch-ua-mobile, sec-ch-ua-full-version-list, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-model
accept-ch-lifetime: 604800
x-op-id-all: 5a1s

GET
H2 200 MzE2NTg4YhskUDhnSE9vDmcIbDcXXBIJMVZseEVrb0BnbRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RC... Show response
www.wp.pl/ Frame 99BE 79 KB
20 KB 1385ms
988ms Document
text/html 212.77.98.9

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wp.pl/MzE2NTg4YhskUDhnSE9vDmcIbDcXXBIJMVZseEVrb0BnbRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELOGsSJRptEQs4axIlGm0RCzhrEiUabRELRRhvD2cIbHsQRCcJKVssew9BL1QtRiM4RUk
Requested by: Host: std.wpcdn.pl
URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.9 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 37f299a768428a21bda6fc09454983d2abea4ab04f2b107e92a84b70a3dab13d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ssp.wp.pl/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:16 GMT
content-type: text/html
last-modified: Tue, 01 Feb 2022 11:16:26 GMT
x-rgw-object-type: Normal
etag: W/"cb47062ca564925478d4af19c289b301"
cache-control: max-age=900,stale-while-revalidate=86400
content-encoding: br
timing-allow-origin: *
x-robots-tag: noindex,nofollow
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect, sec-ch-ua, sec-ch-ua-platform, sec-ch-ua-mobile, sec-ch-ua-full-version-list, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-model
accept-ch-lifetime: 604800
x-op-id-all: 5a1s

POST
H/1.1 204
No Content event.png
tpsc-ae1.doubleverify.com/ Frame E2F4 0
305 B 72ms
71ms Ping
text/plain 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ae1.doubleverify.com/event.png?impid=e9371e26880f4f3c843b52e448c491cc&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=10&ismms=41&isumms=40&isvelg=1&nvr=6&isgmmims=41&isgmv4mims=41&elmtp=6&isbxdms=2741&b0=100&b11=2728&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2828&sftb=2828&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1041&isuiabvms=1041&isgmpims=149&isgmv4dpims=1041&ispmxpms=1041&engalms=40&dvp_dpr=1&cbust=1643720895504924
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2105.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
Pragma: no-cache
Date: Tue, 01 Feb 2022 13:08:15 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 01/31/2022 13:08:15

GET
DATA 200
OK truncated
/ 626 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a77319d6ab3cf3a1c4a4a5ba4e6c5b3ccf689c5269ddb896b93b2393b93d319c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 4692 1 KB
2 KB 3ms
3ms Script
text/html 103.231.99.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20848158&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.78 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ef5828326657872c73697803fbd5c610d5138a03751bf5e31e1b66c0f036a620

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1470
content-type: text/html; charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1804 47 B
167 B 2ms
2ms Script
text/html 103.231.99.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10989688&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.78 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 47
content-type: text/html; charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5D3B 47 B
167 B 2ms
2ms Script
text/html 103.231.99.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74420332&p=160120&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.78 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:15 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 47
content-type: text/html; charset=UTF-8

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 1587
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2ee0a43b-2fa2-4db6-8601-3188d4d380b7-tuct8f2b640&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
148 B

97ms
72ms

Document
text/plain

151.101.65.44

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2ee0a43b-2fa2-4db6-8601-3188d4d380b7-tuct8f2b640&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Tue, 01 Feb 2022 13:08:16 GMT
via: 1.1 varnish
x-served-by: cache-itm18838-ITM
x-cache: MISS
x-cache-hits: 0
x-timer: S1643720896.488479,VS0,VE63
content-length: 0

Redirect headers

server: nginx
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2ee0a43b-2fa2-4db6-8601-3188d4d380b7-tuct8f2b640&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Tue, 01 Feb 2022 13:08:16 GMT
via: 1.1 varnish
x-served-by: cache-hnd18742-HND
x-cache: MISS
x-cache-hits: 0
x-timer: S1643720896.388422,VS0,VE71
x-vcl-time-ms: 71
content-length: 0

GET
H2 200 cm Show response
docker.creative-serving.com/ Frame 46B7 43 B
266 B 84ms
76ms Document
image/gif 35.213.11.27

General

Check archive.org

Show headers Download Go to

Full URL: https://docker.creative-serving.com/cm
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.11.27 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif
date: Tue, 01 Feb 2022 13:08:16 GMT
via: 1.1 google
alt-svc: clear

GET /
csync.loopme.me/ Frame 8E41 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4C38
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8boIEac11NeSTh5&gdpr=0&gdpr_consent=

42 B
366 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8boIEac11NeSTh5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 08:13:45 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: ty6pug012:0:377
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Tue, 01 Feb 2022 13:08:16 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8boIEac11NeSTh5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-0af8a0ef0a01377d6@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 643D
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:002C1E8793DF4F9595CED7F83FEDBC7B

1 B
166 B

2ms
2ms

Document
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:002C1E8793DF4F9595CED7F83FEDBC7B
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 01 Feb 2022 13:08:16 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: ty6pug004:0:530
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: nginx
date: Tue, 01 Feb 2022 13:08:16 GMT
content-type: text/html
content-length: 138
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:002C1E8793DF4F9595CED7F83FEDBC7B
expires: Mon, 31 Jan 2022 13:08:16 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame 4692 35 B
209 B 13ms
5ms Image
image/gif 18.182.144.2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.182.144.2 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:16 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 4692
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xITOW8GFy1LfjJxRxoKFA8WFnFbf1M1Vy4wIfzEy

42 B
492 B

2ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xITOW8GFy1LfjJxRxoKFA8WFnFbf1M1Vy4wIfzEy
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 13:08:16 GMT
cache-control: no-store, no-cache, private
x-lat: ty6pug002:0:466
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xITOW8GFy1LfjJxRxoKFA8WFnFbf1M1Vy4wIfzEy
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 4692
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5bd59371bfb512b6&is_secure=true&networkId=17100&version=1&nuid=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGpWrOrtvctQMG-cFYAAAAAAA&expiration=1643807296&nuid=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&...

42 B
279 B

2ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGpWrOrtvctQMG-cFYAAAAAAA&expiration=1643807296&nuid=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&is_secure=true&gdpr_consent=&gdpr=0
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 08:13:45 GMT
cache-control: no-store, no-cache, private
x-lat: ty6pug012:0:429
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 13:08:16 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGpWrOrtvctQMG-cFYAAAAAAA&expiration=1643807296&nuid=CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adx.adform.net
URL: https://adx.adform.net/adx/openrtb

Domain: adx.adform.net
URL: https://adx.adform.net/adx/openrtb

Domain: adx.adform.net
URL: https://adx.adform.net/adx/openrtb

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: adx.adform.net
URL: https://adx.adform.net/adx/openrtb

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEBz1LEsMjxbePoEg9VjmHhQ&google_cver=1&google_push=AYg5qPLkjfhVNAK7m6trUZi54-4849OUK6qhwmTEATfxMmF3Kw4GEiNKMj4zDuN8In8as6WYRXPv_xgPlOs-umzPBMSw1LzLNQk

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEBz1LEsMjxbePoEg9VjmHhQ&google_cver=1&google_push=AYg5qPI6QuJTmfhHZPMIbapyzSDYHxdGCsAip4rfEdtRSpo7B2A5I4I6K_cclU5mBBKJ-AFatFegQvMJ9LXenUKYHMIL4UTyJr48

Domain: csync.loopme.me
URL: https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

100 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 00:35:22	Name: __cf_bm Value: hXfYClicjyNoH8DedP.5mpZx5hOmslZroY.NTHMG12I-1643720888-0-AUWZnfiKhGb6S0EVH/8NXJXfwlCWtm1iojwlfrSTKB98VJf2Fc3axJU3qDfCL1dT/Lnt3ccIHSIPqzqoPVPRzJo=
ja.scriptcult.com/	1970-01-20 01:18:32	Name: _pbjs_userid_consent_data Value: 6683316680106290
.g3news.biz/	1970-01-20 01:18:32	Name: uuid Value: 7d5fb60d-a4a5-445f-bff3-6c7ae6e5b8cc
.doubleclick.net/	1970-01-20 18:06:32	Name: IDE Value: AHWqTUkwxn7ia8ngDdXvIwkHF7LFLEdUZwQJT6pJTXhxmWd7rqRiHtIDVqSW1hC0eyw
.scriptcult.com/	1970-01-20 09:20:56	Name: _ym_uid Value: 1643720890410259034
.scriptcult.com/	1970-01-20 09:20:56	Name: _ym_d Value: 1643720890
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: m11aS7lknG85
.yandex.ru/	1970-01-23 16:11:20	Name: yandexuid Value: 9603984341643720890
.yandex.ru/	1970-01-23 16:11:20	Name: yuidss Value: 9603984341643720890
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 562025031643720890
.yandex.ru/	1970-01-23 16:11:20	Name: i Value: eLGrpojwoRZoau+DqY/rPuvu7A07xXbk4vVUYnmp6j9OI4qRc6i2iZL2jTf9ufxtGrb0zDUl36KiwF7w9HXMIjMFj38=
.yandex.ru/	1970-01-20 09:20:56	Name: ymex Value: 1959080890.yrts.1643720890#1959080890.yrtsi.1643720890
.scriptcult.com/	1970-01-20 00:36:32	Name: _ym_isad Value: 2
.c3tag.com/	1970-01-20 17:23:20	Name: C3UID-924 Value: 14340030281643720890
.c3tag.com/	1970-01-20 17:23:20	Name: C3UID Value: 14340030281643720890
.scriptcult.com/	1970-01-20 09:56:56	Name: __gads Value: ID=02a7eb32686ca68a:T=1643720889:S=ALNI_MaxaT0nIuTogzTR1PnQtnakXDExPg
.doubleclick.net/	1970-01-20 00:35:24	Name: DSID Value: NO_DATA
ja.scriptcult.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C1228650%22%3A%7B%22page%22%3A1%2C%22time%22%3A1643720890737%7D%2C%22C1228643%22%3A%7B%22page%22%3A1%2C%22time%22%3A1643720890733%7D%2C%22C1228642%22%3A%7B%22page%22%3A1%2C%22time%22%3A1643720890760%7D%2C%22C1228644%22%3A%7B%22page%22%3A1%2C%22time%22%3A1643720890884%7D%7D
.casalemedia.com/	1970-01-20 02:44:56	Name: CMPS Value: 849
.casalemedia.com/	1970-01-20 02:44:56	Name: CMPRO Value: 901
.casalemedia.com/	1970-01-20 00:36:47	Name: CMST Value: Yfkwu2H5MLsA
.casalemedia.com/	1970-01-20 09:20:56	Name: CMRUM3 Value: 2d61f930bb2760CAESEO-2inaPLIUASKbIaRYx4t8
.sharethrough.com/	1970-01-20 09:20:56	Name: stx_user_id Value: 394c3f68-8159-41bf-88ea-35d2bb2e3753
.bidswitch.net/	1970-01-20 09:20:56	Name: tuuid Value: c89f6b2a-3d3c-4b32-b017-439443a29597
.bidswitch.net/	1970-01-20 09:20:56	Name: c Value: 1643720891
.bidswitch.net/	1970-01-20 09:20:56	Name: tuuid_lu Value: 1643720891
.casalemedia.com/	1970-01-20 09:20:56	Name: CMID Value: Yfkwu2fl3PxGqu07POLeygAA
.simpli.fi/	1970-01-20 09:22:23	Name: suid Value: 002C1E8793DF4F9595CED7F83FEDBC7B
.smartadserver.com/	1970-01-20 10:05:35	Name: pid Value: 6411654924962190354
.w55c.net/	1970-01-20 10:01:16	Name: wfivefivec Value: 8boIEac11NeSTh5
.w55c.net/	1970-01-20 01:18:32	Name: matchgoogle Value: 5
.tribalfusion.com/	1970-01-20 02:44:56	Name: ANON_ID Value: aWnseFujieFo7YxU36hXFWWaYOZd369ZbKXqUqUmnGCv4fXZdYTnqIdsrCZaJedLIx9awngv3T1lcZaPO6AgtYwfB
.send.microad.jp/	1970-01-20 02:44:56	Name: TR Value: 030dc60660e4b66d35d9968cac727a19
.zemanta.com/	1970-01-20 09:20:56	Name: zuid Value: 1SGMwCij6ecPHg1jwgeW
.openx.net/	1970-01-20 09:20:56	Name: i Value: 3c61671a-f963-4cdd-9648-1d07990996b2\|1643720891
.reemo-ad.jp/	1970-01-20 18:06:32	Name: deviceIdentifier Value: gJqOhbLEpcSAiVEVDyhYEXosrlrcVaSa
.reemo-ad.jp/	1970-01-20 00:56:56	Name: sync_gadx Value: 1
pool.admedo.com/	1970-01-20 09:20:56	Name: tuuid Value: bead4f3d-f9a9-47c1-b203-4e0ad642e357
pool.admedo.com/	1970-01-20 09:20:56	Name: c Value: 1643720892
pool.admedo.com/	1970-01-20 09:20:56	Name: tuuid_lu Value: 1643720892
.mathtag.com/	1970-01-20 10:01:16	Name: uuid Value: fc9161f9-30bc-4000-aa72-1d8cc0cb5042
.mathtag.com/	1970-01-20 01:18:32	Name: mt_mop Value: 4:1643720892
.dotomi.com/	1970-01-20 00:35:20	Name: DotomiTest Value: 52d6a9bf090212b7
sync.srv.stackadapt.com/	1970-01-20 09:20:56	Name: sa-user-id Value: s%3A0-2d525319-8545-4d5c-7f7a-0ecc3e9440be.7AhRjNpWP4bC%2BU%2Bxb%2F31SHuyM1TGX%2FfV776wyHO5038
.srv.stackadapt.com/	1970-01-20 09:20:56	Name: sa-user-id-v2 Value: s%3A0-2d525319-8545-4d5c-7f7a-0ecc3e9440be%24ip%2431.204.145.172.eJzxZC%2FL9gYiuHZxmFCsFxQwB5N69bnGZqlnvxXCO6o
.id5-sync.com/	1970-01-20 00:35:21	Name: cf Value:
.id5-sync.com/	1970-01-20 00:35:21	Name: cip Value:
.id5-sync.com/	1970-01-20 00:35:21	Name: cnac Value:
.id5-sync.com/	1970-01-20 00:35:21	Name: car Value:
.id5-sync.com/	1970-01-20 00:35:21	Name: gdpr Value:
.id5-sync.com/	1970-01-20 00:35:21	Name: callback Value:
.pubmatic.com/	1970-01-20 02:44:56	Name: KADUSERCOOKIE Value: CC1F25C3-B90D-4A3D-8C20-8BE2ACD7081C
.pubmatic.com/	1970-01-20 02:44:56	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 00:36:47	Name: pi Value: 160120:2
.pubmatic.com/	1970-01-20 02:44:56	Name: DPSync3 Value: 1644883200%3A201_226
.pubmatic.com/	1970-01-20 02:44:56	Name: SyncRTB3 Value: 1644883200%3A21_202_107_207_96_76_7_71_54_3_22_56_13_217_179_209%7C1644537600%3A63%7C1644278400%3A223_2%7C1644969600%3A35
.uncn.jp/	1970-01-20 09:20:56	Name: t Value: v_0d1157bf-e783-42b6-a79f-e7143a8cafdb
.adsrvr.org/	1970-01-20 09:20:56	Name: TDID Value: 45157b7c-f5c2-4b2e-b2d0-696f885df62b
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_1201 Value: 23170-v_0d1157bf-e783-42b6-a79f-e7143a8cafdb
.pubmatic.com/	1970-01-20 02:44:56	Name: PUBMDCID Value: 6
.adtdp.com/	1970-01-20 18:06:32	Name: uid Value: ba78c588-b8ed-41a0-a060-d54e09d2c2ce
.adtdp.com/	1970-01-20 18:06:32	Name: pr Value: ame
.adsrvr.org/	1970-01-20 09:20:56	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwi49IH6veOyOhAFGAUgASgCMgsIqP32ptTjsjoQBTgB
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_1123 Value: 23102-ba78c588-b8ed-41a0-a060-d54e09d2c2ce
.ladsp.com/	1970-01-20 00:35:24	Name: cr Value: 1
.ad-m.asia/	1970-01-20 18:06:32	Name: uid Value: 1PRPI2Fq7pU
.analytics.yahoo.com/	1970-01-20 09:22:23	Name: IDSYNC Value: 18z8~22zp
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_377 Value: 6810-45157b7c-f5c2-4b2e-b2d0-696f885df62b&KRTB&22918-45157b7c-f5c2-4b2e-b2d0-696f885df62b&KRTB&23031-45157b7c-f5c2-4b2e-b2d0-696f885df62b
.ladsp.com/	1970-01-20 18:06:32	Name: smn_uid Value: WLQvV3Zk16iVsfBGkixRdQ46hr-MZV0
.ladsp.com/	1970-01-20 18:06:32	Name: lum Value: CODHmavrLxIFCAoQ4BI
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_629 Value: 11487-AYhGs8KrJkzFks8ADjqGv4xlXc8AAAF-tWZj4A
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_27 Value: 16735-uid:fc9161f9-30bc-4000-aa72-1d8cc0cb5042&KRTB&16736-uid:fc9161f9-30bc-4000-aa72-1d8cc0cb5042&KRTB&23019-uid:fc9161f9-30bc-4000-aa72-1d8cc0cb5042&KRTB&23208-uid:fc9161f9-30bc-4000-aa72-1d8cc0cb5042
.ctnsnet.com/	1970-01-20 09:20:56	Name: cid_93ce53f86e354fcf9a42fa8e89d53a80 Value: 1
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_1159 Value: 23138-93ce53f86e354fcf9a42fa8e89d53a80&KRTB&23328-93ce53f86e354fcf9a42fa8e89d53a80
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_80 Value: 22987-CAESEHOXHwlImJ8pwTq0Rni-Qwo&KRTB&16514-CAESEHOXHwlImJ8pwTq0Rni-Qwo&KRTB&23025-CAESEHOXHwlImJ8pwTq0Rni-Qwo
.admatrix.jp/	1970-01-21 00:35:20	Name: uid Value: 23ad82d8-b417-4d2d-b8b5-a4545c6d6f2c
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_943 Value: 19522-9s5r2FmssoO
.turn.com/	1970-01-20 04:54:32	Name: uid Value: 3751787958688288976
.adform.net/	1970-01-20 01:15:40	Name: C Value: 1
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_22 Value: 14911-3751787958688288976
.adform.net/	1970-01-20 02:01:44	Name: uid Value: 2395648763423468357
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_391 Value: 22924-2395648763423468357&KRTB&23263-2395648763423468357
.everesttech.net/	1970-01-20 09:20:56	Name: everest_g_v2 Value: g_surferid~YfkwvQAC8BSvhABB
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_218 Value: 4056-YfkwvQAC8BSvhABB&KRTB&22978-YfkwvQAC8BSvhABB&KRTB&23194-YfkwvQAC8BSvhABB&KRTB&23209-YfkwvQAC8BSvhABB
.c.appier.net/	1970-01-20 09:20:56	Name: _auid Value: YqUApL0xCzKl729dvTD5YQ
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_57 Value: 22776-1545880462870164815&KRTB&23339-1545880462870164815
.adnxs.com/	1970-01-20 02:44:56	Name: uuid2 Value: 1966848825443840647
.yahoo.com/	1970-01-20 09:21:18	Name: A3 Value: d=AQABBL0w-WECEDrn9B6eyB-DXSCItZQbLskFEgEBAQGC-mEDYgAAAAAA_eMAAA&S=AQAAAtoZz-8X7JGen6HAso6z8v8
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_904 Value: 16787-YqUApL0xCzKl729dvTD5YQ&KRTB&23130-YqUApL0xCzKl729dvTD5YQ
.pubmatic.com/	1970-01-20 01:18:32	Name: PugT Value: 1643720893
.gammaplatform.com/	1970-01-20 18:06:32	Name: _aCMR_6 Value: 5
.gammaplatform.com/	1970-01-20 00:36:47	Name: _aGeoIp Value: PH\|Mansilingan
.gammaplatform.com/	1970-01-20 18:06:32	Name: _aUID Value: de1ev5kh8odj
.socdm.com/	1970-01-20 18:06:32	Name: SOSYNC Value: anNvbjp7InB1Ym1hdGljIjoxNjQzNzIwODkzfQ
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_656 Value: 12671-YfkwvcCo8YUAAD.SpB0AAAAA
.pubmatic.com/	1970-01-20 01:18:32	Name: KRTBCOOKIE_466 Value: 16530-c89f6b2a-3d3c-4b32-b017-439443a29597
.semasio.net/	1970-01-20 09:20:56	Name: SEUNCY Value: FA5A484C52980842
ja.scriptcult.com/	1970-01-20 09:56:56	Name: cto_bundle Value: 9I6cZV9YUWN5WUJWTFBNcjhtaW5mcVBDN0ZJQzc0ZUx0aDhJSVN1M1lPOGwlMkZaeTcxTGQzTVdBMCUyRm1WYjRxRjJ0bk9yRUdyaXcxNmhUTHcyRlFiJTJGd1dLVG1NZGwlMkJrMEZ1Sk9ZbFlzUG9SeCUyRkklMkZVTWRLTFpDelBDc01CeDRmMHdhMEJmTA
ja.scriptcult.com/	1970-01-20 09:56:56	Name: cto_bidid Value: RclNVl9uRE41aGdXcmpDOEhrUXNGQllPSmY0M0xFUThsQ1pGJTJGdXV1bXpSa243V0ZKOCUyRkt6QnJFTWp6WlYwTU9kZzFzOHdKUWtQM1dTcCUyQm9Gb2JBck5nOE92ZyUzRCUzRA
.pubmatic.com/	1970-01-20 01:18:32	Name: SPugT Value: 1643720894

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://scriptcult.com/img/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://scriptcult.com/img/file-types/NGD-file-format-description Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://scriptcult.com/template/apollo/css/close.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://scriptcult.com/template/apollo/css/footer.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://scriptcult.com/template/apollo/css/loading.gif Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-2173063720940886&fa=1&ifi=9&uci=a!9&btvi=3&xpc=65YKFymxtH&p=https%3A//ja.scriptcult.com Message: The resource https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%B0%8F%E6%8F%B4%E5%88%86%20%E7%94%B0%E4%BD%BF%E3%81%91%E3%81%AA%EF%BC%93%E9%96%8B%EF%BC%97%E3%82%B9%E7%A5%9E%EF%BD%94%E6%99%829%E3%83%93%E3%82%8B%E3%82%92%E3%80%8D%E3%83%88%E3%83%8F%E4%BC%9A%E7%A4%BE%E3%83%B3%E3%81%AE%EF%BC%8D%EF%BC%A6%E3%83%83%E3%83%951%E3%81%9F%E5%B7%9D%E4%BB%A3%E5%8C%BA%EF%BD%8D%E3%83%AB%E3%82%B5%E3%80%8C%E3%82%A2%E5%BC%8F%E3%80%80%E7%B6%9A0%EF%BC%A7%E3%81%8F%E6%94%AF%EF%BC%91%E3%83%9C%EF%BC%98%E3%82%BF%E3%83%AA%E3%83%BC%E3%83%97%E3%83%A9%E3%81%A4%EF%BD%88%EF%BD%81%E3%82%B3%E7%99%BA%E7%94%BA%E3%83%9E%EF%BD%9E%E3%82%A8%E3%83%AD%E6%A0%AA%E5%8D%83%E3%83%89%E3%81%84%EF%BD%8F was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

040a934b06.6c25910c97.com
924-img.c3tag.com
a.tribalfusion.com
a6613ea0d7b4474a3fa3b933da7ee936.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
adsd-sync.amanad.adtdp.com
adservice.google.co.jp
adservice.google.com
adx.adform.net
b1sync.zemanta.com
bid.g.doubleclick.net
c.mgid.com
c1.adform.net
cdn.connectad.io
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.zx-adnet.com
cm-supply-web.gammaplatform.com
cm.g.doubleclick.net
cm.mgid.com
cr-p10.ladsp.jp
cr-pall.ladsp.com
cst.cstwpush.com
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
docker.creative-serving.com
dps.jp.cinarra.com
ds.uncn.jp
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
g3news.biz
get.optad360.io
gocm.c.appier.net
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.connectad.io
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
ja.scriptcult.com
js.wpadmngr.com
jsc.mgid.com
match.adsrvr.org
match.sharethrough.com
match.taboola.com
mc.yandex.ru
mug.criteo.com
na.nawpush.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
pubmatic-match.dotomi.com
rtb.gumgum.com
rtb.openx.net
rtb0.doubleverify.com
rtb2-useast.torchad.com
rtbc-ae1.doubleverify.com
s-cs.send.microad.jp
s-img.mgid.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
scriptcult.com
securepubads.g.doubleclick.net
servicer.mgid.com
serving.stat-rock.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.wp.pl
static.doubleclick.net
std.wpcdn.pl
sync-dsp.ad-m.asia
sync-eu.connectad.io
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.dsp.reemo-ad.jp
sync.inmobi.com
sync.mathtag.com
sync.srv.stackadapt.com
tg.socdm.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
trc.taboola.com
uip.semasio.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
v9999.adv.admeme.net
web.hb.ad.cpe.dotomi.com
widget.eu.criteo.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.wp.pl
x.bidswitch.net
y.one.impact-ad.jp
adx.adform.net
csync.loopme.me
google2waycm.netmng.com
hbopenbid.pubmatic.com
103.229.206.241
103.231.99.77
103.231.99.78
103.231.99.80
103.231.99.81
103.43.90.54
104.19.132.78
104.19.133.78
119.9.108.211
124.146.215.49
13.228.220.78
142.251.42.130
142.251.42.194
142.251.8.154
144.76.120.254
147.75.38.124
150.95.47.225
151.101.1.195
151.101.194.49
151.101.65.108
151.101.65.44
161.202.200.114
164.90.194.65
172.104.105.5
172.217.174.102
172.217.174.98
178.250.2.151
18.142.16.108
18.176.220.106
18.178.52.42
18.179.236.28
18.182.144.2
18.65.166.28
18.65.200.18
182.161.74.11
182.161.74.16
185.184.8.65
185.84.60.20
20.72.149.136
2001:df2:a300:bbbb::135
202.131.200.82
202.131.200.84
202.233.84.8
212.77.98.32
212.77.98.9
212.77.99.29
23.51.209.108
23.51.209.187
2404:6800:4004:801::2002
2404:6800:4004:808::2002
2404:6800:4004:80b::2004
2404:6800:4004:80c::2001
2404:6800:4004:80c::2003
2404:6800:4004:812::2002
2404:6800:4004:81c::2001
2404:6800:4004:81e::200a
2404:6800:4004:820::2006
2404:6800:4004:821::200a
2404:6800:4004:822::2002
2404:6800:4004:826::2003
2406:2600:4::b
2406:da18:929:5a01:c333:e796:2dd0:7cd2
2600:140b:400:1a9::4469
2600:9000:221a:3a00:11:a4de:2580:93a1
2600:9000:221a:5c00:1b:5138:8a40:93a1
2604:9e00:1:129::2:a01
2606:4700:10::6816:37ce
2606:4700:10::ac43:8ae
2606:4700:20::681a:8a9
2606:4700:3032::ac43:9286
2606:4700:3035::6815:2196
2606:4700::6810:5914
2606:4700::6812:c05
2620:116:800e:21:747b:e406:75eb:a1e0
2a02:6b8::1:119
2a02:fa8:c411:11::760
2a02:fa8:c411:12::1140
2a04:4e42::300
3.114.93.118
3.115.90.45
3.33.220.150
34.149.43.113
35.186.193.173
35.213.109.249
35.213.11.27
35.213.12.39
35.227.252.103
37.157.4.39
45.133.44.25
51.195.5.231
51.79.234.101
52.220.229.2
54.199.19.64
54.81.207.173
64.202.112.255
66.180.64.123
77.243.60.138
8.214.127.238
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
0303da5adef51f3894a450c2a06422cdb82c4270d52d84a5482a459199199148
04b23eda3fd11ef1102a8b23dc27dcc11b7155dd99494caff37b7a52febffa85
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
097c924417eb32b9a490e73bff883aab54569e382ae7b6c5fe869d35d43ba180
0afcb6112a6d30cc9b084d7342fd755f00f92424e2d46e142d75837860e7fe91
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba471b28a3d52b82ecae3336fc2f77bc2f82534dbd01a1b5d36f2540f6c5f8a
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e1510eb3810dff89be65f6853b303116b435ff17420f1553182b8cc94d961ce
0ee23bf0f9d8f56ce243df1dd3c2635ce8fe793dce67a04a8d21896a9511907d
12615c597206679a2abc11ddb75ae8d737a69bdb952c152bcec22485ae31e920
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1304c992046f6a4773f544a165212c5e5aaba0ae04842553415efd8ac32a2174
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
153aaeee7047ca29fe9975c724d3462366e42695067cdda7d36bed217fd69022
1624b2d7163174f65543633f1a26d5b8f09e3161e72cac2ed889d5baf33de4e5
1634419093035de0aa3c68aa76c321615a66e7288eb69bf9b2face04f17d6dce
1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19782d49060ec7fe054ca14078fa641c8b482a91de024a370fa06cfbb53316f6
1afb7470999e7042ed6d937973232a0116a8b2967c936cc37aff91be89435558
1b1663d3ec18352f3af0d8915bc67b84bffef9bce44a68ecf379a164e6445a27
1b5fb211d28a4781b339cfded0f5bb2dcc357d003430aedc7e1f771c5f2abea5
1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4
1e64b2e7bfaa97b035c4f71b1d3b62bdd9d51793c15d45aa2db501c0cbe9e6e3
1fc90a59d26496119579e9c5f5237796319b4a49866b7191c58cc6000b2a7395
2023cf3891d4b1a19f8e9e2aeeca8ba81b7efcf0f42d0361f1840909edf09ad9
211e9944e7f15969966bccd49dfee2b3b65eb34a3cd81c3bee8ed50d50fe5035
2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
21bb1ee10e2a86ee0b074fd756543fc1aaaf25211f3dcb0b2baa9613b2abae73
22e4198b73c21bb8594b6b0c38276bfcd2e8c23c55349bc5e700d8c5441023d0
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
294a147ea4fabbb8fed4be06979a27049028f92cbbf4de5853af64be8becbb63
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2c387a5e5628098cca7b9fe8d92204a7048f3e10cdf93c7e8639d99ea5e11e1c
2d55535e4046bdd05bf8b17e33d875f2057e8069dbe1711258e13fddceda1edf
2e08135fdd29ce74463d240b770aea46162646be5496a413f8d1c22c7d65fbd5
2ea3af3446074fb29dc8117c2f5e40e38443ad50d7016fe0e20d54d0774ab209
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
303c31e35f989342766fceb81b3fc07a4efc89d7a7a160687dd1300e07dbf65f
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3697226791c6fcad0dcde1c142b05c5f00a1586e06961f9061462c1a011834e5
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37f299a768428a21bda6fc09454983d2abea4ab04f2b107e92a84b70a3dab13d
3ac5db13ca04953963136be845eb504500417bff716a12a02621a55a0c565bf0
3c8a91e5a00d716076418f2c40180d2de1c8e25bf77cc0e89bf2c4d94ed6003b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3da28eab8c8e7dfd582334ac0e8cdc8767e648a281874119b2259ee150774788
3e9b4af3934e5c578ad616bc1f75c80bae0ac11e99e19d975e5f473f52aedffa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edfaa75558e93756874357f71bc329c3a97c36d5e92e347251e195742ba0a79
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4566d4dd98e8b394b3a413f7c34f9650c02f9f01196da9d332fc30ae1461a475
46ee49d1e4a0e1881fa9f760097fe822b9124c3bf388b84724c8b37500ffff13
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c76d7c98d22bc600af5f8a8798fd81d3a5ad820c2ef9cf4f32388cf1eed19b7
4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d62f67d42cac70a07ae20c3a44e6e1d30c0f0a76870b676b2d25c9045f57a44
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efac6221aec4856fc727a6d78317aade65bfe7c4db3513fd1b4a39e96874da6
4f380d8483d71874b239a03dde1aad9c674fb93d9b5d1fc32def059b8713e131
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d9c23f2a735d6fda0717c9e91a26bc1e22a5c8606a75901b23db9da3fb63b4
5149e1b21dd274a72ffd7008fe706186535f8770b2884cfaec9f94aa05a49b22
51de53ac835a3e11b545be8454c808f1b4a655b1681b02b1db6b87f44ebf4257
51fa72d0a472d4e3650387ebcd857ab03ab8c476e4ff0a0339e65d8229a57496
541bd46059c2b8987999b59ba85e695f38663ba0c3457f15d4b63ec710f06216
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551a970dcd88f5f3fb322111523dbd53debd6b59597f3dcfaa58f06b4a14b90f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b08ac747dff21149d1f83ed629ab28d7fa8290833c53aee519296b0455c497
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5810e9010ec0c90d2c849303bfc7dfc5991828faebb63d0d815d4a68edfa16bf
5aeff906bad1ba022b7f876224373be4240c3e42df8ce8ec01025abb5a50cbae
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c874a0cc60c9c017679a1ca4903267d12b8c9b1a7f4507ed39f51d8f4c15892
5df341359097962c4e7305c3143e4a08b5987a38bd1fc42c6a2483ca9878f2ba
5ef9af78f4293d594cf253736d119845dca6fbfbba9c817e13f5e8694404f293
5f4b5c6db74437117ecdf2ff5109b934ccc182812773c3baf8be99a11398ecf9
5f5903a331ea98bea509adddaf1e51900fa9386c0a15ba8bb6df139c16eddf84
60566ed91cbc3841e31c2cd1e334871e6a3c470b16b8bda8a17af6dcede14a9c
6122bf9e5007b16f71ecc2a4190fd65254a47110885951448b1e266ee75b4b85
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b6aab7eeec19d0ddb5947a53b70c945876941624313d9e09b37cfc3d11bb84
65b412ec6b8884a8b30764d914b06ec4ced58c5ef5b0c70d3d2e1debbe2aa569
66031ebb91f1175037b7d89dfc3af1f23cf6b06c8e3ca2d2e4a7d4035910b10d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68df2e56274e0fee3b1539dd6224e6c25b59b9571a45925be1927eff387737f0
6ad72f3c8c1fcfc57196e40e3c6900673ad7a58ec687ee549f15c295710ee9f3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fe753ed066811d0f3f5cd833bca8f539641b96e5b69a07e3297557769be22c0
6fee8b4efec9b0317fa9c53cffbda34f21dace30ad3104e5af3cadf6217fc354
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
72035b0783d3447f297a06e788fdb3b390f1129dabf50c291510a0e37edeb833
73b51db343b611a2b091fd24fc83bc77f8d7cc5c037ff0b8b5f2c20012032248
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7447c1664f6a06328cd895a4914acad40ad47827ebe00becbd570138ff7e785c
751f4630d31b3b83de4591935d83d159560b063a4b12af065b5a0f38912132ab
75fe114c8a4f39d85da09dae2f08b283d73324f609f91c318b389fa513b33c14
76f754050e2c29ed1ee0e170536af6dfb5b48721068bc9fe786633289b024272
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7aa6493adc18fc2292a6d6e25933ca6293e9f18a7dc9af3f0e7a2b8639a4287f
7ae80533b34f2c04a02bfd6d29b50d50a4e4eca885d0e358c4372e66c6d11720
7ef0a36a2bee602270b7c0d200d64646d2cbff4274ee6c86fc0da79f53d6cc95
7f5da66516cf7931e640bda551914bc45ac2e42da640dfa067f2c260b830e7f2
7f80b5282515427aee98b9111bec836addada254253cf678ad2ab0dd88dbc061
83cbba3e8104482b9f015ebdea1b4630354952c3cd2f09131398bfbdd5bfcf62
83e8b4972b51ca93484a7122bed75dd96771d2ca71c5691218f548ed40463b1a
841728de2973d3e50e9297c09e0d465f86e9cdeae8c77afae22f17d2b706216d
859f3a331654cc0a42383e1eb5b72936086b4b04f36acb8a21d51ff12e253059
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
8a6de9b4f117791b82a863258d8c3d5c5031a9010e62f9096db2b644a04cff4c
8ad54a1c4a9e9bb403986b16ade2e42c6c63c16cdf7cad8d46e594dc107efda9
8af1c97faaafd55fef25200ad1c591365b463bde849eef3e6ff877af432140ed
8c4c2d5218ae59888532dcc57a91b6ebc4f189fd259a8abe8ae62cddd5afe106
8c66c0de5bd46d503f8acaa12b491c3a61509e19b2f55cb05ee54743be878542
8d5cbcbbb84d4cb47bbc002c1d7206013d7e9a1add8127451d97d64b39c3a524
8e2f345d8baf1f2f9fbc6d0c1fd4719322d8c9033da644169e3ec6363d4f1b8b
92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1
93abd52e1b2ff8961d4286e061e3f4132b834aebe915230d8f7735c7ad8c6fb9
95140b7c22e6358e209de79b8e47ff1aa1869d1f949157f3b97f732b3cf5959a
953f95177cf9d22c325e2c95b1ad88160975a71ed6ce0454f261aec4b13fe610
96d1dd097c49c53fd703f90ad11d46314436e3bfd18754730f0b9035fc48da6f
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
97f9639ee27e7951f93e6507ab9d203e2d003b72cfc06c6bcaffe3e8687bbc8d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a5e21ff3022c77507476e78acf68eff0b2a6acd98962d76d68e3f414d9dbb8b
9a61e116b3b761378e1846301bfc67bf58c43ab8c3a9b32d147640081affa092
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9f7d0fb526c2ac2af0f6fe8b733b5f3defc1b2325752e6d3808bdf0fb46e1adc
a02302fbd7f869939eeeaadc95a84549885ff57f68c67c1517a6ff05fe7cd5ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a62bf6095986d7440bbf22104ab3179c61723123987e097016da09595b21d4dd
a7285580be75cd3030f88e9965590dbf8cc61ade01a82348b993c8f2a3f1245b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77319d6ab3cf3a1c4a4a5ba4e6c5b3ccf689c5269ddb896b93b2393b93d319c
aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abde463ef27458713d91e9be883fdd389298ef57411b601cab5f66db609c508d
ae5e40faf86ee427a0bc3b4728126b1399796d2928a8b68fc5ac57572cb72a4d
ae70bfc09a2e7edcd7eef2835c5935737c5728e0c69202b8063aae78b6067f3e
af6e28fbccfa7c6a58de5188801218b01dd80c279d1e3b576e109082eef763fc
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18bae2e16647bca7a1913343f21a0217cd053203396ba96cc1093fa51dd648f
b2526a59ed27b7f31039a25587f80500153e42f32cb3fa0432be52b20a87f317
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b528cda7764e7c08fb01f49fe4efac3143914e968303e25acf6c51712cb52a46
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b6bde6bdca87ad63be0e0d377df0a5e2a8b3a914445f809e116560e1ddd38043
b700b83d94ba528b894e13cc9b9fec48a5b0cc72a82e7808bf5bf66d641780ec
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bc48da6fbaa96f8c66ae2e93bf90d3e5dfd415d25ca0f55a194d88864c6de747
bdfb3f0436bf28f56e88a7e8d60c6db1bd32c96fc76765c068222a5455b75038
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be43121aef72ba96e8e2021adc0e291c41b4efc52949fe2b0e47c9d2ce142a9f
be82f69108bad199b0c8a477e0d2d55c8d84206d07f8282dfc0b1976910e76f7
bf3b27e13fa1655736876763c4c3016eee8e3f91688ffab0c4eb003aeb085e2e
c0db0e24c85b3224d2f1831214cd8cef83fd67f71191c1ac9b323995a1a27fe1
c1a738785d0e53635d7bb9f82f3fc5270c5043b72d2a51a02c7934fba5e87098
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99
c367439fde155d94d324699b52d5779b6125c257592875e052249e344ae437dd
c46b1855ad7fb4f62d7a8b93456719b979612ccf63817ea238655d3cf8f96c54
c723ea37dc243b3fc12291f989e16800a6b0460374591354dabbf49a638c5ec2
caa70d48c744f0a63fbd1d1e6de7ff2e24869c0682ceee92b4889d5acbb712bb
cdcddf7bc84e23f5a46a2efc600d1ad3f334338aaa04b3f90146e5f4f7bfc651
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d20c4a1453fbc4e0b963cf7c3a48882373f0776dcdb8a80e53cf7b4bca4e0768
d6e06ff9ddcf7185c1fac856e7a8704ed4c5e39a3a528f4d17b2aff305ca3440
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dbb194de8c5d548d081789a0e5674071c547df1381910c614cf46c073b375b09
df0f6440bfff5ad7ea3b8e6a09007a50337e2e3f579efc30546391b7a7df740a
e0fe3f7193223f065d11b92736dab22c6cc07a90b2931fa55a70a858b4f98b45
e17015d0c998495d78087eec7a8017798a0137a15dc8487adf936e81522dd116
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7e898dc6a3b58d888f116e67c7622ed7ad9e80586b8c835705966628193199d
e86a4aa0e119529bdad329e02cc3bc53ca60e949727a174ca94264cc21290c0f
e893d0f61d61ca1641aa16d4f8048ce11d7d4bc108b7a287574ef9830cc9ada7
e8a258ad32642ae9a98ea58c94c16e2b9c21d2052ec940b148d1231ffda9c0ae
e8f05cc130c1dcf908128f25c1ecbb337df40faaae5063d33544f11008e09fc2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9f18b5f9ed6ffddd86c2f764df72ea0f4aa7fba3f8e41102c81002d421f74ac
ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec8c14e7d3b8fe921d6b3828f352f91264ed37ba859845baa9fb6a6af322d79f
ecdeb0b2751d79c8951811ca225a1c98cd860f650e159d4244c7ae1389ffa7a6
ed15a19a2cefeef11818d71ad1da8593db291dd8261927a70fa8f558a264bf87
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5828326657872c73697803fbd5c610d5138a03751bf5e31e1b66c0f036a620
efdff64f97c822dbbce51be67b8de1e53532143c41b079f193f0fa25ecb13292
f16a4d8efd0604291f81ab7b9c256e100f1cf3fc78fdcf2611fd0ed0c13aafc7
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f1edce9673f55dad03674ee7a6660b852fbf7491546eedeb6132d653f66360c2
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
feaa1eef5e364b26b1989fb6160957c5540d127ad1a28bb904e9b844a82885c8
feae064ef91bc6a35e36eef26569d448695fffa542b0f5d1133087d9f5a6766b
ff8bc26f67bdf777c7b0e60daed9e487adf92550546007faf7c161c7084ec4c4
ffbc717e6984d44c5116b03e9ac4248486d6f93abb7ddf9be5511ab6522bc0a9

ja.scriptcult.com Open in urlscan Pro 2606:4700:3035::6815:2196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

463 Requests

88 %HTTPS

32 %IPv6

77 Domains

118 Subdomains

64 IPs

12 Countries

4859 kBTransfer

11541 kBSize

100 Cookies

66 Outgoing links

Redirected requests

463 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ja.scriptcult.com Open in urlscan Pro
2606:4700:3035::6815:2196 Public Scan

Screenshot
Live screenshot

Full Image

463
Requests

88 %
HTTPS

32 %
IPv6

77
Domains

118
Subdomains

64
IPs

12
Countries

4859 kB
Transfer

11541 kB
Size

100
Cookies

463 HTTP transactions
18 data transactions