iw.scriptcult.com Open in urlscan Pro
2606:4700:3035::6815:2196 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://iw.scriptcult.com/
Submission: On February 11 via manual (February 11th 2021, 1:49:14 pm UTC) from IL

Summary HTTP 142 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 24 domains to perform 142 HTTP transactions. The main IP is 2606:4700:3035::6815:2196, located in United States and belongs to CLOUDFLARENET, US. The main domain is iw.scriptcult.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2020. Valid for: a year.

This is the only time iw.scriptcult.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
57	2606:4700:303... 2606:4700:3035::6815:2196	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	134.209.192.77 134.209.192.77	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:21f... 2600:9000:21f3:4200:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	213.174.135.2 213.174.135.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	18.196.233.38 18.196.233.38	16509 (AMAZON-02) (AMAZON-02)
1	149.5.244.2 149.5.244.2	174 (COGENT-174) (COGENT-174)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	78.140.185.34 78.140.185.34	35415 (WEBZILLA) (WEBZILLA)
2	2606:4700:e2:... 2606:4700:e2::ac40:8620	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
142	24

57 2606:4700:3035::6815:2196 (United States)

ASN13335 (CLOUDFLARENET, US)

iw.scriptcult.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scriptcult.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.192.77 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

qualuru.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:4200:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sw.swwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.233.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

stat.optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.5.244.2 (Helsinki, Finland)

ASN174 (COGENT-174, US)

ymetrica1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

602e180f00a6d35d41c7f334e94429a4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.140.185.34 (Netherlands)

ASN35415 (WEBZILLA, NL)

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8620 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.62 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	scriptcult.com iw.scriptcult.com scriptcult.com	2 MB
24	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 602e180f00a6d35d41c7f334e94429a4.safeframe.googlesyndication.com	265 KB
14	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	178 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	45 KB
5	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com	21 KB
5	ampproject.org cdn.ampproject.org	98 KB
4	stat-rock.com serving.stat-rock.com	95 KB
4	googleapis.com fonts.googleapis.com	3 KB
4	yandex.ru 1 redirects mc.yandex.ru	66 KB
3	googletagservices.com www.googletagservices.com	93 KB
3	google.com 1 redirects adservice.google.com www.google.com	898 B
2	4dex.io script.4dex.io	21 KB
2	optad360.io get.optad360.io	477 KB
2	cloudflare.com cdnjs.cloudflare.com	8 KB
1	adform.net adx.adform.net	450 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	ymetrica1.com ymetrica1.com	372 B
1	consensu.org stat.optad360.mgr.consensu.org	286 B
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	640 B
1	swwpush.com sw.swwpush.com	3 KB
1	nawpush.com na.nawpush.com	297 B
1	cstwpush.com cst.cstwpush.com	40 KB
1	qualuru.biz qualuru.biz	15 KB
142	24

	Domain	Requested by
55	scriptcult.com	iw.scriptcult.com scriptcult.com
15	tpc.googlesyndication.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net iw.scriptcult.com cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	iw.scriptcult.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net iw.scriptcult.com
4	ib.adnxs.com	1 redirects get.optad360.io acdn.adnxs.com
4	serving.stat-rock.com	get.optad360.io
4	fonts.googleapis.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net
4	mc.yandex.ru	1 redirects iw.scriptcult.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	script.4dex.io	get.optad360.io script.4dex.io
2	www.google.com	1 redirects iw.scriptcult.com
2	get.optad360.io	iw.scriptcult.com get.optad360.io
2	cdnjs.cloudflare.com	iw.scriptcult.com
2	iw.scriptcult.com	serving.stat-rock.com
1	acdn.adnxs.com	get.optad360.io
1	adx.adform.net	get.optad360.io
1	602e180f00a6d35d41c7f334e94429a4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	get.optad360.io
1	ymetrica1.com	mc.yandex.ru
1	stat.optad360.mgr.consensu.org	get.optad360.io
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sw.swwpush.com	cst.cstwpush.com
1	na.nawpush.com	cst.cstwpush.com
1	cst.cstwpush.com	iw.scriptcult.com
1	qualuru.biz	iw.scriptcult.com
142	31

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
scriptcult.com
ar.scriptcult.com
cs.scriptcult.com
da.scriptcult.com
el.scriptcult.com
es.scriptcult.com
et.scriptcult.com
fi.scriptcult.com
fr.scriptcult.com
hi.scriptcult.com
hr.scriptcult.com
hu.scriptcult.com
id.scriptcult.com
it.scriptcult.com
ja.scriptcult.com
ko.scriptcult.com
lt.scriptcult.com
lv.scriptcult.com
nl.scriptcult.com
no.scriptcult.com
pl.scriptcult.com
pt.scriptcult.com
ro.scriptcult.com
ru.scriptcult.com
sk.scriptcult.com
sl.scriptcult.com
sr.scriptcult.com
sv.scriptcult.com
th.scriptcult.com
tr.scriptcult.com
uk.scriptcult.com
vi.scriptcult.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-10` - `2021-07-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
qualuru.biz R3	`2020-12-31` - `2021-03-31`	3 months	crt.sh
cstwpush.com R3	`2021-01-22` - `2021-04-22`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
na.nawpush.com R3	`2020-12-23` - `2021-03-23`	3 months	crt.sh
sw.swwpush.com R3	`2020-12-22` - `2021-03-22`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
stat.optad360.mgr.consensu.org R3	`2020-12-06` - `2021-03-06`	3 months	crt.sh
ymetrica.com Yandex CA	`2020-09-29` - `2021-03-23`	6 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
serving.stat-rock.com R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh

This page contains 13 frames:

Primary Page: https://iw.scriptcult.com/
Frame ID: 06799E41FB09BC57935CADC334F9993B
Requests: 96 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html
Frame ID: B72B34B53DC18BE920E8AFC174CAA840
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&adk=1812271804&adf=3025194257&lmt=1613051337&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fiw.scriptcult.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613051337266&bpp=10&bdt=148&idt=249&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5100243476281&frm=20&pv=2&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=265
Frame ID: A06482196E57263D71C37370F8A94F88
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=90&slotname=2664236338&adk=3084258116&adf=2509594431&pi=t.ma~as.2664236338&w=1170&fwrn=4&lmt=1613051337&rafmt=10&psa=0&format=1170x90_0ads_al&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1613051337277&bpp=12&bdt=159&idt=282&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=158&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lJnsJ2nrx8&p=https%3A//iw.scriptcult.com&dtd=289
Frame ID: 91ABAAC2F6A13AB44AE34DA92C1EAB6B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1613051337&psa=0&format=336x280&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&wgl=1&dt=1613051337309&bpp=1&bdt=190&idt=271&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x90_0ads_al&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=798&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2IfS9I1Y9r&p=https%3A//iw.scriptcult.com&dtd=274
Frame ID: D9DB778842F1D559767A66FC272139C2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=2486770818&adf=2888644172&pi=t.ma~as.4250642565&w=336&lmt=1613051337&psa=0&format=336x280&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&wgl=1&dt=1613051337351&bpp=1&bdt=233&idt=243&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x90_0ads_al%2C336x280&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=3749&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3lxNZHgSG4&p=https%3A//iw.scriptcult.com&dtd=246
Frame ID: F6FA05C5DBB8A622F0D8B4F195549822
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=2469204067&pi=t.ma~as.4250642565&w=336&lmt=1613051337&psa=0&format=336x280&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&wgl=1&dt=1613051337352&bpp=1&bdt=234&idt=274&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x90_0ads_al%2C336x280%2C336x280&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=798&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=YhKggdWgFu&p=https%3A//iw.scriptcult.com&dtd=281
Frame ID: 151771480C8A0F5BD5FA1F542E6F9497
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
Frame ID: C7A56B2AD7F4BC98E860DF7D8C26EE5C
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 38B07C3205CB175AF99C1656219635DD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2DF31C36929476CA19C442E3ECD4E8E5
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: E8CE4D008A18D0AB53A3C561F4089284
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: FFC5B6AAFCACD3C83E2B41BD2C6DB77D
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 64B251B8F62B2A1249994088517BEE16
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

142
Requests

100 %
HTTPS

57 %
IPv6

24
Domains

31
Subdomains

24
IPs

7
Countries

3425 kB
Transfer

5729 kB
Size

7
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://scriptcult.com/
Title: scriptcult

Search URL Search Domain Scan URL

URL: https://ar.scriptcult.com/
Title: ar

Search URL Search Domain Scan URL

URL: https://cs.scriptcult.com/
Title: cs

Search URL Search Domain Scan URL

URL: https://da.scriptcult.com/
Title: da

Search URL Search Domain Scan URL

URL: https://el.scriptcult.com/
Title: el

Search URL Search Domain Scan URL

URL: https://es.scriptcult.com/
Title: es

Search URL Search Domain Scan URL

URL: https://et.scriptcult.com/
Title: et

Search URL Search Domain Scan URL

URL: https://fi.scriptcult.com/
Title: fi

Search URL Search Domain Scan URL

URL: https://fr.scriptcult.com/
Title: fr

Search URL Search Domain Scan URL

URL: https://hi.scriptcult.com/
Title: hi

Search URL Search Domain Scan URL

URL: https://hr.scriptcult.com/
Title: hr

Search URL Search Domain Scan URL

URL: https://hu.scriptcult.com/
Title: hu

Search URL Search Domain Scan URL

URL: https://id.scriptcult.com/
Title: id

Search URL Search Domain Scan URL

URL: https://it.scriptcult.com/
Title: it

Search URL Search Domain Scan URL

URL: https://ja.scriptcult.com/
Title: ja

Search URL Search Domain Scan URL

URL: https://ko.scriptcult.com/
Title: ko

Search URL Search Domain Scan URL

URL: https://lt.scriptcult.com/
Title: lt

Search URL Search Domain Scan URL

URL: https://lv.scriptcult.com/
Title: lv

Search URL Search Domain Scan URL

URL: https://nl.scriptcult.com/
Title: nl

Search URL Search Domain Scan URL

URL: https://no.scriptcult.com/
Title: no

Search URL Search Domain Scan URL

URL: https://pl.scriptcult.com/
Title: pl

Search URL Search Domain Scan URL

URL: https://pt.scriptcult.com/
Title: pt

Search URL Search Domain Scan URL

URL: https://ro.scriptcult.com/
Title: ro

Search URL Search Domain Scan URL

URL: https://ru.scriptcult.com/
Title: ru

Search URL Search Domain Scan URL

URL: https://sk.scriptcult.com/
Title: sk

Search URL Search Domain Scan URL

URL: https://sl.scriptcult.com/
Title: sl

Search URL Search Domain Scan URL

URL: https://sr.scriptcult.com/
Title: sr

Search URL Search Domain Scan URL

URL: https://sv.scriptcult.com/
Title: sv

Search URL Search Domain Scan URL

URL: https://th.scriptcult.com/
Title: th

Search URL Search Domain Scan URL

URL: https://tr.scriptcult.com/
Title: tr

Search URL Search Domain Scan URL

URL: https://uk.scriptcult.com/
Title: uk

Search URL Search Domain Scan URL

URL: https://vi.scriptcult.com/
Title: vi

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://mc.yandex.ru/watch/53505307?wmode=7&page-url=https%3A%2F%2Fiw.scriptcult.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A415%3Acn%3A1%3Adp%3A0%3Als%3A406652499586%3Ahid%3A376812453%3Az%3A60%3Ai%3A20210211144857%3Aet%3A1613051337%3Ac%3A1%3Arn%3A930597346%3Arqn%3A1%3Au%3A1613051337704790166%3Aw%3A1585x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Antf%3A1%3Ans%3A1613051336693%3Awv%3A2%3Ads%3A14%2C18%2C389%2C1%2C0%2C0%2C%2C287%2C27%2C%2C%2C%2C712%3Adsn%3A14%2C17%2C389%2C1%2C0%2C0%2C%2C290%2C27%2C%2C%2C%2C712%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613051338%3At%3A%D7%9E%D7%A1%D7%93%20%D7%A9%D7%9C%20%D7%A1%D7%99%D7%95%D7%9E%D7%95%D7%AA%20%D7%A7%D7%91%D7%A6%D7%99%D7%9D%20-%20scriptcult HTTP 302
https://mc.yandex.ru/watch/53505307/1?wmode=7&page-url=https%3A%2F%2Fiw.scriptcult.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A415%3Acn%3A1%3Adp%3A0%3Als%3A406652499586%3Ahid%3A376812453%3Az%3A60%3Ai%3A20210211144857%3Aet%3A1613051337%3Ac%3A1%3Arn%3A930597346%3Arqn%3A1%3Au%3A1613051337704790166%3Aw%3A1585x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Antf%3A1%3Ans%3A1613051336693%3Awv%3A2%3Ads%3A14%2C18%2C389%2C1%2C0%2C0%2C%2C287%2C27%2C%2C%2C%2C712%3Adsn%3A14%2C17%2C389%2C1%2C0%2C0%2C%2C290%2C27%2C%2C%2C%2C712%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613051338%3At%3A%D7%9E%D7%A1%D7%93%20%D7%A9%D7%9C%20%D7%A1%D7%99%D7%95%D7%9E%D7%95%D7%AA%20%D7%A7%D7%91%D7%A6%D7%99%D7%9D%20-%20scriptcult

Request Chain 119

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 143

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

142 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
iw.scriptcult.com/ 48 KB
7 KB 421ms
389ms Document
text/html 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d97496d8f839940d07dc27ed5405dfde04ca2cef2d43d0ff20c6b6679c14bf7

Request headers

:method: GET
:authority: iw.scriptcult.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d72c0f36079eb72f58e92ac7e18202e4a1613051336; expires=Sat, 13-Mar-21 13:48:56 GMT; path=/; domain=.scriptcult.com; HttpOnly; SameSite=Lax; Secure
cache-control: max-age=86400
expires: Fri, 12 Feb 2021 13:48:56 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 0832f3301900004a9de813e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Yn91l0k9uuW%2F1pAQCiBJiJzZOimG5OlzSl6uBSR1DJ813VwYTe%2FfnG%2FifD07hLg%2BdqDakgQu66ISBIPyPnRVUqiEhM21m3Oy9EyZRqpS%2FP7CWPLOsiV%2FQ6zilEqXlw%3D%3D"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 61fe87c688f44a9d-FRA
content-encoding: br

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce4bfeac909ea87a0078b24769b100b6e1801d9f6cd1d6671e539cf931e85a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47961
x-xss-protection: 0
server: cafe
etag: 12275503723171052583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Feb 2021 13:48:57 GMT

GET
H2 200 / Show response
qualuru.biz/ 14 KB
15 KB 136ms
34ms Script
application/javascript 134.209.192.77
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://qualuru.biz/?pu=hbswimjugu5ha3ddf4ytmobt

Requested by

Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

134.209.192.77 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

aaa579861669a529ef77a8c04af06447eaa1d75000246840da90f285e9c94268

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Feb 2021 13:48:57 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK adManager.js Show response
cst.cstwpush.com/static/ 39 KB
40 KB 37ms
9ms Script
text/plain 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cst.cstwpush.com/static/adManager.js

Requested by

Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

1759c7be725e88d3b517a94fa444f083fc24cc92e961c1f2d3ce4c8af1787fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 13:48:57 GMT
Connection: Keep-Alive
Last-Modified: Fri, 05 Feb 2021 10:57:06 GMT
x-amz-meta-s3cmd-attrs: atime:1612522612/ctime:1612522612/gid:0/gname:root/md5:0a25a7f5a397ade1149c4bf41f8ab35d/mode:33188/mtime:1612522398/uid:0/uname:root
x-amz-request-id: tx0000000000000004d687e-0060252a45-a4c9942-fra1a
ETag: "0a25a7f5a397ade1149c4bf41f8ab35d"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1613051337.dop106.fr8.t,1613051337.cds262.fr8.shn,1613051337.dop106.fr8.t,1613051337.cds120.fr8.c
Content-Type: text/plain
X-Amz-Storage-Class: STANDARD
Cache-Control: max-age=652
x-rgw-object-type: Normal
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 39828

GET
H2 200 1506626470index.css
scriptcult.com/template/apollo/css/ 60 KB
9 KB 26ms
17ms Stylesheet
text/css 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/1506626470index.css
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51de53ac835a3e11b545be8454c808f1b4a655b1681b02b1db6b87f44ebf4257

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 149181
cf-request-id: 0832f331ae00004a9d0097a000000001
last-modified: Fri, 17 Jul 2020 14:43:28 GMT
server: cloudflare
etag: W/"f1d8-5aaa42e19d8e0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0Wytk8YiumXcQcJl1ZsGbLOripN9VV40SXVO9Ea3IxK5TmsPcTOTyoOafbwZAykO6Lg2XtbThrf1YBwXZfBXyr5Y0EMBITojnY5KoHmlZAbpmt5HLh3ONnDscw%3D%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 61fe87c91ee64a9d-FRA
expires: Tue, 23 Feb 2021 20:22:36 GMT

GET
H2 200 css.css
scriptcult.com/template/apollo/css/ 5 KB
903 B 23ms
14ms Stylesheet
text/css 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/css.css
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b5fb211d28a4781b339cfded0f5bb2dcc357d003430aedc7e1f771c5f2abea5

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5840
cf-request-id: 0832f331ae00004a9df52be000000001
last-modified: Fri, 17 Jul 2020 14:43:27 GMT
server: cloudflare
etag: W/"1248-5aaa42e0bdebf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0SNKvGe8I52e2hzICiUicj2I3dGWKosviM0q%2FCl6Cq6OpMBbhsMhhJOVGrs30RcnEKkIwZ6jPHL%2Fn%2BrC75ofGet%2BThhg8On3K%2F%2FAEhikcttI4XZtnnSRroLdOQ%3D%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 61fe87c91ee24a9d-FRA
expires: Thu, 25 Feb 2021 12:11:37 GMT

GET
H2 200 1506626470index_001.css
scriptcult.com/template/apollo/css/ 114 KB
16 KB 24ms
15ms Stylesheet
text/css 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/1506626470index_001.css
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9f18b5f9ed6ffddd86c2f764df72ea0f4aa7fba3f8e41102c81002d421f74ac

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5840
cf-request-id: 0832f331ae00004a9d2c8ad000000001
last-modified: Fri, 17 Jul 2020 14:43:27 GMT
server: cloudflare
etag: W/"1c9cb-5aaa42e10b11f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4JFzk15uwdZZ9QWhizfDcCZ4QwdkpGwtKKTfqTS3D8gdJn%2FrxMkFFKUgocWpdZ8V%2FaKFUtxVY%2FHbVstfo6NMcCt7DfmNFgpZEHrN9xlo94ogyowj52N4jJGLXQ%3D%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 61fe87c91ee04a9d-FRA
expires: Thu, 25 Feb 2021 12:11:37 GMT

GET
H2 200 1506626470index.js Show response
scriptcult.com/template/apollo/js/ 112 KB
37 KB 31ms
22ms Script
application/javascript 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/js/1506626470index.js
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecdeb0b2751d79c8951811ca225a1c98cd860f650e159d4244c7ae1389ffa7a6

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 628217
cf-request-id: 0832f331ae00004a9de7037000000001
last-modified: Fri, 17 Jul 2020 14:43:30 GMT
server: cloudflare
etag: W/"1c05b-5aaa42e3d00e4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4ltlFPf%2FeBitBVIu9C%2BqdzVIqvNP%2BtV6SuP6AAzszpukYPT4MyL3cG%2FT1iJk0aBHTOnb%2FlN68eQhHIuuInh8LZGWq8x5SVxLOyCfCqq2kkJlNaws5ixxbJqtIA%3D%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 61fe87c91ee84a9d-FRA
expires: Thu, 18 Feb 2021 07:18:40 GMT

GET
H2 200 .tk-file-extension.jpg
scriptcult.com/img/fileinfo/ 30 KB
30 KB 116ms
110ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.tk-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf450bec40451f23b83d906cca02c52cffef2f9794fbbb3d6b3d7159979d983

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 30390
cf-request-id: 0832f331f200004a9d2c8b3000000001
last-modified: Sun, 28 Apr 2019 00:15:35 GMT
server: cloudflare
etag: "76b6-5878c111372ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FfZkddh88avemIhHLsYLh5L2eTAUUCU6phQVApAMATUC9Xu95GlrVT9T60D%2BwY4XhEbny9Fqq%2FTrTcW8A%2F41r%2FK7uwUTzFGQ1vc%2BEgCnHDKN%2FKSrHDqrM79IFw%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c98fe84a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .mdimporter-file-extension.jpg
scriptcult.com/img/fileinfo/ 6 KB
6 KB 120ms
115ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.mdimporter-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a1b959366ce4381b9a5ade27a6d733b66394e8b351ec51b48e030ba32d6da88

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 5800
cf-request-id: 0832f331f300004a9df52c4000000001
last-modified: Sun, 28 Apr 2019 00:08:15 GMT
server: cloudflare
etag: "16a8-5878bf6e4af6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BlOglklUJWuOHBFpK4APTrEFf4s1O6WpaqxuUrxjalrwIZhvhNw%2FnS8IsrFFZN1zc5De%2BF%2FmIANMn%2BV1z0nKIN%2FWPADW%2FuKQq5Y8IP40F14Y1Tuacz4mjc3kiA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c98feb4a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 corel-wordperfect.jpg
scriptcult.com/img/fileinfo/ 5 KB
5 KB 123ms
118ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/corel-wordperfect.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d57598595e00e602b2e7a027ffbb13a5b644f29aea5fbabaa99d8bfcca9643e

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 4673
cf-request-id: 0832f331f300004a9d42a86000000001
last-modified: Sun, 28 Apr 2019 00:19:21 GMT
server: cloudflare
etag: "1241-5878c1e964051"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gln0Msa%2FzBcasSlcRcs7k%2FMTFclixCvIjGJu%2FrB%2BWoOpktWs2PABSuj4oEGw7S4nVX%2BtIoyF%2BcI8Q7LBjZXBknJp1visEQm8dlShSQRxUN1zNa80Wox0uXJS3Q%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c98fec4a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 404 UT2LINK-file-format-description.webp
scriptcult.com/img/file-types/ 0
0 46ms
39ms Image
text/html 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/file-types/UT2LINK-file-format-description.webp
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 .npy-file-extension.jpg
scriptcult.com/img/fileinfo/ 41 KB
42 KB 98ms
92ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.npy-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0bd85cc3db99d98a109f29e847303811617184e2f8c3ca1a4d11b7a370cb633

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 42161
cf-request-id: 0832f3320900004a9dee316000000001
last-modified: Sun, 28 Apr 2019 00:09:52 GMT
server: cloudflare
etag: "a4b1-5878bfcaa6884"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MvnoIEpOQ8X0BDTifNES0elcafZJYvteIJtw%2Ff%2FnwaYZum%2BaT4ccnZPrAdR5x9QtVmM%2Fbtude2S1yrQ8pjxfvpesaVU6m3VKP3uUCZ4gzylD6ipFH8RMFAGFBQ%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a83f4a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .ndl-file-extension.jpg
scriptcult.com/img/fileinfo/ 47 KB
47 KB 114ms
108ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.ndl-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52458a15977231c92c99313b43d0e17aef8fadeb65a829f4b14626522f79b454

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 47843
cf-request-id: 0832f3320900004a9d65077000000001
last-modified: Sun, 28 Apr 2019 00:09:35 GMT
server: cloudflare
etag: "bae3-5878bfba2bc7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UHKPGOie35PvDWtfyr98z%2B0NFU%2BWjV9orStBpCM0FvrqEuLnG6zfD9K4j8Uc3pb0KDOODe7CnGPUMVl32gMb1Uz9UbK59iTMvRpU44MRLyfTTFXeL2HhhKyk8w%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8404a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .hf-file-extension.jpg
scriptcult.com/img/fileinfo/ 81 KB
81 KB 114ms
107ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.hf-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e01b75729cfdd78a4049a33100638b60a8933dd55bddf98edf64ecf32d5b1702

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 82803
cf-request-id: 0832f3320900004a9d13277000000001
last-modified: Sun, 28 Apr 2019 00:05:15 GMT
server: cloudflare
etag: "14373-5878bec215006"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hwESfD7s82R1t2fRNywTeVDDP1B0VuwmpyP9ApDbnQTZ%2FPOJ8VJaeO6uaszAdnCcY%2BAC2T%2F0VnfRaLdLgWen9BnoOYFVIV8S%2Bi%2FkCHpasKQOBzsiIs7%2BLlCpUA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8414a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .opju-file-extension.jpg
scriptcult.com/img/fileinfo/ 7 KB
7 KB 89ms
82ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.opju-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8b3b2eae18f3dea74b264d586e8f7be4a71ec1eeb40ad7ddc236cac2b5e7b80

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 6973
cf-request-id: 0832f3320a00004a9d08a30000000001
last-modified: Sun, 28 Apr 2019 00:10:25 GMT
server: cloudflare
etag: "1b3d-5878bfe9b8a36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p7VEG6Kc43FBtgWaNdxo8KCFnPDSsQdrNfNvvwP69LIEyzWF3QhhSw0iti6%2B58Tv4uuYoAGNmKNElt6%2BkJekapSEwvBYkywrCaWLtrOvgy8YCXyaEQ%2F0uPU6Cg%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8424a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .lfp-file-extension.jpg
scriptcult.com/img/fileinfo/ 37 KB
37 KB 99ms
93ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.lfp-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0191c226743a36ec6f98506eea95f1b82f57703aa565127e08c27eed84d528ad

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 37923
cf-request-id: 0832f3320a00004a9d00982000000001
last-modified: Sun, 28 Apr 2019 00:07:19 GMT
server: cloudflare
etag: "9423-5878bf3844e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BdUAqCtOJ1IFCrNprQXWRwSCZS4UVESDYO9aD34dz%2B%2B7j7Dl%2FeOByX%2BciCtCwm5O%2FOIFvYNwo8XaI9KnqWfBrVb2%2BOYIpIBvuMfLoFmd5jUym7jW6780WNePAQ%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8434a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .bkup-file-extension.jpg
scriptcult.com/img/fileinfo/ 43 KB
44 KB 339ms
332ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.bkup-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ced2553d06bad9544117663b2a1c569fee2fda0801422fc22de9b1715e2ad2f

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 44295
cf-request-id: 0832f3320a00004a9d18be7000000001
last-modified: Sat, 27 Apr 2019 23:59:22 GMT
server: cloudflare
etag: "ad07-5878bd715ace5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PF4Ed0acBl26acooa6NkTFWQ28pTxjJBpsXzzHu7k3J6Evrw0fY9ABBYJ2cKN8tieLHcWZOeByrI0p5O6Qx%2FVfjDAyepBNobaNy3TrBWDspGCP7U3gQBZq9IWg%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8444a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .sy3-file-extension.jpg
scriptcult.com/img/fileinfo/ 18 KB
18 KB 428ms
422ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.sy3-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51aad2bf1eb93ac143fb74c240d48afc5d46bcb6fdeb3a8cf1298c2830197dc9

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 18048
cf-request-id: 0832f3320a00004a9d43347000000001
last-modified: Sun, 28 Apr 2019 00:15:03 GMT
server: cloudflare
etag: "4680-5878c0f2a9df8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3YaOQIpbmo9wenL0fguR5jdrt6IT2r2bUbLOnYQd1QErvY5AN8pLVs0KzfdEKspSLGEOk3f2jTosYiDBOKRFsqF3HXM95yQ6mV%2BmjueH7w9CWUmqE%2BCI3f3Q8A%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8454a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 raven-software-star-wars-jedi-knight-jedi-academy.jpg
scriptcult.com/img/fileinfo/ 43 KB
44 KB 103ms
97ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/raven-software-star-wars-jedi-knight-jedi-academy.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b209a533a146f603c877b649c28274e80c62a43e37ccdd76e6b9e9188e9f8554

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 44284
cf-request-id: 0832f3320a00004a9d4f34d000000001
last-modified: Sun, 28 Apr 2019 00:20:09 GMT
server: cloudflare
etag: "acfc-5878c21697511"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vSNvNYu1zixwErFr9vEdW1c7q2kdsnucHlA9Y8vEs46oahW%2B2kqTCTv95ISGWbon6h8ZuSqVgkwuDIKHbrHzWEvuAKPXXVdeHamOSDzOqQxOS43RYypTo9QKAQ%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8464a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .tjc-file-extension.jpg
scriptcult.com/img/fileinfo/ 26 KB
26 KB 51ms
45ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.tjc-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e935f03fedb303383e8b163689713d047c3393bbbd1317c7f972831389c37d77

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 26129
cf-request-id: 0832f3320a00004a9d44038000000001
last-modified: Sun, 28 Apr 2019 00:15:34 GMT
server: cloudflare
etag: "6611-5878c110dc58a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Za6oDi2JwqERRsttBfoOJ0odYfKz1Uyy4HyuHP2v2P8vWNH%2BcACCf4z4snxZlKFACVQ%2BWyduFtIw%2BTe04QeqZuqKWlg7kmM4sVseX4%2BgaTWAF619A%2F5Qg7CnA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8474a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 7z.002-file-extension.jpg
scriptcult.com/img/fileinfo/ 50 KB
50 KB 524ms
518ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/7z.002-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf47364a41461ef5acdbfcd343a602d223ec7a179b484f43e1c843a79b0f7add

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 50993
cf-request-id: 0832f3320a00004a9debbdb000000001
last-modified: Sun, 28 Apr 2019 00:18:59 GMT
server: cloudflare
etag: "c731-5878c1d3cea03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t25xsMcfRurH7Iz5oMoLvlAyenpLJLdaotNLkEWqGynnyouFnWiTbhQKTIyBe2FxhEO2jAU%2Fe0a2rBOSPhSD%2FxSlza0orqd%2FcQqosVLwIaLaoIepLMTFLyjKMA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8494a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .vac-file-extension.jpg
scriptcult.com/img/fileinfo/ 62 KB
62 KB 91ms
85ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.vac-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3c6bc91bf18da3ee7733006cddb18ca9c9c3a77e657b1fc1c75a8405b02f3d

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 63225
cf-request-id: 0832f3320b00004a9df2076000000001
last-modified: Sun, 28 Apr 2019 00:16:29 GMT
server: cloudflare
etag: "f6f9-5878c144f350a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lQG07tkvCdT8tvjUuVji1wukTPZ79X01%2ByQUWV%2BWm8gwTPJLLfaVAycorOiU3zIaMb2xTwzYmSWsCyBTTK8kQDcemnxnabUTmz9Os1c2AdNuX%2BD9GwFBOJYKjA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a84a4a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .pxml-file-extension.jpg
scriptcult.com/img/fileinfo/ 67 KB
68 KB 91ms
85ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.pxml-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30e1b6892392a3cefea82a8b6dd1ae4c639a2f2071873e7b83dc8e0fd6cf6ca5

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 68743
cf-request-id: 0832f3320b00004a9d4635a000000001
last-modified: Sun, 28 Apr 2019 00:12:10 GMT
server: cloudflare
etag: "10c87-5878c04da7a93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cJ%2FS9i%2BDZVA0wUhGo%2Fc5%2FL9Uj1DrArAX%2BlCPAM9yOLTKjN%2BPK971HatxxQ1ICJz8RE99mEi8G4pyYKD0VgfGFzmv14d%2FDHZv8TSsDHvizu42VCjOx8dN%2B5pPNw%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a84b4a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .hiv-file-extension.jpg
scriptcult.com/img/fileinfo/ 68 KB
69 KB 111ms
105ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.hiv-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26f3bd48f4c40a95aec8e457ee458c94ba1431cfd99117b6e10d9e6fb5e85701

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 70093
cf-request-id: 0832f3320b00004a9d630d5000000001
last-modified: Sun, 28 Apr 2019 00:05:19 GMT
server: cloudflare
etag: "111cd-5878bec5d0148"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lpKYEjQnyUJ%2BeiQRkgRlKggz7RQCJCC7T%2F4EOtpGYYv9d5y6RDsZ52j%2FV%2FJwjKHr%2BTRpPfeUoLFB%2F5wC5Lu7CJRbs3c4rlhIZJ7Fkw4tJzU4H32yeonXbjw1Uw%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a84c4a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .dtf-file-extension.jpg
scriptcult.com/img/fileinfo/ 43 KB
43 KB 511ms
505ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.dtf-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d951536a2d0c8d4fe76c78c0bbb04dbc2aa77ab3f04ef73c92c049c6da1b1d9e

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 43531
cf-request-id: 0832f3320b00004a9d590b5000000001
last-modified: Sun, 28 Apr 2019 00:02:20 GMT
server: cloudflare
etag: "aa0b-5878be1b363a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tshr%2Bf9scmOqmdE9gU%2FiknTnRERfhTaL8XRkkbF%2BkfPZZvln5fiu7G86InBimcGgRzUR8%2BtQkWs90QwiLCzwhJeU9civOKYIAWpzCJ1IuUq5TZTZQHyGzBgZGQ%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a84f4a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .rmv-file-extension.jpg
scriptcult.com/img/fileinfo/ 86 KB
87 KB 251ms
245ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.rmv-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1880a7efb9924a0501f556da0e5ec8f7e0b511313774352a5f4a19a6dda2cd2d

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 88420
cf-request-id: 0832f3320b00004a9d35897000000001
last-modified: Sun, 28 Apr 2019 00:13:03 GMT
server: cloudflare
etag: "15964-5878c0802e3d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sa8xyW5Fxkr%2B0TQZ8aSFD%2F3l1UekFFMxF1DssjqdFMx4jEQSc7fiLsPX8p7R4y33UB4tV%2B6yxcglAtXPVVeX74u9FlqwKc8rdb8%2F9A04FQwPxCiRgLtE%2F5HriA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8504a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .fh4-file-extension.jpg
scriptcult.com/img/fileinfo/ 107 KB
108 KB 113ms
106ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.fh4-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c728a934d80bd460ac8ad4e7c242bbdcff2a4c6c4a0553f3b6077c6080a8ef5d

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 109749
cf-request-id: 0832f3320b00004a9d3a9ce000000001
last-modified: Sun, 28 Apr 2019 00:03:35 GMT
server: cloudflare
etag: "1acb5-5878be634a62f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZHtrEk4FvQXeIUN3f6gcK60IfLobSi8IIgXOSGzKceJTGfjFpNMccT%2FBwMNZxra7KNPwmYTYpG33JWMNJoS%2BplHkopw%2BkSSmkdqKG3nc0hqw4b4GKXIUYIqLdg%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8534a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .adi-file-extension.jpg
scriptcult.com/img/fileinfo/ 42 KB
43 KB 518ms
512ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.adi-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7970aa9ecfb67fe00ad949e456233de3e9ae789c22c5841a8cc360fa0a1b06f

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 43402
cf-request-id: 0832f3320e00004a9de816f000000001
last-modified: Sat, 27 Apr 2019 23:58:04 GMT
server: cloudflare
etag: "a98a-5878bd279dd7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QxDF1hD%2B30nr1hezN4f%2B%2Bdpykz7E0Gd5v31E2OW%2BIMCiAqrg66STiz8%2B3ErUXTDNDjkAuiH77aYwlKVcs4hOz%2FQoBNbDLsjs9G8qVHstQm8oJJb1wl1L76yPQA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8554a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 alcohol-120.jpg
scriptcult.com/img/fileinfo/ 6 KB
7 KB 395ms
389ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/alcohol-120.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90bdb518957e33978c6b3cdec766afcdd9c398953f90689be23cdbcc853bc5ea

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 6570
cf-request-id: 0832f3320c00004a9d52b92000000001
last-modified: Sun, 28 Apr 2019 00:19:06 GMT
server: cloudflare
etag: "19aa-5878c1da7b9c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UHxQXY6eDzEBKxjjUXh%2FqNkX6CxeXJIw6LRUz7um3SfcXFjkJAL1J8z2TyJpu3TepabsiGnRi0mv0WSrrthVcUFuo2gNW0nq2pxQHITjDV1DIeR0Pps8b0hvxw%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8564a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .m4p-file-extension.jpg
scriptcult.com/img/fileinfo/ 5 KB
6 KB 346ms
340ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.m4p-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76b220285ced3161f679c72a8024b449769d91b7960616bc38af956c00a4aa67

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 5300
cf-request-id: 0832f3320c00004a9d43348000000001
last-modified: Sun, 28 Apr 2019 00:07:53 GMT
server: cloudflare
etag: "14b4-5878bf586e47f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BwOKqC0yM%2B0bstF7bhRyFRUaJfT3hYEcpWKW7H%2B%2BHi%2F83dgeV34FNJUMFnuiA8s0kAlRPBOVdEBjIOmBw8JW9Glc68NMNxoYezQB%2Fbtyk3D3dHYYw3TP8lMZYA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8574a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 SC2ARCHIVE-file-format-description.webp
scriptcult.com/img/file-types/ 69 KB
69 KB 36ms
30ms Image
image/webp 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/file-types/SC2ARCHIVE-file-format-description.webp
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1657924c0414f056a13eabc1ec5119419ef9dcff3828c98015ca7d798ba8043a

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 161791
content-length: 70626
cf-request-id: 0832f3320d00004a9de8b77000000001
last-modified: Sun, 04 Oct 2020 18:49:52 GMT
server: cloudflare
etag: "113e2-5b0dcd4bfab25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N4Vc5uj8ZaSf08T%2BaY07iy%2BobbA%2F53aNp3ZYDbbp37knksO%2F6oa%2F9TQK3M9XFnTrv2GQ8uAsdhEWjn2kHAnSk3LrNDBSPBbSk%2F2FF7dcO%2F7o9XFLqLCa33CipQ%3D%3D"}]}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 61fe87c9a8594a9d-FRA
expires: Tue, 16 Feb 2021 16:52:25 GMT

GET
H2 200 .styk-file-extension.jpg
scriptcult.com/img/fileinfo/ 76 KB
77 KB 127ms
121ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.styk-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08d273e8e3c90ce664e7125c4f7ac248dca1aa1d3a17332337214372eb757246

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 78223
cf-request-id: 0832f3320d00004a9d140f2000000001
last-modified: Sun, 28 Apr 2019 00:14:51 GMT
server: cloudflare
etag: "1318f-5878c0e792071"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2cuI3KZVD%2BDFjSBTUJPzKfuF%2FQnelQlQgMSsjofDv1momEin3ZOaCQ1YSuZlTtdV%2BVQAWYS2vWTm17x0J8%2FfSSCXo%2FHi7zua6J%2BpRZbDZk8nYktUGt9sD790DA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a85d4a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 200 .c4d-file-extension.jpg
scriptcult.com/img/fileinfo/ 4 KB
4 KB 34ms
28ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.c4d-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418ce3b1f065a9e5a43119cd01229780b6c0a9b1dd4227fc831d5a8e3488f94b

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 152321
content-length: 3958
cf-request-id: 0832f3320e00004a9d199fc000000001
last-modified: Sat, 27 Apr 2019 23:59:56 GMT
server: cloudflare
etag: "f76-5878bd91a8577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q0kuvxjqImlvUR0UiWSPrZxQgYoIU3OwWp0mcpmJEApPg4myyQ3aF2q98UHjQACgUl6zeLbKmPBfZWuCGmZHmCJ6lSOujj%2BgDsqptANSWkJOGoDa1HVobUy8RA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8604a9d-FRA
expires: Wed, 09 Feb 2022 19:30:16 GMT

GET
H2 200 .vtt-file-extension.jpg
scriptcult.com/img/fileinfo/ 91 KB
91 KB 35ms
29ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.vtt-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0369fd030ac402443e245b74fe4a568cd06ab45a3a099209e93a7d0bcdf643c

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 69961
content-length: 92863
cf-request-id: 0832f3320e00004a9d5c18d000000001
last-modified: Sun, 28 Apr 2019 00:17:09 GMT
server: cloudflare
etag: "16abf-5878c16b73c42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ju2bWb8JbJSfZfYb68YDkmVxPbOdfLq4nYPP1U7W%2Fo4wqs%2FixFyarocTHo36nQQkz%2FpswDAuNAbosytg29DZ7TqBHuNd%2FHEArkXrlfm%2FT8%2BX7wE36QDoTuNU%2FA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8614a9d-FRA
expires: Thu, 10 Feb 2022 18:22:56 GMT

GET
H2 200 .cnf-file-extension.jpg
scriptcult.com/img/fileinfo/ 55 KB
55 KB 20ms
14ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.cnf-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9667cceb344eb1398186d8b2d4e5a3f8d1ee744f4cb8c5613ce962d5a52af553

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2047
content-length: 55892
cf-request-id: 0832f3320e00004a9dee317000000001
last-modified: Sun, 28 Apr 2019 00:00:42 GMT
server: cloudflare
etag: "da54-5878bdbdbd810"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=74I8xcxO7uzQCdSYVciR1vhwkqQMgQqtWprZGADd1hKgCZ5s7WKq3LFxfWLgsFR5aFoePtfnpX3CevSUQFEMQx%2Btu5R6BPCJWIkpBqhvVSNdfS54pPdSgY0jjg%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8624a9d-FRA
expires: Fri, 11 Feb 2022 13:14:50 GMT

GET
H2 200 UPDATE-file-format-description.webp
scriptcult.com/img/file-types/ 46 KB
46 KB 23ms
17ms Image
image/webp 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/file-types/UPDATE-file-format-description.webp
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e83b10a979cf64fbb1274990cc4e7aadde25ec952bd2834a12171101b785a9c

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5839
content-length: 46972
cf-request-id: 0832f3320e00004a9d42a89000000001
last-modified: Sun, 04 Oct 2020 18:49:57 GMT
server: cloudflare
etag: "b77c-5b0dcd516a49b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hM4dY2uWR02JqzmSVt42xt19IYxrw45BC6opYjbB%2Focivl7G%2Fnafcoo6pLKSfJfKAV3fr98Zk1A%2BJPV7MtELIE%2FBy6%2Bc6owGR%2Bm3ZCeTi%2FLu%2FWv71haNoSTMEA%3D%3D"}]}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 61fe87c9a8634a9d-FRA
expires: Thu, 18 Feb 2021 12:11:38 GMT

GET
H2 200 .esm-file-extension.jpg
scriptcult.com/img/fileinfo/ 142 KB
142 KB 37ms
31ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.esm-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d30a6f03fe6074d365b92a300ce82d4cd236014f68d7f9dc1ccb9cf104249390

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 917
content-length: 145072
cf-request-id: 0832f3320f00004a9de8170000000001
last-modified: Sun, 28 Apr 2019 00:03:00 GMT
server: cloudflare
etag: "236b0-5878be41a613b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0eOlSpoHy0qkZJ8YNVnxu67DOI4s1aE%2BSYaIb2sLBAclkF%2BMGG3a47Te8RPyJ17r3Y6P8NhKBvH2KPM9te9m9W65wygofXIIZP%2FixgSWMznsNK8VIZW8600%2FIw%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8644a9d-FRA
expires: Fri, 11 Feb 2022 13:33:40 GMT

GET
H2 200 .nav-file-extension.jpg
scriptcult.com/img/fileinfo/ 36 KB
37 KB 35ms
29ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.nav-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9869bf438dbcd2a903641f06be294fbfcef531fcf79f2608512ad8dc291b902f

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2047
content-length: 36940
cf-request-id: 0832f3320e00004a9df52c7000000001
last-modified: Sun, 28 Apr 2019 00:09:27 GMT
server: cloudflare
etag: "904c-5878bfb28d955"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PMq%2FcZH5G8Qu%2FrNhAD3bMDGgn%2BD5NuTqiDV9fdYSHXAD3feKDwmxfZyQRByJgR%2Fc7ftdvb17BtWEwR71bcbFntSgktN9yROMc25%2FzbMqhpL%2Fd6epm30qCwB%2Fig%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8654a9d-FRA
expires: Fri, 11 Feb 2022 13:14:50 GMT

GET
H2 200 .psdx-file-extension.jpg
scriptcult.com/img/fileinfo/ 6 KB
6 KB 30ms
24ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.psdx-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43d0f3748c847a41c458be6f586816549d8827e6c578a1211ba73a32e2614b83

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2045
content-length: 6115
cf-request-id: 0832f3320e00004a9d65078000000001
last-modified: Sun, 28 Apr 2019 00:11:53 GMT
server: cloudflare
etag: "17e3-5878c03db1b89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xoZe47Bp295K0U8demB9B6mGBY0adJOdAgs0CPPrihGLvr6J8DX%2BBbdraF92wUH%2B8PGaaOJFapsFnnwRoytwlD4D6eXnYU%2BDH9Fz4i9VhWpaiU3bgni2l5egmg%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9a8664a9d-FRA
expires: Fri, 11 Feb 2022 13:14:52 GMT

GET
H2 200 VRMAT-file-format-description.webp
scriptcult.com/img/file-types/ 31 KB
31 KB 34ms
29ms Image
image/webp 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/file-types/VRMAT-file-format-description.webp
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a61e116b3b761378e1846301bfc67bf58c43ab8c3a9b32d147640081affa092

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 280856
content-length: 31608
cf-request-id: 0832f3320f00004a9dee959000000001
last-modified: Sun, 04 Oct 2020 18:49:58 GMT
server: cloudflare
etag: "7b78-5b0dcd5270013"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XrWiVEB1EFl72oZap2TvyYpk6Bm8ACpcYU5EN8FxBAstxR4MEC2vD44Cu9%2BXd0nNfb%2Bq2An8Z7wa6%2BKT7XYjpKOUB681%2F8NyG8VaTmsdFCzxvhuSxgqwS51%2BaQ%3D%3D"}]}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 61fe87c9b8684a9d-FRA
expires: Mon, 15 Feb 2021 07:48:01 GMT

GET
H2 200 .bay-file-extension.jpg
scriptcult.com/img/fileinfo/ 5 KB
5 KB 36ms
31ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.bay-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96c494112ebb540b2b00c6f0224c1dc89ea230abdf6b6c6625cc51fd347c4033

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 917
content-length: 4861
cf-request-id: 0832f3320f00004a9d3392b000000001
last-modified: Sat, 27 Apr 2019 23:59:05 GMT
server: cloudflare
etag: "12fd-5878bd61c1a3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w2GViysRw1K1T8EsG8Z9Y0yw4uRm0O0DaNnLFdMTw08h3yBSxjXHETesdUQFoydMLwUNpEZj1T%2FqFeIqhiXCC2xSAh47gbVOhxPfG%2BYfh8k%2BbL7PxfEzZZ23PA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9b8694a9d-FRA
expires: Fri, 11 Feb 2022 13:33:40 GMT

GET
H2 200 .tns-file-extension.jpg
scriptcult.com/img/fileinfo/ 6 KB
7 KB 31ms
25ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.tns-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e49dca44b0c72950b99f16b0bc20bad538e177b05aef271d3231d552f2035b7e

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2041
content-length: 6168
cf-request-id: 0832f3320f00004a9d13278000000001
last-modified: Sun, 28 Apr 2019 00:15:44 GMT
server: cloudflare
etag: "1818-5878c119b01d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WHnsvZZxWipDfiOD1q8SRFZmlui3HpdxFRlagyU0NjbcZzq5ere83c7Qa%2B4wh6faLoccy%2FjhrZnGNotZQFykEoo2n5tFY5z5OWbb5XJCedgcva2nC1ITCfSvfA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9b86b4a9d-FRA
expires: Fri, 11 Feb 2022 13:14:56 GMT

GET
H2 200 QP1-file-format-description.webp
scriptcult.com/img/file-types/ 32 KB
32 KB 25ms
20ms Image
image/webp 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/file-types/QP1-file-format-description.webp
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 977f9d84ac3f66532873c417ec9a2f717f3256c1856abd0bb0c74b33eaccdbc5

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 508215
content-length: 32272
cf-request-id: 0832f3320f00004a9d18be8000000001
last-modified: Sun, 04 Oct 2020 18:49:49 GMT
server: cloudflare
etag: "7e10-5b0dcd493c8da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MCABVT25bBjMHlj5EkkPwgBq%2FUy1lT3qfQw8AEBj%2Ft68Z06qMo2Q9btw0QfevOGGUlAomYGpGxSF2Fih1mIhRH6tN0RIaYRDm2cKSOzPoSsecygrUIkr2eLiow%3D%3D"}]}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 61fe87c9b86c4a9d-FRA
expires: Fri, 12 Feb 2021 16:38:42 GMT

GET
H2 200 .pac-file-extension.jpg
scriptcult.com/img/fileinfo/ 61 KB
61 KB 34ms
29ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.pac-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e615b92cacb8eaedb30ba967d9004c03fc6079e7f13789477513585ede097e9

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2040
content-length: 62412
cf-request-id: 0832f3320f00004a9d3da44000000001
last-modified: Sun, 28 Apr 2019 00:10:45 GMT
server: cloudflare
etag: "f3cc-5878bffc9e882"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W3wKo1Hw4V0Xqe0wp7EPvLJJYd0Q0u9f5r70qWTxEn8e%2BZ9aaQIhtM%2FUBMzTVVdNTab%2BB%2BtTxZe4aP1hlDALaWHNEmogfdZxceePUXwrIVmwVw9y9u9Y1OeRJg%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9b86d4a9d-FRA
expires: Fri, 11 Feb 2022 13:14:57 GMT

GET
H2 200 .tc-file-extension.jpg
scriptcult.com/img/fileinfo/ 84 KB
85 KB 32ms
27ms Image
image/jpeg 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/img/fileinfo/.tc-file-extension.jpg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e85a07eabf2c106bcb1953c3ab83d2c48f99a0e4d29e31951d00086c29c83181

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2035
content-length: 86108
cf-request-id: 0832f3320f00004a9dfab88000000001
last-modified: Sun, 28 Apr 2019 00:15:18 GMT
server: cloudflare
etag: "1505c-5878c100d5ce1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tasXW9JPkyuhow9ilioLmlxiucLm5QVNYJicQLhc8VUihRKJT03Xc%2FsMkmLiWDHoppqBwzvovQUbRcZQJ%2FWzqINHk4HPF9izAOHWcS84kb9Uks4figu%2Bsy6CFA%3D%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87c9b86e4a9d-FRA
expires: Fri, 11 Feb 2022 13:15:02 GMT

GET
H2 200 scripts.js Show response
scriptcult.com/template/apollo/js/ 69 KB
20 KB 21ms
14ms Script
application/javascript 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/js/scripts.js
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af6e28fbccfa7c6a58de5188801218b01dd80c279d1e3b576e109082eef763fc

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 405426
cf-request-id: 0832f331f200004a9d0317a000000001
last-modified: Fri, 17 Jul 2020 14:43:30 GMT
server: cloudflare
etag: W/"113ad-5aaa42e3dbc64-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CGb03KmEBTeeQ8TCvMkv4Qwf%2ByEuxmS63%2Fnzm%2FI8oucgF7Lf%2FXt50yVijtHU6DazH1nsTDMMj67YZf3xe99qYFyO7vSAwwi0HLltRBMnYD1w1jKtfcNQXk9S2w%3D%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 61fe87c98fe44a9d-FRA
expires: Sat, 20 Feb 2021 21:11:51 GMT

GET
H2 200 custom.js Show response
scriptcult.com/template/apollo/js/ 3 KB
1 KB 18ms
12ms Script
application/javascript 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/js/custom.js
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68df2e56274e0fee3b1539dd6224e6c25b59b9571a45925be1927eff387737f0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 149181
cf-request-id: 0832f331f200004a9d4f34a000000001
last-modified: Fri, 17 Jul 2020 14:43:30 GMT
server: cloudflare
etag: W/"d49-5aaa42e38f9a3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hA4z1g%2BIYxchsa%2FHwXd3FjtoI8HM0EcE2u3sdzwQRLp8uHFLJfDplKKTf2sk%2B%2F2%2BkVqUCgy3y2NtFIcryyxHeTth6WjqRc%2BgDBl2E1KczK0rvNLiimzgm%2FSnYQ%3D%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 61fe87c98fe64a9d-FRA
expires: Tue, 23 Feb 2021 20:22:36 GMT

GET
H2 200 rating.js Show response
scriptcult.com/template/apollo/js/ 2 KB
977 B 22ms
16ms Script
application/javascript 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/js/rating.js
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e4198b73c21bb8594b6b0c38276bfcd2e8c23c55349bc5e700d8c5441023d0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 867424
cf-request-id: 0832f331f300004a9d44035000000001
last-modified: Fri, 17 Jul 2020 14:43:30 GMT
server: cloudflare
etag: W/"739-5aaa42e390943-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SEoz5lS%2F%2Bk6rSm8s%2BhaAxDueM9rzWDLfT%2Bv7D6JeMxBLd16qdqIjYlBQTfKdAGvlTHoD7MYniiRlZQiKHXmepl%2FDqR%2BHXnyjNyW%2FZdjf%2FOqYvRcEZLwOot8Epw%3D%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 61fe87c98fe74a9d-FRA
expires: Mon, 15 Feb 2021 12:51:53 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
2 KB 37ms
18ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 665356
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 975
cf-request-id: 0832f33203000016e67b1f1000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bqqbwcg6NseMDDKWYQveg6bdNWY6knI1O4tiWInrwENQJ0kjGIqWEhVSQLf%2FwYNNoREFWuxqxWK9UVroVlRgE2fnfEbREkIwTNg0ydsy%2FBJkkrVwfauphNnbwKxOdQupmw%3D%3D"}],"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61fe87c9988916e6-FRA
expires: Tue, 01 Feb 2022 13:48:57 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
6 KB 38ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3079024
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5978
cf-request-id: 0832f33203000016e6c18af000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a94EjUV9rncVzqNAYhEbzq4HfAA2NfCaA%2BuNApDSD8alT66pc15I8BaIfiD%2FZpszH62xz7qSB09nFXb1cEZaVvEhfOQyKrVv5yMN4gLaRGBPwOaP%2BDPaawib32gHlE2NqQ%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61fe87c9988b16e6-FRA
expires: Tue, 01 Feb 2022 13:48:57 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/ 292 KB
75 KB 52ms
17ms Script
application/javascript 2600:9000:21f3:4200:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e449d248406346ec2914e2020d8a8a9118cb5ad03cbf38467691ad1a275c3d9

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:05:00 GMT
content-encoding: gzip
last-modified: Fri, 29 Jan 2021 13:56:06 GMT
server: AmazonS3
age: 2638
etag: W/"758c2afcc9291cff24b599776e1676bf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: bWwhofomhkeo8FqrYlA3OcKvqgc3vI5wkJPGJjgvkSvpjQ0ql4lOFw==

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
65 KB 48ms
48ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

48d094d17a280b08d4f255b65ce2a4355863e26d8c4a09f903a014f7905fd1f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: br
last-modified: Thu, 11 Feb 2021 12:53:31 GMT
etag: "602528cb-1010e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65806
expires: Thu, 11 Feb 2021 14:48:57 GMT

GET
H2 200 1942 Show response
na.nawpush.com/tags/ 158 B
297 B 48ms
16ms XHR
application/json 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1942
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: d217373cd3bc0c293b6171d72c4751f2eaa02d6efc32449fdec795da007759cd

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Feb 2021 13:48:57 GMT
cache-control: max-age=300, public
server: nginx/1.18.0
content-type: application/json
x-proxy-cache: HIT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
scriptcult.com/template/apollo/css/ 22 KB
23 KB 31ms
11ms Font
application/octet-stream 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064

Request headers

Origin: https://iw.scriptcult.com
Referer: https://scriptcult.com/template/apollo/css/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 336596
content-length: 22820
cf-request-id: 0832f3320500004a6ef9068000000001
last-modified: Fri, 17 Jul 2020 14:43:28 GMT
server: cloudflare
etag: "5924-5aaa42e1dc0e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YMIo4sG11xDGHIqyHxmTjYGvSOf%2BrWCU33FxdGZQe7NvkSqKFZ6eX4wCSGs7df7QBF7CEz8DepW5b9q5Vmi7yOeK7UXkoCmIf%2F8fwEwcng5ruDEGYEZQZo%2Fj%2BA%3D%3D"}]}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 61fe87c9a8b54a6e-FRA
expires: Sun, 14 Feb 2021 16:19:01 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
scriptcult.com/template/apollo/css/ 23 KB
23 KB 33ms
14ms Font
application/octet-stream 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/S6uyw4BMUTPHjx4wXg.woff2
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b

Request headers

Origin: https://iw.scriptcult.com
Referer: https://scriptcult.com/template/apollo/css/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 261502
content-length: 23316
cf-request-id: 0832f3320500004a6e881c3000000001
last-modified: Fri, 17 Jul 2020 14:43:27 GMT
server: cloudflare
etag: "5b14-5aaa42e1331c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kJe9mYN9K65nhT5UMz7THRUz40zkGGqx6bNCjSN7%2Bha61JYZIPCg5dvTG%2FCGkmpZ4Rkl%2FQLf9eDuiwp5WvFDgDGKLXwd51ddm67awS%2FLG%2BmkVIaGh9ERwwTF1A%3D%3D"}]}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 61fe87c9a8b84a6e-FRA
expires: Mon, 15 Feb 2021 13:10:35 GMT

GET
H2 200 ionicons.ttf
scriptcult.com/template/apollo/css/ 184 KB
102 KB 42ms
22ms Font
application/font-sfnt 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/ionicons.ttf
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/1506626470index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Origin: https://iw.scriptcult.com
Referer: https://scriptcult.com/template/apollo/css/1506626470index.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 336596
cf-request-id: 0832f3320500004a6ed6198000000001
last-modified: Fri, 17 Jul 2020 14:43:27 GMT
server: cloudflare
etag: W/"2e05c-5aaa42e10535f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NSzG4d7d%2B5vAftqVIBhOFL0YIpAt0AsNewRT%2F1VZzLO952aIpWGe5JVNRiWJ1NhrHlO8HM0RjbH%2FLlWEbyeSsheCEiAME17U9Z%2BFXDTyndAbOdqPEfI0Sh4huw%3D%3D"}]}
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 61fe87c9a8b74a6e-FRA
expires: Sun, 14 Feb 2021 16:19:01 GMT

GET
H2 200 TK3hWkUHHAIjg75-xhsTus9C.woff2
scriptcult.com/template/apollo/css/ 15 KB
16 KB 19ms
13ms Font
application/octet-stream 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/TK3hWkUHHAIjg75-xhsTus9C.woff2
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b18bae2e16647bca7a1913343f21a0217cd053203396ba96cc1093fa51dd648f

Request headers

Origin: https://iw.scriptcult.com
Referer: https://scriptcult.com/template/apollo/css/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 336596
content-length: 15604
cf-request-id: 0832f3320700004a6e77868000000001
last-modified: Fri, 17 Jul 2020 14:43:28 GMT
server: cloudflare
etag: "3cf4-5aaa42e1a7520"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8UbfZzHPbU8FUm5Tpx7eIhX8Sx0D7eF%2FFClwB81g8GDf3kGDR3Kkv1MvzGEdBe0RntFHbSRSGFPc%2F2osmajELVKoHODjX%2FQ7sVEFZflDjMd06gHwWiA0RNJRlg%3D%3D"}]}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 61fe87c9a8bf4a6e-FRA
expires: Sun, 14 Feb 2021 16:19:01 GMT

GET
H2 200 csub.js Show response
sw.swwpush.com/npc/sdk/wpu/ 6 KB
3 KB 60ms
15ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sw.swwpush.com/npc/sdk/wpu/csub.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.1 / PHP/7.1.28
Resource Hash: 9f92f5d3c3f75e395fcffc9034ae122b876e1c1f3e2cd1e2961075e1eb494b1d

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.1.28
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 11 Feb 2021 14:48:57 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/ 226 KB
86 KB 84ms
70ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

094eb70f761bc25fd6594b69e51efffc9b5430cfaad125f2e82bfd4009895f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86814
x-xss-protection: 0
server: cafe
etag: 8889400180175641948
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Feb 2021 13:48:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/ Frame B72B 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210208/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iw.scriptcult.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iw.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 11 Feb 2021 06:00:57 GMT
expires: Thu, 25 Feb 2021 06:00:57 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 28080
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 TK3hWkUHHAIjg75-ohoTus9C.woff2
scriptcult.com/template/apollo/css/ 15 KB
16 KB 403ms
401ms Font
application/octet-stream 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/TK3hWkUHHAIjg75-ohoTus9C.woff2
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d83e7cda3ff6c3ffe85ec390da052257d18df60dca9751dac386d1994f76029

Request headers

Origin: https://iw.scriptcult.com
Referer: https://scriptcult.com/template/apollo/css/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 15544
cf-request-id: 0832f3327600004a6e791fa000000001
last-modified: Fri, 17 Jul 2020 14:43:28 GMT
server: cloudflare
etag: "3cb8-5aaa42e18a060"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RSaJ2hbd%2BIjMBExh8lZNzhfsbvjOh10Whu1PMY5Kf8Y2vyP%2BywoogyhHMggNRvJh54Zm7m1eXxrMsG9UJZvj%2FOhHUZZz%2BiUXtZ26Ce%2FmlFEzg4om54sEgD07aQ%3D%3D"}]}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 61fe87ca5a5a4a6e-FRA
expires: Thu, 18 Feb 2021 13:48:57 GMT

GET
H2 200 no_image.png
scriptcult.com/template/apollo/img/ 19 KB
20 KB 377ms
373ms Image
image/png 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/template/apollo/img/no_image.png
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f45e9f43c5cec8cde9238c440a29f8d772009241c4be750fcca370283b055a

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 19727
cf-request-id: 0832f3329a00004a9de7a65000000001
last-modified: Fri, 17 Jul 2020 14:43:30 GMT
server: cloudflare
etag: "4d0f-5aaa42e350203"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mXQ2QAXw8tMYBmFYncUFzpYchdmOYCGtxO5w66u8c7FlunQptMsBqIE1sIfJVcmznA1MoGbJPTu56qL50hxVuVPakM2OUBgBosJU0wraqAOlYMFGIJeUql8Qzw%3D%3D"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 61fe87ca8a934a9d-FRA
expires: Fri, 11 Feb 2022 13:48:57 GMT

GET
H2 404 footer.jpg
scriptcult.com/template/apollo/css/ 0
0 357ms
356ms Image
text/html 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/template/apollo/css/footer.jpg
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/1506626470index_001.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://scriptcult.com/template/apollo/css/1506626470index_001.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 loading.gif
scriptcult.com/template/apollo/css/ 0
0 338ms
338ms Image
text/html 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/template/apollo/css/loading.gif
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/1506626470index_001.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://scriptcult.com/template/apollo/css/1506626470index_001.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 close.png
scriptcult.com/template/apollo/css/ 0
0 339ms
339ms Image
text/html 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scriptcult.com/template/apollo/css/close.png
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/1506626470index_001.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://scriptcult.com/template/apollo/css/1506626470index_001.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
scriptcult.com/template/apollo/css/ 22 KB
22 KB 11ms
10ms Font
application/octet-stream 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scriptcult.com/template/apollo/css/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by: Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abde463ef27458713d91e9be883fdd389298ef57411b601cab5f66db609c508d

Request headers

Origin: https://iw.scriptcult.com
Referer: https://scriptcult.com/template/apollo/css/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 336596
content-length: 22352
cf-request-id: 0832f332cc00004a6ead28a000000001
last-modified: Fri, 17 Jul 2020 14:43:27 GMT
server: cloudflare
etag: "5750-5aaa42e138f80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p7lDUorSS%2BxODwWUe8Vhqn6DkHteRbwNgrrdW8PQNbQ1xZxFo5IgMjhQUQzuoATjTaVF4OZzkXsRCTyKpqFd7JihNjYfIyjQvn4sTftqpq3Hif2%2B%2FtDDR%2FF70A%3D%3D"}]}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 61fe87cadbb14a6e-FRA
expires: Sun, 14 Feb 2021 16:19:01 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/53505307/
Redirect Chain

https://mc.yandex.ru/watch/53505307?wmode=7&page-url=https%3A%2F%2Fiw.scriptcult.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.ru/watch/53505307/1?wmode=7&page-url=https%3A%2F%2Fiw.scriptcult.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%...

186 B
268 B

54ms
54ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/53505307/1?wmode=7&page-url=https%3A%2F%2Fiw.scriptcult.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A415%3Acn%3A1%3Adp%3A0%3Als%3A406652499586%3Ahid%3A376812453%3Az%3A60%3Ai%3A20210211144857%3Aet%3A1613051337%3Ac%3A1%3Arn%3A930597346%3Arqn%3A1%3Au%3A1613051337704790166%3Aw%3A1585x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Antf%3A1%3Ans%3A1613051336693%3Awv%3A2%3Ads%3A14%2C18%2C389%2C1%2C0%2C0%2C%2C287%2C27%2C%2C%2C%2C712%3Adsn%3A14%2C17%2C389%2C1%2C0%2C0%2C%2C290%2C27%2C%2C%2C%2C712%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613051338%3At%3A%D7%9E%D7%A1%D7%93%20%D7%A9%D7%9C%20%D7%A1%D7%99%D7%95%D7%9E%D7%95%D7%AA%20%D7%A7%D7%91%D7%A6%D7%99%D7%9D%20-%20scriptcult

Requested by

Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6575bfbd2c01b943d8812dc369d193bf52af33c2332d932f8f9d7d038b49bbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 13:48:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 11-Feb-2021 13:48:57 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://iw.scriptcult.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Thu, 11-Feb-2021 13:48:57 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Feb 2021 13:48:57 GMT
last-modified: Thu, 11-Feb-2021 13:48:57 GMT
location: /watch/53505307/1?wmode=7&page-url=https%3A%2F%2Fiw.scriptcult.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A415%3Acn%3A1%3Adp%3A0%3Als%3A406652499586%3Ahid%3A376812453%3Az%3A60%3Ai%3A20210211144857%3Aet%3A1613051337%3Ac%3A1%3Arn%3A930597346%3Arqn%3A1%3Au%3A1613051337704790166%3Aw%3A1585x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Antf%3A1%3Ans%3A1613051336693%3Awv%3A2%3Ads%3A14%2C18%2C389%2C1%2C0%2C0%2C%2C287%2C27%2C%2C%2C%2C712%3Adsn%3A14%2C17%2C389%2C1%2C0%2C0%2C%2C290%2C27%2C%2C%2C%2C712%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613051338%3At%3A%D7%9E%D7%A1%D7%93%20%D7%A9%D7%9C%20%D7%A1%D7%99%D7%95%D7%9E%D7%95%D7%AA%20%D7%A7%D7%91%D7%A6%D7%99%D7%9D%20-%20scriptcult
strict-transport-security: max-age=31536000
access-control-allow-origin: https://iw.scriptcult.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 11-Feb-2021 13:48:57 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
640 B 64ms
41ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=iw.scriptcult.com&callback=_gfp_s_&client=ca-pub-2173063720940886

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6b76f055ffd19f7dbe99c2de5e28c4d6bdc5fb6cf7fa35c93541510905a4d128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 49ms
29ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=iw.scriptcult.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 48ms
28ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=iw.scriptcult.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A064 117 KB
28 KB 318ms
317ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&adk=1812271804&adf=3025194257&lmt=1613051337&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fiw.scriptcult.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613051337266&bpp=10&bdt=148&idt=249&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5100243476281&frm=20&pv=2&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=265

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d9e5335fda29fbdeda489c5b0045b3c6fc73002a79885b1e8f04edfbefda76f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&adk=1812271804&adf=3025194257&lmt=1613051337&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fiw.scriptcult.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613051337266&bpp=10&bdt=148&idt=249&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5100243476281&frm=20&pv=2&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=265
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iw.scriptcult.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iw.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Feb 2021 13:48:57 GMT
server: cafe
content-length: 28511
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 11-Feb-2021 14:03:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Feb 2021 13:48:57 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960672666234"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28344
x-xss-protection: 0
expires: Thu, 11 Feb 2021 13:48:57 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 47ms
47ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
last-modified: Thu, 11 Feb 2021 12:53:31 GMT
etag: "602528cb-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 11 Feb 2021 14:48:57 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 91AB 26 KB
6 KB 126ms
125ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=90&slotname=2664236338&adk=3084258116&adf=2509594431&pi=t.ma~as.2664236338&w=1170&fwrn=4&lmt=1613051337&rafmt=10&psa=0&format=1170x90_0ads_al&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1613051337277&bpp=12&bdt=159&idt=282&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=158&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lJnsJ2nrx8&p=https%3A//iw.scriptcult.com&dtd=289

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a100338e73985c7fae21da649f9484873f7c2a943a1a2641854e7d4aaac2191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=90&slotname=2664236338&adk=3084258116&adf=2509594431&pi=t.ma~as.2664236338&w=1170&fwrn=4&lmt=1613051337&rafmt=10&psa=0&format=1170x90_0ads_al&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1613051337277&bpp=12&bdt=159&idt=282&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=158&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lJnsJ2nrx8&p=https%3A//iw.scriptcult.com&dtd=289
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iw.scriptcult.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iw.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Feb 2021 13:48:57 GMT
server: cafe
content-length: 6124
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 11-Feb-2021 14:03:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Feb 2021 13:48:57 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D9DB 405 B
234 B 298ms
297ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1613051337&psa=0&format=336x280&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&wgl=1&dt=1613051337309&bpp=1&bdt=190&idt=271&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x90_0ads_al&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=798&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2IfS9I1Y9r&p=https%3A//iw.scriptcult.com&dtd=274

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3213312db0c8d0b93e68604e99a1c7229afc9c73e7e43178401b67c28ff2d5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1613051337&psa=0&format=336x280&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&wgl=1&dt=1613051337309&bpp=1&bdt=190&idt=271&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x90_0ads_al&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=798&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2IfS9I1Y9r&p=https%3A//iw.scriptcult.com&dtd=274
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iw.scriptcult.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iw.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Feb 2021 13:48:57 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 11-Feb-2021 14:03:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Feb 2021 13:48:57 GMT
cache-control: private

GET
H/1.1 200
OK / Show response
stat.optad360.mgr.consensu.org/ 20 B
286 B 53ms
20ms XHR
text/html 18.196.233.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.optad360.mgr.consensu.org/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.196.233.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b34c67107f1b7dd18c382366913a00a08956cc138ebed347df972e81b56ce299

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Feb 2021 13:48:57 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 57 KB
19 KB 38ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

244d4344bddedf363a331724616d6c7b52917066ec9c849d5c9ba4c4888c8928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "780 / 543 of 1000 / last-modified: 1613045578"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19530
x-xss-protection: 0
expires: Thu, 11 Feb 2021 13:48:57 GMT

GET
H2 200 prebid4.15.0.js Show response
get.optad360.io/sf/ 401 KB
402 KB 7ms
6ms Script
application/javascript 2600:9000:21f3:4200:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.15.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 080c618e121a4005b2e1c1cb9171d9c3855f5e57638110c7cbc2adb2f124e7a6

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 18:01:06 GMT
via: 1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
last-modified: Mon, 09 Nov 2020 10:05:07 GMT
server: AmazonS3
age: 6637672
etag: "02a3519810a609b01c46f219622d8b26"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 411000
x-amz-cf-id: ekx3hz1xpQULZFngWIab_u8S6W_5qHsCh1nXB7iQfupPTSYxCLqq8Q==

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F6FA 405 B
232 B 179ms
178ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=2486770818&adf=2888644172&pi=t.ma~as.4250642565&w=336&lmt=1613051337&psa=0&format=336x280&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&wgl=1&dt=1613051337351&bpp=1&bdt=233&idt=243&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x90_0ads_al%2C336x280&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=3749&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3lxNZHgSG4&p=https%3A//iw.scriptcult.com&dtd=246

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c87e61e4c48886783b9652bd35d06c85b55abccf9dc3e06a0ccc5fd60208f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=2486770818&adf=2888644172&pi=t.ma~as.4250642565&w=336&lmt=1613051337&psa=0&format=336x280&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&wgl=1&dt=1613051337351&bpp=1&bdt=233&idt=243&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x90_0ads_al%2C336x280&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=3749&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3lxNZHgSG4&p=https%3A//iw.scriptcult.com&dtd=246
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iw.scriptcult.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iw.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Feb 2021 13:48:57 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 11-Feb-2021 14:03:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Feb 2021 13:48:57 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1517 405 B
231 B 258ms
257ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=2469204067&pi=t.ma~as.4250642565&w=336&lmt=1613051337&psa=0&format=336x280&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&wgl=1&dt=1613051337352&bpp=1&bdt=234&idt=274&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x90_0ads_al%2C336x280%2C336x280&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=798&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=YhKggdWgFu&p=https%3A//iw.scriptcult.com&dtd=281

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e5660d5d1c301af4c02382000c21c7d0f2bae4a6d8f9b65bc97f4a5edc6ed3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=2469204067&pi=t.ma~as.4250642565&w=336&lmt=1613051337&psa=0&format=336x280&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&wgl=1&dt=1613051337352&bpp=1&bdt=234&idt=274&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x90_0ads_al%2C336x280%2C336x280&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=798&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=YhKggdWgFu&p=https%3A//iw.scriptcult.com&dtd=281
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iw.scriptcult.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iw.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Feb 2021 13:48:57 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 11-Feb-2021 14:03:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Feb 2021 13:48:57 GMT
cache-control: private

GET
H2 200 1 Show response
ymetrica1.com/watch/3/ 43 B
372 B 162ms
53ms XHR
image/gif 149.5.244.2
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://ymetrica1.com/watch/3/1?

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.5.244.2 Helsinki, Finland, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 13:48:57 GMT
last-modified: Thu, 11-Feb-2021 13:48:57 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://iw.scriptcult.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Feb-2021 13:48:57 GMT

GET
H3-Q050 200 pubads_impl_2021021001.js Show response
securepubads.g.doubleclick.net/gpt/ 288 KB
101 KB 44ms
29ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060132

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

c11fb9ac4922e75ae9e0a017f41ae36febd8a185834b7bb608e9049ebe68da62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 15:07:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103470
x-xss-protection: 0
expires: Thu, 11 Feb 2021 13:48:57 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 21ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210211

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c099f9dbd2a5da5e753052f1bd62321e8b036dbc8a041491d13d590aa78ed2af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 10180
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 762
etag: W/"539-43FpgL9v6ZRmVTouoVUIQkscMoQ"
x-served-by: cache-fra19148-FRA, cache-hhn4020-HHN
date: Thu, 11 Feb 2021 13:48:57 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ Frame 91AB 4 KB
739 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=90&slotname=2664236338&adk=3084258116&adf=2509594431&pi=t.ma~as.2664236338&w=1170&fwrn=4&lmt=1613051337&rafmt=10&psa=0&format=1170x90_0ads_al&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1613051337277&bpp=12&bdt=159&idt=282&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=158&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lJnsJ2nrx8&p=https%3A//iw.scriptcult.com&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dac82c181db29f567f8c6a98cb9dfc7cede1f4972031d27e374eb50cb6c23b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=90&slotname=2664236338&adk=3084258116&adf=2509594431&pi=t.ma~as.2664236338&w=1170&fwrn=4&lmt=1613051337&rafmt=10&psa=0&format=1170x90_0ads_al&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1613051337277&bpp=12&bdt=159&idt=282&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=158&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lJnsJ2nrx8&p=https%3A//iw.scriptcult.com&dtd=289
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 12:15:39 GMT
server: ESF
date: Thu, 11 Feb 2021 13:48:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Feb 2021 13:48:57 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/ Frame 91AB 18 KB
8 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbf21d644eb606c170f9b814332ded340aeb17e70b94af6d4816a146ae8342a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=90&slotname=2664236338&adk=3084258116&adf=2509594431&pi=t.ma~as.2664236338&w=1170&fwrn=4&lmt=1613051337&rafmt=10&psa=0&format=1170x90_0ads_al&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1613051337277&bpp=12&bdt=159&idt=282&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=158&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lJnsJ2nrx8&p=https%3A//iw.scriptcult.com&dtd=289
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 13709262462862093242
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 13:11:56 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91AB 107 KB
33 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=90&slotname=2664236338&adk=3084258116&adf=2509594431&pi=t.ma~as.2664236338&w=1170&fwrn=4&lmt=1613051337&rafmt=10&psa=0&format=1170x90_0ads_al&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1613051337277&bpp=12&bdt=159&idt=282&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=158&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lJnsJ2nrx8&p=https%3A//iw.scriptcult.com&dtd=289
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Thu, 11 Feb 2021 13:48:57 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
12 KB 258ms
257ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1636676611846680&correlator=1724644161349680&output=ldjh&impl=fif&adsid=NT&eid=21068773%2C21068891%2C21069822%2C31060132%2C31060010&vrg=2021021001&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210211&iu_parts=121764058%2Cstrephonsays.com_1st_group_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&cookie=ID%3D44b63a7b744e721b-221564776cba00e3%3AT%3D1613051337%3ART%3D1613051337%3AS%3DALNI_MYFiBvmOO2T92EkP2vwed_o39_nwA&bc=31&abxe=1&lmt=1613051337&dt=1613051337737&dlt=1613051337118&idt=605&frm=20&biw=1585&bih=1200&oid=3&adxs=443&adys=1100&adks=1240599507&ucis=1&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiw.scriptcult.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=700x-1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&fws=640&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060132

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

954d5ccf9602555b5c547edd8ddb2fa2eb3d9fe631a0df8acd10b5615dab3c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12054
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://iw.scriptcult.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
602e180f00a6d35d41c7f334e94429a4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 63ms
14ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://602e180f00a6d35d41c7f334e94429a4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060132
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 35ms
20ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060132
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 91AB 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 552198
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:39 GMT

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/ 141 KB
51 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fcd3dd3a7638080dc4eccb4dc2547fc70f1213029b2727495bc45067a42586f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52019
x-xss-protection: 0
server: cafe
etag: 18388692917184113558
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Feb 2021 13:48:57 GMT

GET
H3-Q050 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/ Frame C7A5 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iw.scriptcult.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iw.scriptcult.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 11 Feb 2021 06:17:01 GMT
expires: Thu, 25 Feb 2021 06:17:01 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 27116
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame C7A5 2 KB
608 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 12:14:40 GMT
server: ESF
date: Thu, 11 Feb 2021 13:48:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Feb 2021 13:48:57 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C7A5 205 B
350 B 6ms
5ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 20:03:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 150318
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
expires: Wed, 09 Feb 2022 20:03:39 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C7A5 604 B
694 B 7ms
6ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 17:21:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 246454
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
expires: Tue, 08 Feb 2022 17:21:23 GMT

GET
H3-Q050 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/elements/html/ Frame C7A5 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1286948d89eb1a7ebcd9b2d9feca7ec2baf391a57131754375142e2d50d4130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7193
x-xss-protection: 0
server: cafe
etag: 14548608182166414779
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 11:03:34 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 38B0 3 KB
607 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 12:16:36 GMT
server: ESF
date: Thu, 11 Feb 2021 13:48:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Feb 2021 13:48:57 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 38B0 2 KB
992 B 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 13:08:42 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/ Frame 38B0 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbf21d644eb606c170f9b814332ded340aeb17e70b94af6d4816a146ae8342a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 13709262462862093242
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 13:11:56 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 38B0 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 13:11:01 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 38B0 107 KB
33 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Thu, 11 Feb 2021 13:48:57 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 38B0 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 12:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 12:50:52 GMT

GET
H3-Q050 200 f39ec1586bd36f0603e16664b9cc775d.js Show response
www.gstatic.com/mysidia/ Frame 38B0 25 KB
11 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f39ec1586bd36f0603e16664b9cc775d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92cea13927f23ea44ef028e531d5fbef3be60d7211fbbf843bc430bf437a870b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 15:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Feb 2021 08:19:09 GMT
server: sffe
age: 79517
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10792
x-xss-protection: 0
expires: Tue, 11 May 2021 15:43:41 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2DF3 143 B
216 B 8ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Feb 2021 13:25:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1381
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame E8CE 180 KB
51 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 525597
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Fri, 05 Feb 2021 11:49:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 11:49:01 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E8CE 13 KB
5 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79526
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E8CE 90 KB
27 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 525626
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Fri, 05 Feb 2021 11:48:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 11:48:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E8CE 3 KB
1 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79538
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:20 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E8CE 41 KB
13 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 79556
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:02 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame E8CE 6 KB
747 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021001.js?31060132

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 12:10:34 GMT
server: ESF
date: Thu, 11 Feb 2021 13:48:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Feb 2021 13:48:58 GMT

GET
H3-Q050 200 6592766407814317453
tpc.googlesyndication.com/simgad/15071693819014404922/ Frame E8CE 19 KB
19 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15071693819014404922/6592766407814317453

Requested by

Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be81acd5abe934f39b46369bb723e4095da95207802306034af540cedcf5a55e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 16:48:25 GMT
x-content-type-options: nosniff
age: 421233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19021
x-xss-protection: 0
last-modified: Sat, 30 Jan 2021 12:24:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Feb 2022 16:48:25 GMT

GET
H3-Q050 404 downsize_200k_v1
tpc.googlesyndication.com/simgad/15959970809868918569/ Frame E8CE 43 B
136 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15959970809868918569/downsize_200k_v1?w=100&h=100

Requested by

Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:58 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Thu, 11 Feb 2021 13:48:58 GMT

GET
DATA 200
OK truncated
/ Frame E8CE 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E8CE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b94af15b91ae56f9280496fa369753a504c58324614ecfeb54cd7484e4ca64ac

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E8CE 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/iw.png

Requested by

Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 03:21:33 GMT
x-content-type-options: nosniff
server: cafe
age: 37645
etag: 415739381108731362
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2712
x-xss-protection: 0
expires: Fri, 12 Feb 2021 03:21:33 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E8CE 344 B
439 B 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 09:04:24 GMT
x-content-type-options: nosniff
server: cafe
age: 17074
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 12 Feb 2021 09:04:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E8CE 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqAjz6T0pRHZ2cO-qR7xFbwZA9kWnM8qUgnZKRkQdJl2CQUMWhtZRel_fFqoM0PB4FOpfsXgKgg1qMGUuEooRGKbV8Zg
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E8CE 0
0 45ms
44ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTfi8yTUlYKHJL9nm3wPKvJm4B9rnr6FhmKacweoMp-rTga4JEAEgqoDDImCV-vCBjAegAaqZmekCyAEJqQKvyb6ISFe0PuACAKgDAcgDCqoE2QFP0Ay-MmUASscOkV0U3RdXvHgUzWrOLHd1VaGWS-GES0PILzLwwXygs4nZLLAwS7Q98CQm8FFlSmgfIq5zzIaWCcRZHbqUgJOOG-ARcninNrJJfcRgi85SohxsRYCT1gmYK2PFDsFk3qJsq9vSSzBKK7CFupiUfduZ7-YSITDzzCTSerOC_t-Uq9NhBBE8eHy8MqlIWgPNzs9R1ZaAZRkehpzehvbk--7WpwgHUGB0cyMaIyfC4mBWWdQ8nwX2_QZtAL9Lsv3xklgaTKxChvUUlLcpf-30AJx9wAT41Ia7tgPgBAGgBi6AB77m5pYBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEP-4CNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA8gLAdgTA4gUA7IXGgoYCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3&sigh=VhnYA0Oe2gc&template_id=484&tpd=AGWhJmuvbut-ijcPYhHkJ8rabglsf9Tmwb89n-gEbiTM3KePeQ
Requested by: Host: iw.scriptcult.com
URL: https://iw.scriptcult.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2DF3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
158 B

39ms
39ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkILbFxK3jUveExeGPhpO4_bdrB97jUzEAiI5YMY0LhVIfwRJ3icndfH_6sNhE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Feb 2021 13:48:58 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 11-Feb-2021 14:48:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Feb 2021 13:48:58 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Feb 2021 13:48:58 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E8CE 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://iw.scriptcult.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:18:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 16246
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 11 Feb 2022 09:18:12 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E8CE 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://iw.scriptcult.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 08:43:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 104738
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 10 Feb 2022 08:43:20 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 59ms
45ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210208&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22927c706d4465e82952f8a240a27be7c36264146d30fea3526e3ed03949ad44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 13:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0

GET
H3-Q050 200 iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E8CE 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/iw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 03:21:33 GMT
x-content-type-options: nosniff
server: cafe
age: 37645
etag: 415739381108731362
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2712
x-xss-protection: 0
expires: Fri, 12 Feb 2021 03:21:33 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E8CE 344 B
370 B 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 09:04:24 GMT
x-content-type-options: nosniff
server: cafe
age: 17074
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 12 Feb 2021 09:04:24 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 11 Feb 2021 13:48:58 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame FFC5 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iw.scriptcult.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iw.scriptcult.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 11 Feb 2021 12:39:54 GMT
expires: Fri, 11 Feb 2022 12:39:54 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4144
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js Show response
pagead2.googlesyndication.com/bg/ Frame FFC5 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b4edda70a71de2b19878a52816579a74872cd05897d2b1ef46a92b06665f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 12:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 4264
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6263
x-xss-protection: 0
expires: Fri, 11 Feb 2022 12:37:54 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
86 B 41ms
40ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210208&jk=1636676611846680&bg=!r6ylrO_NAAWP4B5EjzsAKQB2-DxaIMdpNMA2F5Eumg7TdDGNTzkLk4Xw91UrY1lzpVprfFCLoN6SAgAAAIpSAAAAE2gBBwoBLiokEXxK1RgHlMFqmVRF--3GuAokOD91En1va4i0aKIaE2j7ZhGciOVbzY9dTg3QzoRF0ggXNVttkr9gz4N4Y2WJfNg3mqVGCQMGlOUtTJM5yk_8EdDUwOUPQdygvMD4yieQpU7hDZ3cX51zg6hUD7WRgYdBEyVao8efN13u6krg-Y5qSppg2J8J8Lfuqhcaxsd272iKhNDAc0pLpWvmUpWClovmuySND6K71yecG1CnK73hpza4R-E_H78g57OpB5jKs-8zOQjgO2hX2gqtDrorKiNF5qEvT27yi07r9nFIEYHHpqqVaZiokCFLikvtvNU6oZnwQU-U49V4jIkaiHhj2zPOhkU_Lw2rV-95xEqnyyd02zOod_51hLqapZqaGsvcUq2rv-fgt8QBLoL3mQHpEo9QnCtmDryips6InEMC9DZZAHEkhj_8cVcsrRm5ArbYrn4Ku-E_RgoYyIbkE4XTfJL6lnNMHCCTdh2XGzBNVdagbiTjRJkQfPgO71JK9tMKspAv5ylJcHNwiTuG4a8f6pTO8jFegSxSpuhyc159eaXnHUZrflMw1eWuU9foj-ehb50Cxl-5uQJTfImiP3ixY3cSUo4cpjwGrAD2Z_OxjEmHa-GkL32joYYSVUG2W5KCdcOrmXYLYH7xYq2c0Vbq7fi98AzHuFVd4yIlPskbP8fjlvtoDIRQAJKK4LuWbBUmONT2-_dZlr0j1j8GeQapKyM6KOr37SBFXZZ_8p8OOmLv-cQwVxt6NVxhjpG7Fa2zAfynna_sixw4eUq6a7avo5f8LEnjWE_ZEhf3PjwYmC7lzvWHxGrlbrmXlsK8hOb8rKfbdohV5Auu7nSlevNLNtLZk8zCtqG-AbgJLTXWfDUCmLjB6WSTnVtFpNZXw3I5hLpHxbEQvFr-S2nFSCXXvC8fZ8gwuT6k7QZr3ECgo6JR4yZztThR8t6ekeIKchrKeBzvGEsgEHXU7iuSjJVmTvq55MaHkIWC4-oTAWP9DCOBd-TpDTaQEdLIskjaq4H6yFcVfdxh1ZBtZreuIk6xA2TcK5EzBmWV

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 13:48:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optad360.js Show response
serving.stat-rock.com/player/ 301 KB
94 KB 48ms
17ms Script
application/javascript 78.140.185.34
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/optad360.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.34 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 19eeaf3e741a6f90e988fc827aba124a266606b63f8acfe89cccfe0a7dbd4ac5

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:58 GMT
content-encoding: gzip
last-modified: Tue, 09 Feb 2021 09:08:45 GMT
server: nginx
etag: W/"6022511d-4b286"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600

GET
H2 200 localstore.js Show response
script.4dex.io/ 450 B
997 B 29ms
14ms Script
application/javascript 2606:4700:e2::ac40:8620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8
x-amz-request-id: 877D9AAD9CA6FB33
x-amz-id-2: LBioGsBH6vFAf9XBQIRax6c2xaMDlbG82haaCjO53W9bbvmlbzq7sACOME0WK5RweL4Gg9LOHUY=
last-modified: Mon, 25 Jan 2021 12:11:36 GMT
server: cloudflare
etag: W/"bfa52622781c173885812009122c3f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UuR6zmaRemZbH0YgyxXhD0xGgarxiqysWBB9lci7jwXhZIFSRs%2Fuxop%2Fypqs0PH7OlJ8rSGPGpVhXTBY1zNUivTTdsdxXGTIt%2BxFvx%2FM7lqiSmiCDKlZqQvnsA%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-request-id: 0832f33775000005d4e1364000000001
cf-ray: 61fe87d25ea505d4-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 89ms
55ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ee888a53e5a69ee999edd38a06f0b8cb72bcfd4b596d79595ae5bf101857f01e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 13:48:58 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.44:80
AN-X-Request-Uuid: 86e0c4a1-2b41-4c79-b166-6191bd967f0a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://iw.scriptcult.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
450 B 156ms
89ms XHR
application/json 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTc2NDUxNiZ0cmFuc2FjdGlvbklkPTc1NGVhMTczLTUyMTItNDA0Ny05YjU3LWRkOTQzZDEyNGM5YSZyY3VyPVBMTg%3D%3D&pt=gross&stid=acd8f21d-980e-43ca-9ad3-c2bdab86b5e2&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 13:48:58 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://iw.scriptcult.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 adagio.js Show response
script.4dex.io/ 67 KB
20 KB 38ms
22ms Fetch
application/javascript 2606:4700:e2::ac40:8620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6ce79190f690c6164c6efff8247073447ba14cdfbf89c89b86891f76348aec0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:58 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 700
access-control-allow-methods: GET
x-amz-request-id: 6HCPAYET8H1XDP3W
x-amz-id-2: pmLcCCb1+2h4hbMDl8SlrJJVRWGFBnXH+X2hnPlVjy/37e9RBxaRGCPfIyZzZ2kbANrPPAeIdgs=
last-modified: Mon, 25 Jan 2021 12:11:34 GMT
server: cloudflare
etag: W/"25445972d651b58a86f284fc462a4ca7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jOYizqJ5B6DvxeAw0%2FFxth40klQgSP8pQcmsiUkjBx4BCcxsJetsvVYVn%2BK1hNW9ZLmV4VvWoXFarmkSJFRfzvXrMnmrh3XK1xIDG6oJH%2F%2B%2F952NYzLx4X0d%2FA%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-request-id: 0832f33795000032400b81c000000001
cf-ray: 61fe87d28d443240-FRA

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 91AB 42 B
132 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsud8BpF_-BhNrsOIV9UYMYHyVMFvtk4CqGYTtKdUnRi_s1mSit9nghTUiOuelMSIkSy4QtCkGFwUjq0g_b0RUAu1QPPPJIXQWd43bfM_Xq47fJX&sai=AMfl-YTXhhaiOwLRdpXqCdtsljp3DDRT9mVnP4oN1pNInOGEIECpnjsh2PaOt39gbweWSB3QnOxsT6ZshwEw&sig=Cg0ArKJSzA06zOFEPNApEAE&id=osdim&mcvt=1001&p=158,208,248,1378&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210210&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=5&adk=3084258116&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613051337567&dlt=129&rpt=47&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2173063720940886&output=html&h=90&slotname=2664236338&adk=3084258116&adf=2509594431&pi=t.ma~as.2664236338&w=1170&fwrn=4&lmt=1613051337&rafmt=10&psa=0&format=1170x90_0ads_al&url=https%3A%2F%2Fiw.scriptcult.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&dt=1613051337277&bpp=12&bdt=159&idt=282&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5100243476281&frm=20&pv=1&ga_vid=2105600308.1613051338&ga_sid=1613051338&ga_hid=1037841278&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=158&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44735932%2C21068769%2C21068893&oid=3&pvsid=1636676611846680&pem=978&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lJnsJ2nrx8&p=https%3A//iw.scriptcult.com&dtd=289
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 13:48:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
iw.scriptcult.com/ 48 KB
7 KB 281ms
280ms XHR
text/html 2606:4700:3035::6815:2196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iw.scriptcult.com/
Requested by: Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d97496d8f839940d07dc27ed5405dfde04ca2cef2d43d0ff20c6b6679c14bf7

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IE5HOOqMQu5mQRZycAO5F7kidFcNCApnM5G%2BdXPyMNUFLVihefB4PuWadPRhTeVWxkJV5GfVzCaiQftJe4BFiTMAVHf4Ufmfu39HvVlbGvG8%2FNrUb6xaqow%2Fl6qd5g%3D%3D"}]}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 61fe87d48a884a9d-FRA
cf-request-id: 0832f338d200004a9d3aa7a000000001
expires: Fri, 12 Feb 2021 13:48:59 GMT

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
175 B 68ms
33ms Image
image/gif 78.140.185.34
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1613051338915.0874&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fiw.scriptcult.com%2F&t=263&v=82&width=523&z=p%3Adf%3Bv%3AinView%3B&r=0.42706464461347826
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.34 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://iw.scriptcult.com
Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:59 GMT
server: nginx
srvb: 127.0.0.1:8082
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 78.140.185.34
content-length: 35

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
174 B 69ms
34ms Image
image/gif 78.140.185.34
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1613051338915.0874&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fiw.scriptcult.com%2F&t=271&v=82&width=523&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.7695612100776472
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.34 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://iw.scriptcult.com
Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:59 GMT
server: nginx
srvb: 127.0.0.1:8082
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 78.140.185.34
content-length: 35

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E8CE 0
0 44ms
43ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRShQyTUlYKHJL9nm3wPKvJm4B9rnr6FhmKacweoMp-rTga4JEAEgqoDDImCV-vCBjAegAaqZmekCyAEJqQKvyb6ISFe0PuACAKgDAaoE2QFP0Ay-MmUASscOkV0U3RdXvHgUzWrOLHd1VaGWS-GES0PILzLwwXygs4nZLLAwS7Q98CQm8FFlSmgfIq5zzIaWCcRZHbqUgJOOG-ARcninNrJJfcRgi85SohxsRYCT1gmYK2PFDsFk3qJsq9vSSzBKK7CFupiUfduZ7-YSITDzzCTSerOC_t-Uq9NhBBE8eHy8MqlIWgPNzs9R1ZaAZRkehpzehvbk--7WpwgHUGB0cyMaIyfC4mBWWdQ8nwX2_QZtAL9Lsv3xklgaTKxChvUUlLcpf-30AJx9wAT41Ia7tgPgBAGgBi6AB77m5pYBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEP-4CNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA8gLAdgTA4gUA7IXGgoYCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3&sigh=y4Gf5YgXNW8&vt=1&template_id=484
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E8CE 42 B
231 B 49ms
46ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnk3ODqeiLocyoY6cerY6SgtcSDC4wKQ0kV-M9hmyvpI4fllFNQz5eTbPqPwEykYvv2nVCMCaEEIczmr1PJnUZN4ynsgDZH4kej_OlNnuuZUNqH9rGY9mFadyPauTfoDWPh0FuO2_OuZqM7tyRdZlRSg&sai=AMfl-YQu4PF4qeNp46frAJJYwFn92SchrvLDmtgiVI4swJxbItxAYsw1Q37tzDai99vs73o0AkaVu21K2zi6zHffq0oRyirq2zXyJcJjeoFsuSod9_x2zSfhMikK1bw&sig=Cg0ArKJSzM6oK_xobQqhEAE&cid=CAASF-Ro3z9fwIJR4bXACV9jvKtz6WjJFuTW&id=ampim&o=308,1100&d=970,100&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=103&tls=1103&g=100&h=100&tt=1103&r=v&avms=ampa&adk=1240599507

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 13:48:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
174 B 40ms
39ms Image
image/gif 78.140.185.34
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1613051338915.0874&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fiw.scriptcult.com%2F&t=560&v=82&width=523&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.6295255827583199
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.34 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://iw.scriptcult.com
Referer: https://iw.scriptcult.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:48:59 GMT
server: nginx
srvb: 127.0.0.1:8082
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 78.140.185.34
content-length: 35

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 64B2 52 KB
17 KB 55ms
22ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://iw.scriptcult.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iw.scriptcult.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 05 Feb 2021 21:11:46 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 11 Feb 2021 13:49:01 GMT
Age: 59824
X-Served-By: cache-lga21954-LGA, cache-fra19158-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 266463
X-Timer: S1613051342.808896,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 64B2
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
816 B

16ms
16ms

Script
text/html

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 13:49:01 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.87:80
AN-X-Request-Uuid: 6a80c1e1-97c6-4c65-b16e-62e53346c6a4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 13:49:01 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.145:80
AN-X-Request-Uuid: b6cba878-19da-40a3-9931-815b33606f24
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 64B2 0
745 B 19ms
18ms Script
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/dmp/async_usersync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 13:49:02 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.155:80
AN-X-Request-Uuid: 9d0a681e-66ac-424b-ba04-8319d90b824f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:04:14	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 01:25:47	Name: IDE Value: AHWqTUkILbFxK3jUveExeGPhpO4_bdrB97jUzEAiI5YMY0LhVIfwRJ3icndfH_6sNhE
.scriptcult.com/	1970-01-20 01:25:47	Name: __gads Value: ID=44b63a7b744e721b:T=1613051337:S=ALNI_Ma8LV6ch-mhUx7ZfxIsdwDsaf7wcw
.scriptcult.com/	1970-01-19 16:05:23	Name: _ym_isad Value: 2
.scriptcult.com/	1970-01-20 00:49:47	Name: _ym_d Value: 1613051337
.scriptcult.com/	1970-01-20 00:49:47	Name: _ym_uid Value: 1613051337704790166
.scriptcult.com/	1970-01-19 16:47:23	Name: __cfduid Value: d72c0f36079eb72f58e92ac7e18202e4a1613051336

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://scriptcult.com/template/apollo/js/1506626470index.js(Line 10) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan version 1.3.0
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan run tag spots
console-api	info	URL: https://cst.cstwpush.com/static/adManager.js(Line 1) Message: %c [AdManager] - color:cyan init spot [object Object]
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://iw.scriptcult.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

602e180f00a6d35d41c7f334e94429a4.safeframe.googlesyndication.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
cst.cstwpush.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
ib.adnxs.com
iw.scriptcult.com
mc.yandex.ru
na.nawpush.com
pagead2.googlesyndication.com
partner.googleadservices.com
qualuru.biz
script.4dex.io
scriptcult.com
securepubads.g.doubleclick.net
serving.stat-rock.com
stat.optad360.mgr.consensu.org
sw.swwpush.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
ymetrica1.com
134.209.192.77
142.250.185.130
149.5.244.2
151.101.13.108
18.196.233.38
205.185.216.42
213.174.135.2
2600:9000:21f3:4200:11:a4de:2580:93a1
2606:4700:3035::6815:2196
2606:4700::6810:135e
2606:4700:e2::ac40:8620
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:82b::2004
2a02:6b8::1:119
2a04:4e42:1b::621
37.157.5.142
37.252.173.62
78.140.185.34
0191c226743a36ec6f98506eea95f1b82f57703aa565127e08c27eed84d528ad
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
080c618e121a4005b2e1c1cb9171d9c3855f5e57638110c7cbc2adb2f124e7a6
08d273e8e3c90ce664e7125c4f7ac248dca1aa1d3a17332337214372eb757246
094eb70f761bc25fd6594b69e51efffc9b5430cfaad125f2e82bfd4009895f43
0ce4bfeac909ea87a0078b24769b100b6e1801d9f6cd1d6671e539cf931e85a5
0d97496d8f839940d07dc27ed5405dfde04ca2cef2d43d0ff20c6b6679c14bf7
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1657924c0414f056a13eabc1ec5119419ef9dcff3828c98015ca7d798ba8043a
1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b
1759c7be725e88d3b517a94fa444f083fc24cc92e961c1f2d3ce4c8af1787fbf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1880a7efb9924a0501f556da0e5ec8f7e0b511313774352a5f4a19a6dda2cd2d
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
19eeaf3e741a6f90e988fc827aba124a266606b63f8acfe89cccfe0a7dbd4ac5
1b5fb211d28a4781b339cfded0f5bb2dcc357d003430aedc7e1f771c5f2abea5
1e615b92cacb8eaedb30ba967d9004c03fc6079e7f13789477513585ede097e9
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
22927c706d4465e82952f8a240a27be7c36264146d30fea3526e3ed03949ad44
22e4198b73c21bb8594b6b0c38276bfcd2e8c23c55349bc5e700d8c5441023d0
244d4344bddedf363a331724616d6c7b52917066ec9c849d5c9ba4c4888c8928
26f3bd48f4c40a95aec8e457ee458c94ba1431cfd99117b6e10d9e6fb5e85701
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2dac82c181db29f567f8c6a98cb9dfc7cede1f4972031d27e374eb50cb6c23b6
30e1b6892392a3cefea82a8b6dd1ae4c639a2f2071873e7b83dc8e0fd6cf6ca5
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e5660d5d1c301af4c02382000c21c7d0f2bae4a6d8f9b65bc97f4a5edc6ed3a
3fcd3dd3a7638080dc4eccb4dc2547fc70f1213029b2727495bc45067a42586f
418ce3b1f065a9e5a43119cd01229780b6c0a9b1dd4227fc831d5a8e3488f94b
43d0f3748c847a41c458be6f586816549d8827e6c578a1211ba73a32e2614b83
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
48d094d17a280b08d4f255b65ce2a4355863e26d8c4a09f903a014f7905fd1f7
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5018230bc803da921c5e52b4c9e13973754ca8819e302dfe47320decd606a335
51aad2bf1eb93ac143fb74c240d48afc5d46bcb6fdeb3a8cf1298c2830197dc9
51de53ac835a3e11b545be8454c808f1b4a655b1681b02b1db6b87f44ebf4257
52458a15977231c92c99313b43d0e17aef8fadeb65a829f4b14626522f79b454
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5a100338e73985c7fae21da649f9484873f7c2a943a1a2641854e7d4aaac2191
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c87e61e4c48886783b9652bd35d06c85b55abccf9dc3e06a0ccc5fd60208f5c
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e83b10a979cf64fbb1274990cc4e7aadde25ec952bd2834a12171101b785a9c
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
62b4edda70a71de2b19878a52816579a74872cd05897d2b1ef46a92b06665f6f
6575bfbd2c01b943d8812dc369d193bf52af33c2332d932f8f9d7d038b49bbd5
68df2e56274e0fee3b1539dd6224e6c25b59b9571a45925be1927eff387737f0
6b76f055ffd19f7dbe99c2de5e28c4d6bdc5fb6cf7fa35c93541510905a4d128
6ced2553d06bad9544117663b2a1c569fee2fda0801422fc22de9b1715e2ad2f
6cf450bec40451f23b83d906cca02c52cffef2f9794fbbb3d6b3d7159979d983
6d9e5335fda29fbdeda489c5b0045b3c6fc73002a79885b1e8f04edfbefda76f
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
76b220285ced3161f679c72a8024b449769d91b7960616bc38af956c00a4aa67
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7e449d248406346ec2914e2020d8a8a9118cb5ad03cbf38467691ad1a275c3d9
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8a1b959366ce4381b9a5ade27a6d733b66394e8b351ec51b48e030ba32d6da88
8bbf21d644eb606c170f9b814332ded340aeb17e70b94af6d4816a146ae8342a
90bdb518957e33978c6b3cdec766afcdd9c398953f90689be23cdbcc853bc5ea
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92cea13927f23ea44ef028e531d5fbef3be60d7211fbbf843bc430bf437a870b
954d5ccf9602555b5c547edd8ddb2fa2eb3d9fe631a0df8acd10b5615dab3c6a
9667cceb344eb1398186d8b2d4e5a3f8d1ee744f4cb8c5613ce962d5a52af553
96c494112ebb540b2b00c6f0224c1dc89ea230abdf6b6c6625cc51fd347c4033
977f9d84ac3f66532873c417ec9a2f717f3256c1856abd0bb0c74b33eaccdbc5
9869bf438dbcd2a903641f06be294fbfcef531fcf79f2608512ad8dc291b902f
99f45e9f43c5cec8cde9238c440a29f8d772009241c4be750fcca370283b055a
9a61e116b3b761378e1846301bfc67bf58c43ab8c3a9b32d147640081affa092
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
9d57598595e00e602b2e7a027ffbb13a5b644f29aea5fbabaa99d8bfcca9643e
9d83e7cda3ff6c3ffe85ec390da052257d18df60dca9751dac386d1994f76029
9f92f5d3c3f75e395fcffc9034ae122b876e1c1f3e2cd1e2961075e1eb494b1d
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a8b3b2eae18f3dea74b264d586e8f7be4a71ec1eeb40ad7ddc236cac2b5e7b80
aaa579861669a529ef77a8c04af06447eaa1d75000246840da90f285e9c94268
abde463ef27458713d91e9be883fdd389298ef57411b601cab5f66db609c508d
af6e28fbccfa7c6a58de5188801218b01dd80c279d1e3b576e109082eef763fc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18bae2e16647bca7a1913343f21a0217cd053203396ba96cc1093fa51dd648f
b209a533a146f603c877b649c28274e80c62a43e37ccdd76e6b9e9188e9f8554
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b34c67107f1b7dd18c382366913a00a08956cc138ebed347df972e81b56ce299
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b6ce79190f690c6164c6efff8247073447ba14cdfbf89c89b86891f76348aec0
b94af15b91ae56f9280496fa369753a504c58324614ecfeb54cd7484e4ca64ac
be81acd5abe934f39b46369bb723e4095da95207802306034af540cedcf5a55e
c0369fd030ac402443e245b74fe4a568cd06ab45a3a099209e93a7d0bcdf643c
c099f9dbd2a5da5e753052f1bd62321e8b036dbc8a041491d13d590aa78ed2af
c11fb9ac4922e75ae9e0a017f41ae36febd8a185834b7bb608e9049ebe68da62
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
c728a934d80bd460ac8ad4e7c242bbdcff2a4c6c4a0553f3b6077c6080a8ef5d
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf47364a41461ef5acdbfcd343a602d223ec7a179b484f43e1c843a79b0f7add
d0bd85cc3db99d98a109f29e847303811617184e2f8c3ca1a4d11b7a370cb633
d217373cd3bc0c293b6171d72c4751f2eaa02d6efc32449fdec795da007759cd
d30a6f03fe6074d365b92a300ce82d4cd236014f68d7f9dc1ccb9cf104249390
d951536a2d0c8d4fe76c78c0bbb04dbc2aa77ab3f04ef73c92c049c6da1b1d9e
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
df3c6bc91bf18da3ee7733006cddb18ca9c9c3a77e657b1fc1c75a8405b02f3d
e01b75729cfdd78a4049a33100638b60a8933dd55bddf98edf64ecf32d5b1702
e1286948d89eb1a7ebcd9b2d9feca7ec2baf391a57131754375142e2d50d4130
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49dca44b0c72950b99f16b0bc20bad538e177b05aef271d3231d552f2035b7e
e85a07eabf2c106bcb1953c3ab83d2c48f99a0e4d29e31951d00086c29c83181
e935f03fedb303383e8b163689713d047c3393bbbd1317c7f972831389c37d77
e9f18b5f9ed6ffddd86c2f764df72ea0f4aa7fba3f8e41102c81002d421f74ac
ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ecdeb0b2751d79c8951811ca225a1c98cd860f650e159d4244c7ae1389ffa7a6
ee888a53e5a69ee999edd38a06f0b8cb72bcfd4b596d79595ae5bf101857f01e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3213312db0c8d0b93e68604e99a1c7229afc9c73e7e43178401b67c28ff2d5b
f7970aa9ecfb67fe00ad949e456233de3e9ae789c22c5841a8cc360fa0a1b06f

iw.scriptcult.com Open in urlscan Pro 2606:4700:3035::6815:2196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

142 Requests

100 %HTTPS

57 %IPv6

24 Domains

31 Subdomains

24 IPs

7 Countries

3425 kBTransfer

5729 kBSize

7 Cookies

33 Outgoing links

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

iw.scriptcult.com Open in urlscan Pro
2606:4700:3035::6815:2196 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

100 %
HTTPS

57 %
IPv6

24
Domains

31
Subdomains

24
IPs

7
Countries

3425 kB
Transfer

5729 kB
Size

7
Cookies

142 HTTP transactions
4 data transactions