urlscan.io logo urlscan.io
SecurityTrails logo

ja.scriptcult.com Open in urlscan Pro
2606:4700:3035::6815:2196  Public Scan

Go To Rescan Add Verdict Report
URL: https://ja.scriptcult.com/open-zrd-files-1760
Submission Tags: test
Submission: On October 15 via api from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 10 countries across 42 domains to perform 135 HTTP transactions. The main IP is 2606:4700:3035::6815:2196, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.scriptcult.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time ja.scriptcult.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 164.90.194.65 14061 (DIGITALOC...)
3 213.174.135.25 39572 (ADVANCEDH...)
2 2600:9000:21f... 16509 (AMAZON-02)
3 7 2a02:6b8::1:119 208722 (YNDX)
4 213.174.135.24 39572 (ADVANCEDH...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
3 151.101.1.195 54113 (FASTLY)
7 142.250.185.162 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 78.140.185.32 35415 (WEBZILLA)
4 37.157.6.242 198622 (ADFORM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 37.252.172.250 29990 (ASN-APPNEX)
3 51.89.9.253 16276 (OVH)
2 147.75.38.124 54825 (PACKET)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a02:fa8:8806... 25751 (VALUECLICK)
2 212.77.99.29 12827 (WIRTUALNA...)
2 185.184.8.65 204995 (RTB-HOUSE...)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 2600:1901:0:7... 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 104.111.215.191 16625 (AKAMAI-AS)
5 142.250.186.162 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
2 2 35.227.252.103 15169 (GOOGLE)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a01:4f8:252:... 24940 (HETZNER-AS)
1 1 2a02:128:7:47... 50245 (SERVEREL-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
135 38
26    2606:4700:3035::6815:2196 (United States)

ASN13335 (CLOUDFLARENET, US)
ja.scriptcult.com
scriptcult.com
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    164.90.194.65 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
g3news.biz
3    213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cst.cstwpush.com
na.nawpush.com
js.cabnnr.com
2    2600:9000:21f3:f200:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
4    213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.wpadmngr.com
js.wpushsdk.com
cdn.1vag.com
6    2606:4700:3032::ac43:9286 (United States)

ASN13335 (CLOUDFLARENET, US)
scriptcult.com
9    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
cdn.zx-adnet.com
7    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
6    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
2    78.140.185.32 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: ap8.adplayer.pro
serving.stat-rock.com
4    37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
2    2a02:fa8:8806:12::1460 (Singapore)

ASN25751 (VALUECLICK, US)
web.hb.ad.cpe.dotomi.com
2    212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
4    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
5    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
5    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
eb9684034aec506d9892771e51ce1592.safeframe.googlesyndication.com
1    2a01:4f8:252:564d::2 (Germany)

ASN24940 (HETZNER-AS, DE)
rtbbnr.com
1    2a02:128:7:4715::2 (Czech Republic)

ASN50245 (SERVEREL-AS, NL)
btds.zog.link
5    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
Apex Domain
Subdomains		 Transfer
32 scriptcult.com
ja.scriptcult.com
scriptcult.com
875 KB
20 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
196 KB
10 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
eb9684034aec506d9892771e51ce1592.safeframe.googlesyndication.com
205 KB
5 ampproject.org
cdn.ampproject.org
103 KB
5 google.com
adservice.google.com
www.google.com
1001 B
5 yandex.com
mc.yandex.com
2 KB
4 criteo.com
gum.criteo.com
mug.criteo.com
1 KB
4 ad4m.at
as.ad4m.at
ad4m.at
23 KB
4 pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
1 KB
4 adnxs.com
ib.adnxs.com
17 KB
4 adform.net
adx.adform.net
817 B
3 onetag-sys.com
onetag-sys.com
798 B
3 google.de
adservice.google.de
1 KB
3 zx-adnet.com
cdn.zx-adnet.com
112 KB
2 openx.net
rtb.openx.net
759 B
2 addthis.com
e.dlx.addthis.com
1 KB
2 creativecdn.com
prebid-eu.creativecdn.com
358 B
2 wp.pl
ssp.wp.pl
292 B
2 dotomi.com
web.hb.ad.cpe.dotomi.com
299 B
2 connectad.io
i.connectad.io
403 B
2 a-mo.net
prebid.a-mo.net
608 B
2 4dex.io
script.4dex.io
24 KB
2 stat-rock.com
serving.stat-rock.com
97 KB
2 wpadmngr.com
js.wpadmngr.com
25 KB
2 yandex.ru
mc.yandex.ru
65 KB
2 optad360.io
get.optad360.io
234 KB
1 1vag.com
cdn.1vag.com
334 B
1 zog.link
btds.zog.link
222 B
1 rtbbnr.com
rtbbnr.com
340 B
1 cabnnr.com
js.cabnnr.com
16 KB
1 wpushsdk.com
js.wpushsdk.com
3 KB
1 rubiconproject.com
pixel.rubiconproject.com
460 B
1 mookie1.com
odr.mookie1.com
324 B
1 quantserve.com
cms.quantserve.com
463 B
1 googleapis.com
imasdk.googleapis.com
123 KB
1 googletagservices.com
www.googletagservices.com
38 KB
1 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net Failed
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 googleadservices.com
partner.googleadservices.com
660 B
1 nawpush.com
na.nawpush.com
523 B
1 cstwpush.com
cst.cstwpush.com
598 B
1 g3news.biz
g3news.biz
15 KB
135 42
Domain Requested by
31 scriptcult.com ja.scriptcult.com
scriptcult.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
ja.scriptcult.com
6 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
ja.scriptcult.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 cm.g.doubleclick.net googleads.g.doubleclick.net
5 tpc.googlesyndication.com googleads.g.doubleclick.net
ja.scriptcult.com
5 mc.yandex.com 2 redirects ja.scriptcult.com
4 ib.adnxs.com get.optad360.io
4 adx.adform.net get.optad360.io
4 pagead2.googlesyndication.com ja.scriptcult.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
3 onetag-sys.com get.optad360.io
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 cdn.zx-adnet.com ja.scriptcult.com
cdn.zx-adnet.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 ad4m.at as.ad4m.at
ad4m.at
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 e.dlx.addthis.com 2 redirects
2 www.google.com 1 redirects googleads.g.doubleclick.net
2 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
2 hbopenbid.pubmatic.com get.optad360.io
2 prebid-eu.creativecdn.com get.optad360.io
2 ssp.wp.pl get.optad360.io
2 web.hb.ad.cpe.dotomi.com get.optad360.io
2 i.connectad.io get.optad360.io
2 prebid.a-mo.net get.optad360.io
2 script.4dex.io get.optad360.io
script.4dex.io
2 serving.stat-rock.com get.optad360.io
ja.scriptcult.com
2 js.wpadmngr.com cst.cstwpush.com
js.wpadmngr.com
2 mc.yandex.ru 1 redirects ja.scriptcult.com
2 get.optad360.io ja.scriptcult.com
get.optad360.io
1 cdn.1vag.com js.cabnnr.com
1 btds.zog.link 1 redirects
1 rtbbnr.com 1 redirects
1 js.cabnnr.com js.wpadmngr.com
1 js.wpushsdk.com js.wpadmngr.com
1 eb9684034aec506d9892771e51ce1592.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 imasdk.googleapis.com serving.stat-rock.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 prod-rtb.ad4mat.net ja.scriptcult.com
1 cdn.jsdelivr.net get.optad360.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 na.nawpush.com js.wpadmngr.com
1 cst.cstwpush.com ja.scriptcult.com
1 g3news.biz ja.scriptcult.com
1 ja.scriptcult.com
0 static-de.ad4mat.net Failed as.ad4m.at
135 52

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
1.ne04.biz
R3		 2021-10-13 -
2022-01-11		 3 months crt.sh
cst.cstwpush.com
R3		 2021-09-01 -
2021-11-30		 3 months crt.sh
*.optad360.io
Amazon		 2020-12-17 -
2022-01-15		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
js.wpadmngr.com
R3		 2021-08-24 -
2021-11-22		 3 months crt.sh
na.nawpush.com
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
admin.musepresent.com
GTS CA 1D4		 2021-09-14 -
2021-12-13		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
serving.stat-rock.com
R3		 2021-08-22 -
2021-11-20		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
onetag-sys.com
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
*.a-mo.net
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-05 -
2022-03-14		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-08-24 -
2021-11-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
js.wpushsdk.com
R3		 2021-08-20 -
2021-11-18		 3 months crt.sh
js.cabnnr.com
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
cdn.1vag.com
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://ja.scriptcult.com/open-zrd-files-1760
Frame ID: 0AC21868407620F22D0AECB9E92D3718
Requests: 104 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Frame ID: 6E3DD95C839A13AFC1D8D969C01CA04F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&adk=1812271804&adf=3025194257&lmt=1634298830&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830144&bpp=4&bdt=181&idt=358&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=379787291894&frm=20&pv=2&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=378
Frame ID: A97AC37C9A8CA86C29F031C2F5FE9047
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=2664236338&adk=3842632652&adf=3501923860&pi=t.ma~as.2664236338&w=1200&fwrn=4&fwrnh=100&lmt=1634298830&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830148&bpp=29&bdt=185&idt=528&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1400&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iG6sP7B79W&p=https%3A//ja.scriptcult.com&dtd=534
Frame ID: 276B0A06B927EDC49557C395D124D79E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=9063506610&adk=2157201699&adf=177543962&pi=t.ma~as.9063506610&w=800&fwrn=4&fwrnh=100&lmt=1634298830&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830177&bpp=1&bdt=214&idt=561&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1415&ady=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WLCniOCM8t&p=https%3A//ja.scriptcult.com&dtd=567
Frame ID: 2ED7E231CE1C4772CB017589CDF3FE82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=3645182774&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1634298830&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830178&bpp=2&bdt=215&idt=573&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1415&ady=3380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=jPNnQT0jXu&p=https%3A//ja.scriptcult.com&dtd=578
Frame ID: 54E83D77A3C0A7BCAF7BB1838A5F3C13
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1634298830&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830180&bpp=1&bdt=216&idt=600&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1415&ady=4604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PEIUYcBF6Y&p=https%3A//ja.scriptcult.com&dtd=604
Frame ID: 4DBB822930A110738D668593FBB4C310
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Frame ID: BCDB916D6173E74C1DB033BAD542D92D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CErQkzmtpYcKMOqKm3gPjx66ADpDhgYRctqjCivACwI23ARABIABglbqsgrQHggEXY2EtcHViLTIxNzMwNjM3MjA5NDA4ODagAcKu6N0DyAEJqQKs30H9WHyzPqgDAaoEyQFP0JiHgkPL8dR874__f3UN3Y4UuXbhK8lEtWBnk8NU5cbflhPR0B6ujxVxAYpl2BlkluWgXbBwogPs4Z-rQr6n2B8gz9eWgdANlhUHsQ9pJM3DQg5moMI6RjPVhBNO3KacZw7PQ-8cB02xiKQ6IyMM_ydYdY7iXu2_HpVWQ0VzbxzLCebXNZjggK0jir7cMdDDM0ekAIBUjoXmcRR7EIQbkaatBwUKNoW0aZvww2nDcjleUyqY5Pz2LvwJanWaF9EqQf6pU9dYYhOABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjE3MzA2MzcyMDk0MDg4NhgA&sigh=ANsr2VJivEY
Frame ID: B84E6853C6BB9C1CC94887CD655A4804
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gxej9vj981p3a35z6re8qjty87pwbpbmsbyz5zdrnxfhsjw9zv7gck07qj9s8eapy0chrysnz9894zajgebtbqt49ssbtvseradhg1c19j2a26cqryz2qsv5qwparrybq7kbx2nqdcbcj1gy9xm0r5dsdm1bxzwxymb7pm9gj64ype469a6evbcdvkp1e2r0td1e5dvh3ma3zaz57jzqdsp7nt8xxg3qzkmqk0phtgkpa93fsy2x02dsagacgrp3kcbfdbj95r9b81xjksqet4w5w6tz758rkbkskmj9hhxbdd4f83n9t3yncfs4v891fq84n7bkz9afrqyq6gwqr7mfpqnfj285t1v9kvy5h6qye0aamq8vbtj1c0ryymgv4t655mmxs43wbsye4836e0z&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR7JKzmtpYcKMOqKm3gPjx66ADpDhgYRctqjCivACwI23ARABIABglbqsgrQHggEXY2EtcHViLTIxNzMwNjM3MjA5NDA4ODagAcKu6N0DyAEJqQKs30H9WHyzPqgDAaoEzAFP0JiHgkPL8dR874__f3UN3Y4UuXbhK8lEtWBnk8NU5cbflhPR0B6ujxVxAYpl2BlkluWgXbBwogPs4Z-rQr6n2B8gz9eWgdANlhUHsQ9pJM3DQg5moMI6RjPVhBNO3KacZw7PQ-8cB02xiKQ6IyMM_ydYdY7iXu2_HpVWQ0VzbxzLCebXNZjggK0jir7cMdDDM0ekAIBUjoXmcRR7EIQbkaatBwUKNoW0aZvww2nDcjleUyqY5Py0LPGbvaAdVxmtCWhzGkWqWwfGtsCABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-E1pa5qukR2P3XopM0sR3osUjRQ%26client%3Dca-pub-2173063720940886%26adurl%3D
Frame ID: C2CB6AA446F14D941BA4F8CF6BA7988B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BDB4D6827A793DFD2FC6F1B16E2536EA
Requests: 9 HTTP requests in this frame

Frame: https://eb9684034aec506d9892771e51ce1592.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 94883181C8801EEC9D977B7E5E6F469C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.1vag.com/1x1.png
Frame ID: 9DC37E3871E2F405413F19C68534112D
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 74D561E4738541863CBC01F0290BE006
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

135
Requests

98 %
HTTPS

53 %
IPv6

42
Domains

52
Subdomains

38
IPs

10
Countries

2181 kB
Transfer

5435 kB
Size

42
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9427.CiBrxjXv_W8fX9vW2DH7DcOn-VGeI4CsczsdZJFAbhg520dktfqhI_GyAbm0rbIx.1eoG3uuhnpnqJQ09n4AWFM9vMRs%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9427.gTFBgcxflvCoD_R7WfU3H1K81w4sGeHBDTTHBNfXcjKccIe2qSo_4IIHfudvsmErWow1ZA0jufgDSsrXhgupig%2C%2C.LlgCdtQ9wokErVcSjqBhnbyDqVk%2C
Request Chain 56
  • https://mc.yandex.com/watch/53505307?wmode=7&page-url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A236%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A872836211704%3Ahid%3A911116631%3Az%3A0%3Ai%3A202101015115350%3Aet%3A1634298830%3Ac%3A1%3Arn%3A329539088%3Arqn%3A1%3Au%3A1634298830921441574%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634298829888%3Adsn%3A0%2C20%2C51%2C1%2C0%2C0%2C%2C473%2C13%2C%2C%2C%2C546%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634298831%3At%3AZRD%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB-2020%E5%B9%B4%E3%81%AB.ZRD%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%92%E9%96%8B%E3%81%8F%E6%9C%80%E3%82%82%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%20-%20%E6%8B%A1%E5%BC%B5%20-%202021&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.com/watch/53505307/1?wmode=7&page-url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A236%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A872836211704%3Ahid%3A911116631%3Az%3A0%3Ai%3A202101015115350%3Aet%3A1634298830%3Ac%3A1%3Arn%3A329539088%3Arqn%3A1%3Au%3A1634298830921441574%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634298829888%3Adsn%3A0%2C20%2C51%2C1%2C0%2C0%2C%2C473%2C13%2C%2C%2C%2C546%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634298831%3At%3AZRD%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB-2020%E5%B9%B4%E3%81%AB.ZRD%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%92%E9%96%8B%E3%81%8F%E6%9C%80%E3%82%82%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%20-%20%E6%8B%A1%E5%BC%B5%20-%202021&t=gdpr%2814%29ti%282%29
Request Chain 102
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ5ktF-MSxNt2r-WRZleu0XwZeIiw7yU4aEDRSIS06jfLDCP7y9B2b577rmtWj3TFyMDF0_KRRD-JAK5Epi69tLbNaJzbQ&google_gid=CAESEEyySOwTEY_ePGTgfRbWSck&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ5ktF-MSxNt2r-WRZleu0XwZeIiw7yU4aEDRSIS06jfLDCP7y9B2b577rmtWj3TFyMDF0_KRRD-JAK5Epi69tLbNaJzbQ&google_gid=CAESEEyySOwTEY_ePGTgfRbWSck&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTUxMTUzNTEwMDA0MjY4NzI5NDAyNQ%3D%3D&google_push=AYg5qPJ5ktF-MSxNt2r-WRZleu0XwZeIiw7yU4aEDRSIS06jfLDCP7y9B2b577rmtWj3TFyMDF0_KRRD-JAK5Epi69tLbNaJzbQ
Request Chain 104
  • https://rtb.openx.net/sync/dds?google_gid=CAESEENwEaU4fM9H3ZXXZSpIRhA&google_cver=1&google_push=AYg5qPJ-354fLqu9ltDkJAKiBc5WrdsyJLhf_-bjdfvJGvQbPySwRC_f61gfJziAubTyq9P2Vi0F8U-0114DH1S6_GwlWGqJNA HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEENwEaU4fM9H3ZXXZSpIRhA&google_cver=1&google_push=AYg5qPJ-354fLqu9ltDkJAKiBc5WrdsyJLhf_-bjdfvJGvQbPySwRC_f61gfJziAubTyq9P2Vi0F8U-0114DH1S6_GwlWGqJNA&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ-354fLqu9ltDkJAKiBc5WrdsyJLhf_-bjdfvJGvQbPySwRC_f61gfJziAubTyq9P2Vi0F8U-0114DH1S6_GwlWGqJNA&google_hm=TcCG8sRVwwQskTC6M9V6lg==
Request Chain 105
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGigBgwUi-2QR45Ofy-g2_U&google_cver=1&google_push=AYg5qPINJrnpaQbY0FiaISXrzzAxVPoD0GDsD-D1WNNc5KajY0hPMnUxZLCI3PTTuuzBRgi9eOnEufDX5EB_-IAOijUvsyrvOQ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGigBgwUi-2QR45Ofy-g2_U&google_cver=1&google_push=AYg5qPINJrnpaQbY0FiaISXrzzAxVPoD0GDsD-D1WNNc5KajY0hPMnUxZLCI3PTTuuzBRgi9eOnEufDX5EB_-IAOijUvsyrvOQ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fYCuZoRaRbGNH1MoR_WTNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPINJrnpaQbY0FiaISXrzzAxVPoD0GDsD-D1WNNc5KajY0hPMnUxZLCI3PTTuuzBRgi9eOnEufDX5EB_-IAOijUvsyrvOQ
Request Chain 106
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDdgdc7_OogspD2JpVTt164&google_cver=1&google_push=AYg5qPKZW1e6n2zG5_O25ypEytKt3LQv1CEpevMTQKQP6K4z-GJYgmCuO4P-F7sQUX-_T7qphvXCsKG9kaBq8p3NkHwUGYB0sMY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTQkJUMkMtMVMtSU44Rg==&google_push=AYg5qPKZW1e6n2zG5_O25ypEytKt3LQv1CEpevMTQKQP6K4z-GJYgmCuO4P-F7sQUX-_T7qphvXCsKG9kaBq8p3NkHwUGYB0sMY
Request Chain 107
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA
Request Chain 118
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSwyNiw0Niw0Nyw1NCw1NSw2MSIsInRpdGxlIjoiIiwic3ViaWQiOiIxNjA0NzM1MzgiLCJzcG90X2lkIjoxMDYxNH0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMTA2MTQiLCJwYWdlIjoiaHR0cHM6Ly9qYS5zY3JpcHRjdWx0LmNvbS9vcGVuLXpyZC1maWxlcy0xNzYwIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6ImIwMTc0NjgyZmE2Mzc4OWEzNDAyYTdmN2JjMzYxYjMxIn0sImV4dCI6eyJkdCI6MTYzNDI5ODgzMTgzOH19 HTTP 302
  • https://btds.zog.link/in/912/?sid=10614&source=160473538&idzone=&w=1&h=1&mo=&ve=&site_id=10614&utm1=&utm2=&utm3=&utm4=&ad_tags=&spot_id=10614&p=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&tds_labels={4,5,6,7,8,9,26,46,47,54,55,61} HTTP 302
  • https://cdn.1vag.com/1x1.png
Request Chain 132
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 134
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.scriptcult.com%2F&domain=ja.scriptcult.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=QEWihXw1RXhNNGtxN3RYVnFjR2lBa0pmWmorUjZLd0lOenJRYVQzcmNza1hJTlJ6MkpIcXJKT1NUbC83djV6dUg3Ty9TcERZc1NQblQwRGtIS2RINitUZnFZYUJRa2hzd25wTUJiY3krbnZ6cEZjbmlTMzVXeDErVEV4ZkIyR2dLN2d5ek82bzZVd05vVlV3TWlZZERvck1GVzIrTjErbmJxN2xXT0tJSDJTSDVDenNpUGc5VXFCcUYrSnEwb3FXN3I0TVZ0eFlYSUVvMU1sUXpsVGYraXN5OG5XU1VNVHloZGs3MkFmWWc1MlpqRFR2TU93Sm1hVndUZUtHMHdtWGhkdnY4fA&cppv=2

135 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request open-zrd-files-1760
ja.scriptcult.com/ 		33 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6812c6b0b18dbd69553874ef1147cbaf54d3c7b50e70903568dafc5b9f8226

Request headers

:method
GET
:authority
ja.scriptcult.com
:scheme
https
:path
/open-zrd-files-1760
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 15 Oct 2021 11:53:49 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
expires
Sat, 16 Oct 2021 11:53:49 GMT
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17%2FQZmAc5KOCkdlQkbDCEfqpaajP0OFfqsll3UbKmycA6U0mRgYs37pNEk8hqAH6y8wjASAYKHBjdOAkNpfV5NLpobGKWYLLjnMiOlR5iOOYbHVziO%2BZ2p43Y3YFpOCwFfRNx%2Be8TWcm67YfPCsNMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69e8d9670e92646d-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa930a50abe8d44a9e916704ea2af37ee24d57e48866f7e3d4b75d49c63e6d9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51456
x-xss-protection
0
server
cafe
etag
15177929512804483955
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 15 Oct 2021 11:53:50 GMT
/
g3news.biz/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g3news.biz/?te=hbswimjugu5ha3ddf4ytmobt
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.90.194.65 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9b8f4b2d8bb7068f9d4a289865dae78f52a05390d2c4add2634d09d4d465be00
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 15 Oct 2021 11:53:50 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
adManager.js
cst.cstwpush.com/static/ 		451 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cst.cstwpush.com/static/adManager.js
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 09:03:43 GMT
server
nginx/1.18.0
etag
W/"6166a0ef-1c3"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 15 Oct 2021 12:53:50 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
1506626470index.css
scriptcult.com/template/apollo/css/ 		60 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scriptcult.com/template/apollo/css/1506626470index.css
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51de53ac835a3e11b545be8454c808f1b4a655b1681b02b1db6b87f44ebf4257

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598722
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Jul 2020 14:43:28 GMT
server
cloudflare
etag
W/"f1d8-5aaa42e19d8e0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHC8o0HIby9kpA5oQLCcNMfz8zx2vDkE%2FjQGZq1jFQIhVgyIL63YLBxH3RzkfdIRER%2FPkNDlC9tCy3cCBPXSB18dIoprBisbnl8ShpyY4OsYnQQ7DsYNwNeF9Qwcpp%2Ff3drdCCIkWvCX3zld4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69e8d9679ea2646d-FRA
expires
Fri, 22 Oct 2021 13:35:08 GMT
css.css
scriptcult.com/template/apollo/css/ 		5 KB
886 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scriptcult.com/template/apollo/css/css.css
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b5fb211d28a4781b339cfded0f5bb2dcc357d003430aedc7e1f771c5f2abea5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598722
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Jul 2020 14:43:27 GMT
server
cloudflare
etag
W/"1248-5aaa42e0bdebf-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmZ%2Fdpy0ABwWwPI0Chy4Y3XCg2eBGS7Ir231FeyznuMvJPgkmh4BApkTKGUymX%2FSgtzoEzQhmu21vSd6YvO7RtNwVBKzN3X54ThMFV7vd4%2FGeI44ZbIJdDx8iZVOzGzVh5UxvLGrJ%2Bv5uBtNmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69e8d9679ea1646d-FRA
expires
Fri, 22 Oct 2021 13:35:08 GMT
1506626470index_001.css
scriptcult.com/template/apollo/css/ 		114 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scriptcult.com/template/apollo/css/1506626470index_001.css
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9f18b5f9ed6ffddd86c2f764df72ea0f4aa7fba3f8e41102c81002d421f74ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598722
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Jul 2020 14:43:27 GMT
server
cloudflare
etag
W/"1c9cb-5aaa42e10b11f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7X%2B%2B90jW0t6Ihn7pygzb1ODyFf%2FlY%2FW3mgG4il98Zu%2FWJMkWGza1JhY%2BI43yZ9y6025BwSHTR0RGA7Wj2b2eKYydqbo%2F3NOOICrBWuQzp1SSVRnqJwA7bDOvpdUevLTHVxDOlvImmqBfBE0%2Big%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69e8d9679e9f646d-FRA
expires
Fri, 22 Oct 2021 13:35:08 GMT
1506626470index.js
scriptcult.com/template/apollo/js/ 		112 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scriptcult.com/template/apollo/js/1506626470index.js
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecdeb0b2751d79c8951811ca225a1c98cd860f650e159d4244c7ae1389ffa7a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598721
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Jul 2020 14:43:30 GMT
server
cloudflare
etag
W/"1c05b-5aaa42e3d00e4-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OZj5P8s2T76qgX9xU5CFuZ8ffT6dma%2F%2FhNhvRi0WL0BhoCsze4lmcTakXUigs5KOlENzYLqASMKjY336TuoyU%2FZEYboMyEB0NHGd%2Bh0El0ytbMOAFslCNrVsT6fuYQrJUXgglT8phpSx%2FvCdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69e8d9679ea4646d-FRA
expires
Fri, 22 Oct 2021 13:35:08 GMT
/
scriptcult.com/img/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
.prsx-file-extension.jpg
scriptcult.com/img/fileinfo/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/fileinfo/.prsx-file-extension.jpg
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c37038cd3b8d272e5933f4c8bd708dddf2e3be641094d3d20ae52cf5b9eae7df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5806
last-modified
Sun, 28 Apr 2019 00:11:50 GMT
server
cloudflare
etag
"16ae-5878c03ae00a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMZ%2FV2L48GGF0bwjoKENJLkIbQWsZDj6xF3bLyda6nYbHZElSAixUIn9GwHznoGQwYsc39hFekYbaveiQc1ZjVTmlZn8Ur%2BotvR%2BiXcogh11ZJEcS53TU0qux%2FGig1U3Dg6ecD1gBwKBnhU7rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69e8d9680eb0646d-FRA
expires
Sat, 15 Oct 2022 11:53:50 GMT
ILT-file-format-description.webp
scriptcult.com/img/file-types/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/file-types/ILT-file-format-description.webp
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f16a4d8efd0604291f81ab7b9c256e100f1cf3fc78fdcf2611fd0ed0c13aafc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
279587
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54204
last-modified
Sun, 04 Oct 2020 18:49:36 GMT
server
cloudflare
etag
"d3bc-5b0dcd3d70116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYNFntPZVLJm%2F7zELWaat9oysFVVgzby2lHruY2rfLRzm%2BfPcAFPBQb7An5WTSRwV%2B9%2BEjj6j0UO7Eu6sJ%2BoRAfo07JWXITGiC54G%2F89GrFesFeRaXBintDAwg%2FbjUfZxni9y43XrswmhNsk7g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69e8d9680eb1646d-FRA
expires
Tue, 19 Oct 2021 06:14:03 GMT
.supp-file-extension.jpg
scriptcult.com/img/fileinfo/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/fileinfo/.supp-file-extension.jpg
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0d7112e0106b6f38edd856f3c8020c7977581969847d6b83fc9024596003660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
46331
last-modified
Sun, 28 Apr 2019 00:14:55 GMT
server
cloudflare
etag
"b4fb-5878c0eb97534"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjFqIBOmMl5S7bHko%2B3IvET3NCSrmZfO1V16wqTiH1RJGiuUFVz9wJgBI7zXb31qLD6msQ9q7rSud%2FmjAmia3viov2nUEnxhKNdtWERX%2Fu7v1HN9cbjAofKo0p9CRm0F6eUj8ckUsDmUP2EWOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69e8d9680eb2646d-FRA
expires
Sat, 15 Oct 2022 11:53:50 GMT
.imp-file-extension.jpg
scriptcult.com/img/fileinfo/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/fileinfo/.imp-file-extension.jpg
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2774f2976d38014bcbcdcafb7b703da7a9564d17fb9130a60ae158581799a5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
63577
last-modified
Sun, 28 Apr 2019 00:05:58 GMT
server
cloudflare
etag
"f859-5878beeb5d5de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xLMr89631TeWb2WRgd310vIlzEVs4titrtSkkM92DVKbKkWJZS6%2FABeUljpvfIpnrIBbgHLYgbghdevStH2FbhFTBAIMjRDxwP7VMGq1GMfn6gylIRlV0okLe19nzfEibMFv6NQTFzML89xZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69e8d9680eb3646d-FRA
expires
Sat, 15 Oct 2022 11:53:50 GMT
.wmt-file-extension.jpg
scriptcult.com/img/fileinfo/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/fileinfo/.wmt-file-extension.jpg
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69dc278870e8239e0b043d163b23253c4416a292c0814710974fe0d4e67f349d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41095
last-modified
Sun, 28 Apr 2019 00:17:39 GMT
server
cloudflare
etag
"a087-5878c1876de13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7CujG4ab5cjjYa5vT%2FRKfIjEsFS9IPdGkRZj0rx1KJXOzyQhoosaeEMlXRNXCKsMVrL4u5pqFRd7prC8rPL%2BeKSw7l6UKHWqxzsriXxMj62UkfePQKipv2wrMjy0WYNgm7yHITseCdqD7gRCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69e8d9680eb4646d-FRA
expires
Sat, 15 Oct 2022 11:53:50 GMT
microsoft-powerpoint.jpg
scriptcult.com/img/fileinfo/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/fileinfo/microsoft-powerpoint.jpg
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60f1c25d56fe236cc657ec6a761acd9a806f4616adc24eb27817cf7878b5901c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
195032
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5531
last-modified
Sun, 28 Apr 2019 00:19:52 GMT
server
cloudflare
etag
"159b-5878c206c5826"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOfxtwRC73x13bspQIkxDwdA56OHj53pPzlermLjZoV8euUUMeAV8PWdTA9TLoLH5WUIMgRv7wF4iDCr%2FwP2tIcPn5PLZ6GWO6qtGWpdRFURhsMnBGmWZTGwlvhwkZKQjKl9IGE1cXn3cUWlIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69e8d9680eb5646d-FRA
expires
Thu, 13 Oct 2022 05:43:18 GMT
.annot-file-extension.jpg
scriptcult.com/img/fileinfo/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/fileinfo/.annot-file-extension.jpg
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e80c20e0699967e467210137ba404e51aba5b79f12ca626237214e4370a1b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43823
last-modified
Sat, 27 Apr 2019 23:58:27 GMT
server
cloudflare
etag
"ab2f-5878bd3cad729"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP%2BLtOa8TS3CNkDCl%2FFFSNhb4sqdfGbIgQMWM1ogCL5nh%2FrHpMpK87cgKWFEgyyimqCWtHFD1Frt4FX%2BtargIIhEw1IK0DMniKXJ4vk5DdnXte%2F0OEatYhVt9L%2BpA0dsUr4LwPtPZeCjPyK%2BdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69e8d9680eb6646d-FRA
expires
Sat, 15 Oct 2022 11:53:50 GMT
.nam-file-extension.jpg
scriptcult.com/img/fileinfo/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/fileinfo/.nam-file-extension.jpg
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16c62924f41c1322ca51832d71192c8e31d4671bbaf83ca867f9038852f7e66c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33300
last-modified
Sun, 28 Apr 2019 00:09:26 GMT
server
cloudflare
etag
"8214-5878bfb195895"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h90uifoyWf7bCdBtotbx9U0QO9fIhzQgyyI3UEH6B1YT5Y6%2FjtWXlt110CD7LJSSZ25oshcwbNiKda0bjWxsOGY3sJbvEXMt2IahUbxXa%2BiArGxtd4mt6LeMTdWxwDQVj7K0nS1J59b%2FjNqhpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69e8d9680eb7646d-FRA
expires
Sat, 15 Oct 2022 11:53:50 GMT
CALIBRE-file-format-description.webp
scriptcult.com/img/file-types/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/file-types/CALIBRE-file-format-description.webp
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd25f8f41e81889aa1d1fd22f467449a51506a7d34aceefea48bb566d9da5d4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
63278
last-modified
Sun, 04 Oct 2020 18:49:24 GMT
server
cloudflare
etag
"f72e-5b0dcd31cc990"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23XzFJ37DLyEVZcptuWuAVR9NsN82WaPjTtWbYojKuNjdravb0OOwe5OdZ7ZKkQVOrAAfVQ3qr6pkJAdv6ySEg8Xiy2U74yuez%2BY2rVn2scLQi65SBl%2Bo2IWa85k3PpaZkZlNN5sgDK4LABU8g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69e8d9680eb8646d-FRA
expires
Fri, 22 Oct 2021 11:53:50 GMT
.pbk-file-extension.jpg
scriptcult.com/img/fileinfo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/fileinfo/.pbk-file-extension.jpg
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5b1b4d01c442b60e3d9edfb69bcc5a23de0e8cbe027f15fb4e26f9140a2b4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4956
last-modified
Sun, 28 Apr 2019 00:10:52 GMT
server
cloudflare
etag
"135c-5878c003aa3e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vntevYCjBabDWYOtcTSmv3ljMx1K%2BUdz1kkzoYL1M%2BXIiuh3aHleCgalnJW%2B8trHYpTbr%2ByGbYBm4iIHatPohdoHZgedAq0wRMJLWHIwUbvPdRdks8odR8QSpVNrMdbSuQSCNSx3ULCcwXC7fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69e8d9680eba646d-FRA
expires
Sat, 15 Oct 2022 11:53:50 GMT
.pd-file-extension.jpg
scriptcult.com/img/fileinfo/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/fileinfo/.pd-file-extension.jpg
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ea954041b706c3197c899a65d52286dd39b133a2e6b1677274ce9aa4f3fd45d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
48807
last-modified
Sun, 28 Apr 2019 00:10:58 GMT
server
cloudflare
etag
"bea7-5878c008eaf89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aB1zfF2Qv74rpdCG0gAFqu%2FZGwTGErJ6AmjhaJ5Jj9MXXukaM5WeXboQIn%2FZzVdMSqM85lHYCvGXqYtLNxEsrxKNv8sgJlBijfAKmjltaUDIT6qXlB0f0m5iU%2BtGR0qxLRDskEYIXoh91cdviA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69e8d9680ebb646d-FRA
expires
Sat, 15 Oct 2022 11:53:50 GMT
geometer-plus-fbreader.jpg
scriptcult.com/img/fileinfo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/fileinfo/geometer-plus-fbreader.jpg
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dd88eb2ac8cce17698b50a5d80bb979fdfc50065fe8eb897f9d9e176c5f1fd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4866
last-modified
Sun, 28 Apr 2019 00:19:32 GMT
server
cloudflare
etag
"1302-5878c1f355eb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nwkkts1mJ1T13yU%2BQNnPMgaY%2FGlnRF%2BT%2FlltIcnEhfk%2FehvRCh101zsodDY27oyzHAokWCT5NBYaPb2da2OVmZwIE%2FKLwtw4nhM%2F9JmS%2Fg2gTwIaoN2H7TYgdGo72tBWtyg%2BFHe6ngR7OHzNvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69e8d9680ebc646d-FRA
expires
Sat, 15 Oct 2022 11:53:50 GMT
.or3-file-extension.jpg
scriptcult.com/img/fileinfo/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/fileinfo/.or3-file-extension.jpg
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14fb37ae24dca7ba941a9194d45886eb470dc3999f8b2303d67535f1b1d86de2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
104192
last-modified
Sun, 28 Apr 2019 00:10:26 GMT
server
cloudflare
etag
"19700-5878bfeb23eb7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrQahYKSQlAJCgTh5vhSIIUv558oE96QCVVHJeZhpHPSwr8iW2rojZUpEB7dvdD56O3nd92bchd92IeJyQGB1uGl1zgPVIXu3K3NizAFSoKTOfB%2B2tepW23Shl6xQ8ESrd8Wp0%2BASfny8IR0qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
69e8d9680ebd646d-FRA
expires
Sat, 15 Oct 2022 11:53:50 GMT
QDF-file-format-description.webp
scriptcult.com/img/file-types/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/img/file-types/QDF-file-format-description.webp
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e7afbc5dc15c290434dc80ae5d662782271e53b286338a158b9a4c7c824d73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
57292
last-modified
Sun, 04 Oct 2020 18:49:49 GMT
server
cloudflare
etag
"dfcc-5b0dcd492cedb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bfv3NlNZpnNnajVImCbWv9wjKD1DbS0D5nYH4qPurGWezVmHB1qyKiYU%2Bt5PqCO3Dxim3SyppBhWTgG3ZZx5I5KSU6nGkHsQZg4mXKdjBP0dj5IgusVPbFZ%2FsGdKd8z2CYbEmrBQixaTwFyarA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69e8d9680ebe646d-FRA
expires
Fri, 22 Oct 2021 11:53:50 GMT
scripts.js
scriptcult.com/template/apollo/js/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scriptcult.com/template/apollo/js/scripts.js
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af6e28fbccfa7c6a58de5188801218b01dd80c279d1e3b576e109082eef763fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
377971
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Jul 2020 14:43:30 GMT
server
cloudflare
etag
W/"113ad-5aaa42e3dbc64-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUq%2B4tvD%2FenYJc%2F0EHDmo5jBTUy5f68jbnXgclBphzmf68MI7xsnDgJhsyx3VF4Yv56j3bggIbthkEH5u6xentPoMoVVWicqCoZVgIanQTFWQIOpiNh5C7ugvdZaWW2NuGkM4MOMMCaAZlXCmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69e8d967feac646d-FRA
expires
Mon, 25 Oct 2021 02:54:19 GMT
custom.js
scriptcult.com/template/apollo/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scriptcult.com/template/apollo/js/custom.js
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68df2e56274e0fee3b1539dd6224e6c25b59b9571a45925be1927eff387737f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14500
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Jul 2020 14:43:30 GMT
server
cloudflare
etag
W/"d49-5aaa42e38f9a3-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibpT2mUHLkNXSKokP95eIGfP1miZn%2BQEAea8%2BjP0zW1Usly874AmuzYv6DbK2d9kVU0Dg89yIVXvI1P%2FcTeJjKGlVqOstXXrtmXME81qkrqOGsZY9L%2FVAq1x%2FeRQLcH7MCv3MaX8TD9ulEQK2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69e8d9680ead646d-FRA
expires
Fri, 29 Oct 2021 07:52:10 GMT
rating.js
scriptcult.com/template/apollo/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scriptcult.com/template/apollo/js/rating.js
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e4198b73c21bb8594b6b0c38276bfcd2e8c23c55349bc5e700d8c5441023d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598718
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Jul 2020 14:43:30 GMT
server
cloudflare
etag
W/"739-5aaa42e390943-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcSgoBVUWuwb8iXc8yRny4aSQN82wIL9dG6RsrDRXltlo9IXjxQUjbTPJjLkTJraxHOusA6yAwqb7qm8G1%2BjkhzOB8gplku70EeYS1j4ViO%2BDIzE0TmmuFaRYqM59q%2F7xO9%2FN%2F1hw%2BPs3WKxnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69e8d9680eae646d-FRA
expires
Fri, 22 Oct 2021 13:35:10 GMT
plugin.min.js
get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/ 		404 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09bce2e6ddd7c52a12b3a0797751cc16fd5ee2798db54be34d3c2dbe5c8e29b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:51:17 GMT
content-encoding
gzip
last-modified
Tue, 12 Oct 2021 15:31:03 GMT
server
AmazonS3
age
154
etag
W/"d581bd6686da9d5f3399758e8696c357"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
zb3pSQrqPErcZ65FYvn110loZhca9iXZYwfoRa1vE9RAJ-rXpWOuiQ==
tag.js
mc.yandex.ru/metrika/ 		188 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
br
last-modified
Thu, 14 Oct 2021 16:17:22 GMT
etag
"61682de2-10040"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65600
expires
Fri, 15 Oct 2021 12:53:50 GMT
adManager.m.js
js.wpadmngr.com/static/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/static/adManager.m.js
Requested by
Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
850a5427b601f5d72a7b54a033c7240d48a406c19a4c445a9cc52ad36d88cc35

Request headers

Referer
https://ja.scriptcult.com/
Origin
https://ja.scriptcult.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 15:35:33 GMT
server
nginx/1.18.0
etag
W/"61572ac5-fef5"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 15 Oct 2021 12:53:50 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
scriptcult.com/template/apollo/css/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://scriptcult.com/template/apollo/css/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064

Request headers

Referer
https://scriptcult.com/template/apollo/css/css.css
Origin
https://ja.scriptcult.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22820
last-modified
Fri, 17 Jul 2020 14:43:28 GMT
server
cloudflare
etag
"5924-5aaa42e1dc0e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoXse2LgAwuAAOv0e8NOHyx7GS00bVY%2B8wI%2BW%2FlPOL%2Fu8A6uGVVUrQyxtqPOdU5rKDd2HPntfKn3zE5BGhmKK1K2KRvP%2BQAq1O3NK%2FaKoKSSomODNl06VE67CLGpdeUip%2F8VwTcbzF0NzLjbhg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69e8d9682c7cc281-FRA
expires
Fri, 22 Oct 2021 11:53:50 GMT
S6uyw4BMUTPHjx4wXg.woff2
scriptcult.com/template/apollo/css/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://scriptcult.com/template/apollo/css/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b

Request headers

Referer
https://scriptcult.com/template/apollo/css/css.css
Origin
https://ja.scriptcult.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23316
last-modified
Fri, 17 Jul 2020 14:43:27 GMT
server
cloudflare
etag
"5b14-5aaa42e1331c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2hT9HVWjRD6LQwW2EScqaPCUJ7ImDlF%2FXMziVdJMxCRUru6zE9zsOhYidIlO23vYqcALPx5COwSQTLNhvKoqR%2FELKL20PfmS429NmlubSW1zucleSVhcpH4c5rO8eEZJHMBIGVhREYP3ttPvg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69e8d9682c81c281-FRA
expires
Fri, 22 Oct 2021 11:53:50 GMT
ionicons.ttf
scriptcult.com/template/apollo/css/ 		184 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://scriptcult.com/template/apollo/css/ionicons.ttf
Requested by
Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/1506626470index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Referer
https://scriptcult.com/template/apollo/css/1506626470index.css
Origin
https://ja.scriptcult.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 17 Jul 2020 14:43:27 GMT
server
cloudflare
etag
W/"2e05c-5aaa42e10535f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XW9gycn1zbQpSSAWZ5%2BjmqBOnccY1EyRiRCiR2o0YGyX%2Fl40ebp%2BHTSYvcWWUe0yT4Orh7CzvyHCOVXch5XwqHsHh3iqA%2F7z6H6KzxogUKpNirOesBB8x7ZTo0qDyzGdxoVy6FLufGeDA4ZCxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-sfnt
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69e8d9682c86c281-FRA
expires
Fri, 22 Oct 2021 11:53:50 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
scriptcult.com/template/apollo/css/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://scriptcult.com/template/apollo/css/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abde463ef27458713d91e9be883fdd389298ef57411b601cab5f66db609c508d

Request headers

Referer
https://scriptcult.com/template/apollo/css/css.css
Origin
https://ja.scriptcult.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22352
last-modified
Fri, 17 Jul 2020 14:43:27 GMT
server
cloudflare
etag
"5750-5aaa42e138f80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srDmR48VF33c3Q7ke1iBBF7hUa5Lg4OeJwqlDsDWjR3%2FFNZf1As59wXsR%2Bp%2BkngOcAf%2F4Z5%2Fje%2BC2Y0XdcbhHR%2F5ACCIfr7ykGScTa%2FjyPs04STggK2ngtsyEtDtuqTFrsP0M%2Fk47d111UMqFg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69e8d9682c8dc281-FRA
expires
Fri, 22 Oct 2021 11:53:50 GMT
TK3hWkUHHAIjg75-xhsTus9C.woff2
scriptcult.com/template/apollo/css/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://scriptcult.com/template/apollo/css/TK3hWkUHHAIjg75-xhsTus9C.woff2
Requested by
Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b18bae2e16647bca7a1913343f21a0217cd053203396ba96cc1093fa51dd648f

Request headers

Referer
https://scriptcult.com/template/apollo/css/css.css
Origin
https://ja.scriptcult.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15604
last-modified
Fri, 17 Jul 2020 14:43:28 GMT
server
cloudflare
etag
"3cf4-5aaa42e1a7520"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ieg5Jds1DOT46%2BNFm4bJoVWS%2FwiJKbJjw%2BXKKYMhP6uwTxpBMYLWkSY5Y7RFhdUWzrSbFDQVAc00wvNsfa6Z2L86vhcEh3g4SrAJ7R208a%2FrnongkaEDMa1nC1M4%2FNOrw%2B9kyY89J5kStjD6A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69e8d9682c90c281-FRA
expires
Fri, 22 Oct 2021 11:53:50 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/ 		272 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2173063720940886&plah=ja.scriptcult.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a28f55a84004651981942494c461948d30c2eaffa8be9d7e6c004daf3ea7f9c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99876
x-xss-protection
0
server
cafe
etag
285919592548082917
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Oct 2021 11:53:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/ Frame 6E3D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211013/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ja.scriptcult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 14 Oct 2021 21:27:24 GMT
expires
Thu, 28 Oct 2021 21:27:24 GMT
content-type
text/html; charset=UTF-8
etag
9069739545958607985
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4691
x-xss-protection
0
age
51986
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1942
na.nawpush.com/tags/ 		614 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://na.nawpush.com/tags/1942
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
54d08a91822d0a7c6a0ac45a1779ca3a81a0a406b938e74040de68c51a2078b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 15 Oct 2021 11:53:50 GMT
cache-control
max-age=300, public
content-type
text/plain; charset=utf-8
server
nginx/1.18.0
content-encoding
gzip
x-proxy-cache
HIT
wp-banners.js
js.wpadmngr.com/npc/sdk/ 		0
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
last-modified
Fri, 20 Aug 2021 15:14:31 GMT
server
nginx/1.18.0
etag
"611fc6d7-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 15 Oct 2021 12:53:50 GMT
cache-control
max-age=3600
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
footer.jpg
scriptcult.com/template/apollo/css/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/template/apollo/css/footer.jpg
Requested by
Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/1506626470index_001.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scriptcult.com/template/apollo/css/1506626470index_001.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
loading.gif
scriptcult.com/template/apollo/css/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/template/apollo/css/loading.gif
Requested by
Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/1506626470index_001.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scriptcult.com/template/apollo/css/1506626470index_001.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
close.png
scriptcult.com/template/apollo/css/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scriptcult.com/template/apollo/css/close.png
Requested by
Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/1506626470index_001.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scriptcult.com/template/apollo/css/1506626470index_001.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
cookies_gdpr.js
cdn.zx-adnet.com/consent/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.12355810240573062
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Fri, 15 Oct 2021 09:43:03 GMT
x-timer
S1634298833.109795,VS0,VE146
etag
"e816600dd00bd96b1fef78362730b72e57d5bac88839b4da007d48db85d79519-br"
x-served-by
cache-fra19125-FRA
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
no-cache
date
Fri, 15 Oct 2021 11:53:53 GMT
accept-ranges
bytes
x-cache-hits
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9427.CiBrxjXv_W8fX9vW2DH7DcOn-VGeI4CsczsdZJFAbhg520dktfqhI_GyAbm0rbIx.1eoG3uuhnpnqJQ09n4AWFM9vMRs%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9427.gTFBgcxflvCoD_R7WfU3H1K81w4sGeHBDTTHBNfXcjKccIe2qSo_4IIHfudvsmErWow1ZA0jufgDSsrXhgupig%2C%2C.LlgCdtQ9wokErVcSjqBhnbyDqVk%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9427.gTFBgcxflvCoD_R7WfU3H1K81w4sGeHBDTTHBNfXcjKccIe2qSo_4IIHfudvsmErWow1ZA0jufgDSsrXhgupig%2C%2C.LlgCdtQ9wokErVcSjqBhnbyDqVk%2C
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9427.gTFBgcxflvCoD_R7WfU3H1K81w4sGeHBDTTHBNfXcjKccIe2qSo_4IIHfudvsmErWow1ZA0jufgDSsrXhgupig%2C%2C.LlgCdtQ9wokErVcSjqBhnbyDqVk%2C
date
Fri, 15 Oct 2021 11:53:50 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
cookie.js
partner.googleadservices.com/gampad/ 		204 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ja.scriptcult.com&callback=_gfp_s_&client=ca-pub-2173063720940886
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2173063720940886&plah=ja.scriptcult.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
3d271178807f0752a89f34ca52fa704f1571df7070d0d860e2e26195648d614e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ja.scriptcult.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2173063720940886&plah=ja.scriptcult.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ja.scriptcult.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2173063720940886&plah=ja.scriptcult.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A97A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&adk=1812271804&adf=3025194257&lmt=1634298830&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830144&bpp=4&bdt=181&idt=358&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=379787291894&frm=20&pv=2&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=378
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2173063720940886&plah=ja.scriptcult.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4f9ca83a559737af37d1cf275f31df54b5b20ada84aa0daa29f3167763d641b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2173063720940886&output=html&adk=1812271804&adf=3025194257&lmt=1634298830&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830144&bpp=4&bdt=181&idt=358&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=379787291894&frm=20&pv=2&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=378
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ja.scriptcult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 15 Oct 2021 11:53:50 GMT
server
cafe
content-length
4460
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 15-Oct-2021 12:08:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 15 Oct 2021 11:53:50 GMT
cache-control
private
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
last-modified
Wed, 13 Oct 2021 15:51:32 GMT
etag
"6166d654-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 15 Oct 2021 12:53:50 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 276B 		436 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=2664236338&adk=3842632652&adf=3501923860&pi=t.ma~as.2664236338&w=1200&fwrn=4&fwrnh=100&lmt=1634298830&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830148&bpp=29&bdt=185&idt=528&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1400&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iG6sP7B79W&p=https%3A//ja.scriptcult.com&dtd=534
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2173063720940886&plah=ja.scriptcult.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b149beb18c38b5ac4efa26bd003deabdb89daa1b4ed79f5ad9bb3b78a05707f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=2664236338&adk=3842632652&adf=3501923860&pi=t.ma~as.2664236338&w=1200&fwrn=4&fwrnh=100&lmt=1634298830&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830148&bpp=29&bdt=185&idt=528&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1400&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iG6sP7B79W&p=https%3A//ja.scriptcult.com&dtd=534
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ja.scriptcult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 15 Oct 2021 11:53:50 GMT
server
cafe
content-length
211
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 15-Oct-2021 12:08:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 15 Oct 2021 11:53:50 GMT
cache-control
private
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
a5eb0f6fddc970cb29d4b09b11c512e01714a0d092e494af086efd394696bf5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1016 / 226 of 1000 / last-modified: 1634295970"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27216
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Oct 2021 11:53:50 GMT
prebid5.14.0.js
get.optad360.io/sf/ 		460 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 07:34:54 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
965937
etag
W/"6dd0a13bde35d2daa452bba998871016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
wsMiHYkajTsKeYq2f-M_AlMJHC59Xh3lUBwFPZqb-F36m3T46ncoeA==
optad360.js
serving.stat-rock.com/player/ 		307 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/87584f1f-9c47-49cb-b198-f6669bf41325/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
gzip
last-modified
Mon, 06 Sep 2021 07:45:44 GMT
server
nginx
etag
W/"6135c728-4caf3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
ads
googleads.g.doubleclick.net/pagead/ Frame 2ED7 		436 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=9063506610&adk=2157201699&adf=177543962&pi=t.ma~as.9063506610&w=800&fwrn=4&fwrnh=100&lmt=1634298830&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830177&bpp=1&bdt=214&idt=561&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1415&ady=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WLCniOCM8t&p=https%3A//ja.scriptcult.com&dtd=567
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2173063720940886&plah=ja.scriptcult.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dae2c000a9bbc39a23276d56cae786ad1e46f0a745f16cf4cfce35638194c157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=9063506610&adk=2157201699&adf=177543962&pi=t.ma~as.9063506610&w=800&fwrn=4&fwrnh=100&lmt=1634298830&rafmt=1&psa=0&format=800x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830177&bpp=1&bdt=214&idt=561&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1415&ady=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WLCniOCM8t&p=https%3A//ja.scriptcult.com&dtd=567
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ja.scriptcult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 15 Oct 2021 11:53:50 GMT
server
cafe
content-length
212
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 15-Oct-2021 12:08:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 15 Oct 2021 11:53:50 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 54E8 		436 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=3645182774&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1634298830&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830178&bpp=2&bdt=215&idt=573&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1415&ady=3380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=jPNnQT0jXu&p=https%3A//ja.scriptcult.com&dtd=578
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2173063720940886&plah=ja.scriptcult.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60dc3bd2bc610f661d6ca43f50c057e2a7a56f96d3e20a96e7604886e048123f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=3645182774&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1634298830&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830178&bpp=2&bdt=215&idt=573&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1415&ady=3380&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=jPNnQT0jXu&p=https%3A//ja.scriptcult.com&dtd=578
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ja.scriptcult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 15 Oct 2021 11:53:50 GMT
server
cafe
content-length
211
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 15-Oct-2021 12:08:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 15 Oct 2021 11:53:50 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 4DBB 		436 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1634298830&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830180&bpp=1&bdt=216&idt=600&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1415&ady=4604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PEIUYcBF6Y&p=https%3A//ja.scriptcult.com&dtd=604
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2173063720940886&plah=ja.scriptcult.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2637821c29aba574560f2e468ab92089aacfac5090c7c1c016d4274e7344fc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2173063720940886&output=html&h=200&slotname=5421324208&adk=4275921517&adf=2330316371&pi=t.ma~as.5421324208&w=800&fwrn=4&lmt=1634298830&rafmt=11&psa=0&format=800x200&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830180&bpp=1&bdt=216&idt=600&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1415&ady=4604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PEIUYcBF6Y&p=https%3A//ja.scriptcult.com&dtd=604
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ja.scriptcult.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 15 Oct 2021 11:53:50 GMT
server
cafe
content-length
210
x-xss-protection
0
set-cookie
IDE=AHWqTUngoZZ9_zn9y2LZVwV2u_0M9MmU3ffuQlzVoqXezmWpe-1IDfcYPZVALM1ikQ8; expires=Wed, 09-Nov-2022 11:53:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 15 Oct 2021 11:53:50 GMT
cache-control
private
sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js
cdn.zx-adnet.com/consent/ 		341 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.12355810240573062
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Fri, 15 Oct 2021 09:43:03 GMT
x-timer
S1634298833.316566,VS0,VE1
etag
"acf494525e3877026bdb2c073692d275534d2343c0dbc0e70e25b584375d01a0-br"
x-served-by
cache-fra19125-FRA
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=315000
date
Fri, 15 Oct 2021 11:53:53 GMT
accept-ranges
bytes
content-length
67025
x-cache-hits
1
1
mc.yandex.com/watch/53505307/
Redirect Chain
  • https://mc.yandex.com/watch/53505307?wmode=7&page-url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A236%3Afu%3...
  • https://mc.yandex.com/watch/53505307/1?wmode=7&page-url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A236%3Afu...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/53505307/1?wmode=7&page-url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A236%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A872836211704%3Ahid%3A911116631%3Az%3A0%3Ai%3A202101015115350%3Aet%3A1634298830%3Ac%3A1%3Arn%3A329539088%3Arqn%3A1%3Au%3A1634298830921441574%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634298829888%3Adsn%3A0%2C20%2C51%2C1%2C0%2C0%2C%2C473%2C13%2C%2C%2C%2C546%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634298831%3At%3AZRD%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB-2020%E5%B9%B4%E3%81%AB.ZRD%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%92%E9%96%8B%E3%81%8F%E6%9C%80%E3%82%82%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%20-%20%E6%8B%A1%E5%BC%B5%20-%202021&t=gdpr%2814%29ti%282%29
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
d807b8ea3bd956efab53f6b572bb0e156a22f7a647d713c0d70743adb6933a85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 11:53:50 GMT
x-content-type-options
nosniff
last-modified
Fri, 15-Oct-2021 11:53:50 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ja.scriptcult.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Fri, 15-Oct-2021 11:53:50 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 11:53:50 GMT
last-modified
Fri, 15-Oct-2021 11:53:50 GMT
location
/watch/53505307/1?wmode=7&page-url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A236%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A872836211704%3Ahid%3A911116631%3Az%3A0%3Ai%3A202101015115350%3Aet%3A1634298830%3Ac%3A1%3Arn%3A329539088%3Arqn%3A1%3Au%3A1634298830921441574%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634298829888%3Adsn%3A0%2C20%2C51%2C1%2C0%2C0%2C%2C473%2C13%2C%2C%2C%2C546%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634298831%3At%3AZRD%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB-2020%E5%B9%B4%E3%81%AB.ZRD%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB%E3%82%92%E9%96%8B%E3%81%8F%E6%9C%80%E3%82%82%E7%B0%A1%E5%8D%98%E3%81%AA%E6%96%B9%E6%B3%95%20-%20%E6%8B%A1%E5%BC%B5%20-%202021&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ja.scriptcult.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 15-Oct-2021 11:53:50 GMT
pubads_impl_2021101301.js
securepubads.g.doubleclick.net/gpt/ 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
29d3ac66cb7823c6a5771bbb0ee77b819f72c251c06f7c9eb5c3000ea9611b32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124741
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 08:34:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Oct 2021 11:53:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		36 B
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.scriptcult.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
5caad4a4232e5f638f51249e3b76fc327298c198c53743abd2b2a6f87b09165e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52
x-xss-protection
0
expires
Fri, 15 Oct 2021 11:53:50 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ja.scriptcult.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 15 Oct 2021 11:53:50 GMT
content-length
0
cache-control
private
access-control-allow-origin
https://ja.scriptcult.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age
86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ja.scriptcult.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 15 Oct 2021 11:53:50 GMT
content-length
0
cache-control
private
access-control-allow-origin
https://ja.scriptcult.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age
86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211015
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a5848462ade3829382c26ff6fca5f99583cb0905a4cd17cfda665761b2b92b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
18934
x-jsd-version
1.0.1130
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19145-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"6a1-RX356r6rSrpcDW82G6zHdhDAwC0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
69e8d96d0e64690a-FRA
localstore.js
script.4dex.io/ 		483 B
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17
content-type
application/javascript
x-amz-request-id
tx1db044df8e5f42a9912f3-006166ad02
x-amz-id-2
tx1db044df8e5f42a9912f3-006166ad02
last-modified
Wed, 13 Oct 2021 09:54:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3hz9w2bgK4sfKVQR8lo%2BpjAIp8lAZCNw31geBg0eczV3%2F2knkR%2FciB88XPKjCaJvwD455aEHM3UcTbooK32TjEjPfRWtJBIdsFjFp%2B3816FcBTJtBg1P1afdhzNT0Vc2QCOj8RUeN4pCb%2FQ"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1634118880750401
cache-control
public, max-age=1800
cf-ray
69e8d96d2c406983-FRA
expires
Fri, 15 Oct 2021 12:23:50 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b8268c7c0d9391da63beda73177b9fba5b1c42c3d08baed1c3f634324741ffbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 11:53:51 GMT
X-Proxy-Origin
91.199.118.77; 91.199.118.77; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a02f2906-d680-4537-9643-43a35788aea9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ja.scriptcult.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://ja.scriptcult.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.scriptcult.com
date
Fri, 15 Oct 2021 11:53:50 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
v2
i.connectad.io/api/ 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://ja.scriptcult.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
69e8d96d5d9b2ba1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.scriptcult.com
pragma
no-cache
date
Fri, 15 Oct 2021 11:53:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
openrtb
adx.adform.net/adx/ 		0
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 11:53:51 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ja.scriptcult.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		11 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c6db1afc910af179cf0e49975b4a00f0840e18f6842a2d255054553f1a63237d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Oct 2021 11:53:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.199.118.77; 91.199.118.77; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4131b8f6-e534-4ea2-aca9-d19e16a31e65
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ja.scriptcult.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
server
nginx
access-control-allow-methods
POST, GET
access-control-allow-origin
https://ja.scriptcult.com
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.scriptcult.com
date
Fri, 15 Oct 2021 11:53:50 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.scriptcult.com
date
Fri, 15 Oct 2021 11:53:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.scriptcult.com
pragma
no-cache
date
Fri, 15 Oct 2021 11:53:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.scriptcult.com
date
Fri, 15 Oct 2021 11:53:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.scriptcult.com
date
Fri, 15 Oct 2021 11:53:50 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
openrtb
adx.adform.net/adx/ 		0
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 11:53:51 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ja.scriptcult.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
prebid-request
onetag-sys.com/ 		15 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://ja.scriptcult.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
ssp.wp.pl/bidder/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
server
nginx
access-control-allow-methods
POST, GET
access-control-allow-origin
https://ja.scriptcult.com
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
prebid
ib.adnxs.com/ut/v3/ 		11 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b08f0c69590eb4548f69e947fe752902657934a19826a0364aa9d6b1032482bc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Oct 2021 11:53:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.199.118.77; 91.199.118.77; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e22d05df-003e-4cbc-b336-b61bf0c43256
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ja.scriptcult.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ja.scriptcult.com
date
Fri, 15 Oct 2021 11:53:50 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
76bb2a462c22a6e4468a4693c9592cd0e522874fc2dc3a5d1a9d188e9958a09f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 11:53:51 GMT
X-Proxy-Origin
91.199.118.77; 91.199.118.77; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c95b2ada-fcda-46ca-9f4a-4b513763c4e8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ja.scriptcult.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
i.connectad.io/api/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ja.scriptcult.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Oct 2021 11:53:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://ja.scriptcult.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
69e8d96d5d9c2ba1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ja.scriptcult.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2173063720940886&plah=ja.scriptcult.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ja.scriptcult.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2173063720940886&plah=ja.scriptcult.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 11:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BCDB 		27 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2173063720940886&plah=ja.scriptcult.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c90047566c486c0588980a56952b2f15fabf82ea33babb5eecd84827e3b566b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ja.scriptcult.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 15 Oct 2021 11:53:51 GMT
server
cafe
content-length
11340
x-xss-protection
0
set-cookie
IDE=AHWqTUn6UuvtqMD3kFCfFjZuIEpvBiVXi2VX6jbxhW-4DripmEFG3220k4BdM5AYBy0; expires=Wed, 09-Nov-2022 11:53:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 15 Oct 2021 11:53:51 GMT
cache-control
private
ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js
cdn.zx-adnet.com/consent/ 		230 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Fri, 15 Oct 2021 09:43:03 GMT
x-timer
S1634298834.616850,VS0,VE244
etag
"dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by
cache-fra19125-FRA
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=315000
date
Fri, 15 Oct 2021 11:53:53 GMT
accept-ranges
bytes
content-length
37832
x-cache-hits
0
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74376393c26fe59ec8d36fce2ce596487f33b5d812c4ac6440750ec5eb3ae2ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx4ec75bfd976c49828ab72-006166b024
cf-ray
69e8d96f8e7f4ece-FRA
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-id-2
tx4ec75bfd976c49828ab72-006166b024
last-modified
Wed, 13 Oct 2021 09:54:39 GMT
server
cloudflare
etag
W/"5d86b951e952627506fe3959016560f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiWhRtRWZV4LLfnQo2ROaf0vhv5PwjKNcCSJ7OExZNXjKTHsyQeIwYxGuI9WVU2BmaasfBqLwLkspfO7P51ccOqu%2BFOjINPnsn%2F77ljyMXHuTmd9D4kZFwm3TwgltPquXXSJrCuY7P%2FW%2BcQF"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1634118879265959
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
Authorization
adview
googleads.g.doubleclick.net/pagead/ Frame B84E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CErQkzmtpYcKMOqKm3gPjx66ADpDhgYRctqjCivACwI23ARABIABglbqsgrQHggEXY2EtcHViLTIxNzMwNjM3MjA5NDA4ODagAcKu6N0DyAEJqQKs30H9WHyzPqgDAaoEyQFP0JiHgkPL8dR874__f3UN3Y4UuXbhK8lEtWBnk8NU5cbflhPR0B6ujxVxAYpl2BlkluWgXbBwogPs4Z-rQr6n2B8gz9eWgdANlhUHsQ9pJM3DQg5moMI6RjPVhBNO3KacZw7PQ-8cB02xiKQ6IyMM_ydYdY7iXu2_HpVWQ0VzbxzLCebXNZjggK0jir7cMdDDM0ekAIBUjoXmcRR7EIQbkaatBwUKNoW0aZvww2nDcjleUyqY5Pz2LvwJanWaF9EqQf6pU9dYYhOABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjE3MzA2MzcyMDk0MDg4NhgA&sigh=ANsr2VJivEY
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 15 Oct 2021 11:53:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame B84E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gfan1hn1ahsnw194myhk8rjfn8qa7crzct13wweqe6c1cj4ytrnrw09j72xtynm5z761qztaq2bfj8fmghgp8gmzp0yf0geaz1jq6qf6wdmmb5sxgbt00b8bvt02503qm5baznm1wx948p5zmp3hrhcwsy45e589q0zccjkaf7z4mc8wpn56se0w85vrvesmt6vz4nnmskpw4k6n90e0fyy0dbc6wwae652tddy4b2de4ryw7a97vy58jzscf3fqawcswga7bgkm47wmxjn3jtz815e7y4pzxnwc3tfas1x8h7t4zd3a43ksbespfajc8tnd0n4pkytm57pf0hxb7pz3wh7q2vwhggxevc504rerk77e0zn0jbbmpafqp88710pvtffcm&b=YWlrzgAOhkIKd5MiAAuj49QmrAhYr_lTNpAToA
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 15 Oct 2021 11:53:51 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame C2CB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gxej9vj981p3a35z6re8qjty87pwbpbmsbyz5zdrnxfhsjw9zv7gck07qj9s8eapy0chrysnz9894zajgebtbqt49ssbtvseradhg1c19j2a26cqryz2qsv5qwparrybq7kbx2nqdcbcj1gy9xm0r5dsdm1bxzwxymb7pm9gj64ype469a6evbcdvkp1e2r0td1e5dvh3ma3zaz57jzqdsp7nt8xxg3qzkmqk0phtgkpa93fsy2x02dsagacgrp3kcbfdbj95r9b81xjksqet4w5w6tz758rkbkskmj9hhxbdd4f83n9t3yncfs4v891fq84n7bkz9afrqyq6gwqr7mfpqnfj285t1v9kvy5h6qye0aamq8vbtj1c0ryymgv4t655mmxs43wbsye4836e0z&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR7JKzmtpYcKMOqKm3gPjx66ADpDhgYRctqjCivACwI23ARABIABglbqsgrQHggEXY2EtcHViLTIxNzMwNjM3MjA5NDA4ODagAcKu6N0DyAEJqQKs30H9WHyzPqgDAaoEzAFP0JiHgkPL8dR874__f3UN3Y4UuXbhK8lEtWBnk8NU5cbflhPR0B6ujxVxAYpl2BlkluWgXbBwogPs4Z-rQr6n2B8gz9eWgdANlhUHsQ9pJM3DQg5moMI6RjPVhBNO3KacZw7PQ-8cB02xiKQ6IyMM_ydYdY7iXu2_HpVWQ0VzbxzLCebXNZjggK0jir7cMdDDM0ekAIBUjoXmcRR7EIQbkaatBwUKNoW0aZvww2nDcjleUyqY5Py0LPGbvaAdVxmtCWhzGkWqWwfGtsCABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-E1pa5qukR2P3XopM0sR3osUjRQ%26client%3Dca-pub-2173063720940886%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae57fb48141e29ca72e2ae4f335526df639a860aebdd55222f35058d2acab99f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1gxej9vj981p3a35z6re8qjty87pwbpbmsbyz5zdrnxfhsjw9zv7gck07qj9s8eapy0chrysnz9894zajgebtbqt49ssbtvseradhg1c19j2a26cqryz2qsv5qwparrybq7kbx2nqdcbcj1gy9xm0r5dsdm1bxzwxymb7pm9gj64ype469a6evbcdvkp1e2r0td1e5dvh3ma3zaz57jzqdsp7nt8xxg3qzkmqk0phtgkpa93fsy2x02dsagacgrp3kcbfdbj95r9b81xjksqet4w5w6tz758rkbkskmj9hhxbdd4f83n9t3yncfs4v891fq84n7bkz9afrqyq6gwqr7mfpqnfj285t1v9kvy5h6qye0aamq8vbtj1c0ryymgv4t655mmxs43wbsye4836e0z&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR7JKzmtpYcKMOqKm3gPjx66ADpDhgYRctqjCivACwI23ARABIABglbqsgrQHggEXY2EtcHViLTIxNzMwNjM3MjA5NDA4ODagAcKu6N0DyAEJqQKs30H9WHyzPqgDAaoEzAFP0JiHgkPL8dR874__f3UN3Y4UuXbhK8lEtWBnk8NU5cbflhPR0B6ujxVxAYpl2BlkluWgXbBwogPs4Z-rQr6n2B8gz9eWgdANlhUHsQ9pJM3DQg5moMI6RjPVhBNO3KacZw7PQ-8cB02xiKQ6IyMM_ydYdY7iXu2_HpVWQ0VzbxzLCebXNZjggK0jir7cMdDDM0ekAIBUjoXmcRR7EIQbkaatBwUKNoW0aZvww2nDcjleUyqY5Py0LPGbvaAdVxmtCWhzGkWqWwfGtsCABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-E1pa5qukR2P3XopM0sR3osUjRQ%26client%3Dca-pub-2173063720940886%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Fri, 15 Oct 2021 11:53:51 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69e8d96ffdd54d84-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame B84E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:45:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 11:45:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BDB4 		1 KB
868 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 15 Oct 2021 08:58:57 GMT
expires
Sat, 16 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
10494
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B84E 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Oct 2021 11:53:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame B84E 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:27:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 11:27:53 GMT
l
www.google.com/ads/measurement/ Frame B84E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUxjgmGVUBkxWPKjs9Hs5guQqdh-aYeACr42FN4V25QyRbgDelC1wHxXPbZ9QAb8sHd1fkyu-_Y6GJWyGERjtjdr2KdQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c2c3fee87756e3b9ec4d7e70bda112774ba857c5004b4a41a50fac001948c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125411
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Fri, 15 Oct 2021 11:53:51 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1634298831348.4885&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&t=186&v=96&width=800&z=p%3Adf%3Bv%3AinBanner%3B&r=0.4427626440557513
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ja.scriptcult.com/
Origin
https://ja.scriptcult.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://ja.scriptcult.com
date
Fri, 15 Oct 2021 11:53:51 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
TK3hWkUHHAIjg75-ohoTus9C.woff2
scriptcult.com/template/apollo/css/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://scriptcult.com/template/apollo/css/TK3hWkUHHAIjg75-ohoTus9C.woff2
Requested by
Host: scriptcult.com
URL: https://scriptcult.com/template/apollo/css/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d83e7cda3ff6c3ffe85ec390da052257d18df60dca9751dac386d1994f76029

Request headers

Referer
https://scriptcult.com/template/apollo/css/css.css
Origin
https://ja.scriptcult.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15544
last-modified
Fri, 17 Jul 2020 14:43:28 GMT
server
cloudflare
etag
"3cb8-5aaa42e18a060"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV0iv8dOHI5MUnmtQ1LAaaFlc%2BOWoAga%2BQH3mghWgewgLHwUFmWi%2FYLGwNW%2FPg6Ak3%2BiyI5AKOgAMUCM2fpCKycc46zHuU1kVw4QXzPIW4n7ADgoOuGTGE2cuBDowxXKekHNIQSpeg9xSski8g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69e8d970ae57c281-FRA
expires
Fri, 22 Oct 2021 11:53:53 GMT
truncated
/ Frame B84E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb546761497585fa9ebff5bb5e74967462739dcb550ec88bfa1c3ad85124b267

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame BDB4 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO_c_g-7JzbxgvRDqExMLHs&google_cver=1&google_push=AYg5qPLlz9INMXgLkg6fl0HB3j4pOdA431QVtCtZgLexNOSjgPk-kSGV6wE_Iy4V9qAwo6E7sxtDexg80_SenytCHuPsE2edYQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 11:53:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BDB4
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ5ktF-...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ5ktF-...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTUxMTUzNTEwMDA0MjY4NzI5NDAyNQ%3D%3D&google_push=AYg5qPJ5ktF-MSxNt2r-WRZleu0XwZeIiw7yU4aEDRSIS06jfLDCP7y9B2b577rmtWj3TF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTUxMTUzNTEwMDA0MjY4NzI5NDAyNQ%3D%3D&google_push=AYg5qPJ5ktF-MSxNt2r-WRZleu0XwZeIiw7yU4aEDRSIS06jfLDCP7y9B2b577rmtWj3TFyMDF0_KRRD-JAK5Epi69tLbNaJzbQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 11:53:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTUxMTUzNTEwMDA0MjY4NzI5NDAyNQ%3D%3D&google_push=AYg5qPJ5ktF-MSxNt2r-WRZleu0XwZeIiw7yU4aEDRSIS06jfLDCP7y9B2b577rmtWj3TFyMDF0_KRRD-JAK5Epi69tLbNaJzbQ
pragma
no-cache
date
Fri, 15 Oct 2021 11:53:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Fri, 15 Oct 2021 11:53:51 GMT
sync
odr.mookie1.com/t/v2/ Frame BDB4 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEELUkqJ3a9gvj2rgZ0QTh-A&google_push=AYg5qPKZzr1QnjXcFpbS1yAv9G7KpZmQ2IEQBsvxyAs2smTWKwgU6IADU-wULkuBSCeCIaBmWx4AMEXRhy46iFUBJFyEO9ArKsY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 11:53:51 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BDB4
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEENwEaU4fM9H3ZXXZSpIRhA&google_cver=1&google_push=AYg5qPJ-354fLqu9ltDkJAKiBc5WrdsyJLhf_-bjdfvJGvQbPySwRC_f61gfJziAubTyq9P2Vi0F8U-0114DH1S6_GwlWGqJNA
  • https://rtb.openx.net/sync/dds?google_gid=CAESEENwEaU4fM9H3ZXXZSpIRhA&google_cver=1&google_push=AYg5qPJ-354fLqu9ltDkJAKiBc5WrdsyJLhf_-bjdfvJGvQbPySwRC_f61gfJziAubTyq9P2Vi0F8U-0114DH1S6_GwlWGqJNA&ox...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ-354fLqu9ltDkJAKiBc5WrdsyJLhf_-bjdfvJGvQbPySwRC_f61gfJziAubTyq9P2Vi0F8U-0114DH1S6_GwlWGqJNA&google_hm=TcCG8sRVwwQskTC6M9V6lg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ-354fLqu9ltDkJAKiBc5WrdsyJLhf_-bjdfvJGvQbPySwRC_f61gfJziAubTyq9P2Vi0F8U-0114DH1S6_GwlWGqJNA&google_hm=TcCG8sRVwwQskTC6M9V6lg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 11:53:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 11:53:50 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ-354fLqu9ltDkJAKiBc5WrdsyJLhf_-bjdfvJGvQbPySwRC_f61gfJziAubTyq9P2Vi0F8U-0114DH1S6_GwlWGqJNA&google_hm=TcCG8sRVwwQskTC6M9V6lg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
sp95fbii2qg7bv76tjoba28486jbbt34
pixel
cm.g.doubleclick.net/ Frame BDB4
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fYCuZoRaRbGNH1MoR_WTNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fYCuZoRaRbGNH1MoR_WTNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPINJrnpaQbY0FiaISXrzzAxVPoD0GDsD-D1WNNc5KajY0hPMnUxZLCI3PTTuuzBRgi9eOnEufDX5EB_-IAOijUvsyrvOQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 11:53:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fYCuZoRaRbGNH1MoR_WTNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPINJrnpaQbY0FiaISXrzzAxVPoD0GDsD-D1WNNc5KajY0hPMnUxZLCI3PTTuuzBRgi9eOnEufDX5EB_-IAOijUvsyrvOQ
date
Fri, 15 Oct 2021 11:53:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame BDB4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDdgdc7_OogspD2JpVTt164&google_cver=1&google_push=AYg5qPKZW1e6n2zG5_O25ypEytKt3LQv1CEpevMTQKQP6K4z-GJYgmCuO4P-F7sQUX-_T7qphvX...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTQkJUMkMtMVMtSU44Rg==&google_push=AYg5qPKZW1e6n2zG5_O25ypEytKt3LQv1CEpevMTQKQP6K4z-GJYgmCuO4P-F7sQUX-_T7qphvXCsKG9kaBq8p3NkHwUGYB0sMY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTQkJUMkMtMVMtSU44Rg==&google_push=AYg5qPKZW1e6n2zG5_O25ypEytKt3LQv1CEpevMTQKQP6K4z-GJYgmCuO4P-F7sQUX-_T7qphvXCsKG9kaBq8p3NkHwUGYB0sMY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 11:53:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTQkJUMkMtMVMtSU44Rg==&google_push=AYg5qPKZW1e6n2zG5_O25ypEytKt3LQv1CEpevMTQKQP6K4z-GJYgmCuO4P-F7sQUX-_T7qphvXCsKG9kaBq8p3NkHwUGYB0sMY
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame BDB4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0V...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame BDB4 		0
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LqgM8bSZlGEY_eRhuZQR4o_cBCnX9_Loq0SeGot0yYVWeZ__rGOxMu_S7ENRRa7Py7JrPj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2173063720940886&output=html&h=280&slotname=4250642565&adk=655493194&adf=3643374295&pi=t.ma~as.4250642565&w=336&lmt=1634298830&psa=0&format=336x280&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634298830336&bpp=1&bdt=373&idt=579&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&prev_fmts=0x0%2C1200x280%2C800x280%2C800x200%2C800x200&nras=1&correlator=379787291894&frm=20&pv=1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=2245&ady=528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C44750575%2C31063127&oid=2&pvsid=424081434826974&pem=817&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Pqc046NixT&p=https%3A//ja.scriptcult.com&dtd=583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ja.scriptcult.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 11:53:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ja.scriptcult.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 11:53:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=424081434826974&correlator=968425264895571&output=ldjh&impl=fif&eid=31063083%2C31063179%2C31063192%2C31063127&vrg=2021101301&ptt=17&gdpr_consent=CPOHjYcPOHjYcAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=121764058%2Cstrephonsays.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.09%26hb_adid_appnexus%3D41167920f488a96%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D41167920f488a96%26hb_bidder%3Dappnexus&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&bc=31&abxe=1&lmt=1634298831&dt=1634298831660&dlt=1634298829963&idt=1241&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=1200&adks=2121637298&ucis=1&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=700x-1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=false&fws=1664&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
0ab213bc65d3bb6a8aedd6a202673469e59a38dbf138f63ecedc031dad72c9bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11817
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ja.scriptcult.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=424081434826974&correlator=968425264895571&output=ldjh&impl=fif&eid=31063083%2C31063179%2C31063192%2C31063127&vrg=2021101301&ptt=17&gdpr_consent=CPOHjYcPOHjYcAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=121764058%2Cstrephonsays.com_1st_group_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.09%26hb_adid_appnexus%3D4262b57e75ae445%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D4262b57e75ae445%26hb_bidder%3Dappnexus&cookie=ID%3Da074e9d1542c6203-2284e59df3ca007d%3AT%3D1634298830%3ART%3D1634298830%3AS%3DALNI_MYe8QGYpFfGnBdcBGA57ZKSF8YkaA&bc=31&abxe=1&lmt=1634298831&dt=1634298831666&dlt=1634298829963&idt=1241&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=1200&adks=1509465800&ucis=2&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=700x-1&ga_vid=471210600.1634298831&ga_sid=1634298831&ga_hid=92928553&ga_fc=false&fws=1664&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
8c2eea5207c883fbd0d0a18f031e9cbf7ab7934f87b48ac7ae79e0fb82519cd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11719
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ja.scriptcult.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eb9684034aec506d9892771e51ce1592.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9488 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb9684034aec506d9892771e51ce1592.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
eb9684034aec506d9892771e51ce1592.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ja.scriptcult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 15 Oct 2021 11:53:51 GMT
expires
Sat, 15 Oct 2022 11:53:51 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame C2CB 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gxej9vj981p3a35z6re8qjty87pwbpbmsbyz5zdrnxfhsjw9zv7gck07qj9s8eapy0chrysnz9894zajgebtbqt49ssbtvseradhg1c19j2a26cqryz2qsv5qwparrybq7kbx2nqdcbcj1gy9xm0r5dsdm1bxzwxymb7pm9gj64ype469a6evbcdvkp1e2r0td1e5dvh3ma3zaz57jzqdsp7nt8xxg3qzkmqk0phtgkpa93fsy2x02dsagacgrp3kcbfdbj95r9b81xjksqet4w5w6tz758rkbkskmj9hhxbdd4f83n9t3yncfs4v891fq84n7bkz9afrqyq6gwqr7mfpqnfj285t1v9kvy5h6qye0aamq8vbtj1c0ryymgv4t655mmxs43wbsye4836e0z&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR7JKzmtpYcKMOqKm3gPjx66ADpDhgYRctqjCivACwI23ARABIABglbqsgrQHggEXY2EtcHViLTIxNzMwNjM3MjA5NDA4ODagAcKu6N0DyAEJqQKs30H9WHyzPqgDAaoEzAFP0JiHgkPL8dR874__f3UN3Y4UuXbhK8lEtWBnk8NU5cbflhPR0B6ujxVxAYpl2BlkluWgXbBwogPs4Z-rQr6n2B8gz9eWgdANlhUHsQ9pJM3DQg5moMI6RjPVhBNO3KacZw7PQ-8cB02xiKQ6IyMM_ydYdY7iXu2_HpVWQ0VzbxzLCebXNZjggK0jir7cMdDDM0ekAIBUjoXmcRR7EIQbkaatBwUKNoW0aZvww2nDcjleUyqY5Py0LPGbvaAdVxmtCWhzGkWqWwfGtsCABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-E1pa5qukR2P3XopM0sR3osUjRQ%26client%3Dca-pub-2173063720940886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gxej9vj981p3a35z6re8qjty87pwbpbmsbyz5zdrnxfhsjw9zv7gck07qj9s8eapy0chrysnz9894zajgebtbqt49ssbtvseradhg1c19j2a26cqryz2qsv5qwparrybq7kbx2nqdcbcj1gy9xm0r5dsdm1bxzwxymb7pm9gj64ype469a6evbcdvkp1e2r0td1e5dvh3ma3zaz57jzqdsp7nt8xxg3qzkmqk0phtgkpa93fsy2x02dsagacgrp3kcbfdbj95r9b81xjksqet4w5w6tz758rkbkskmj9hhxbdd4f83n9t3yncfs4v891fq84n7bkz9afrqyq6gwqr7mfpqnfj285t1v9kvy5h6qye0aamq8vbtj1c0ryymgv4t655mmxs43wbsye4836e0z&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR7JKzmtpYcKMOqKm3gPjx66ADpDhgYRctqjCivACwI23ARABIABglbqsgrQHggEXY2EtcHViLTIxNzMwNjM3MjA5NDA4ODagAcKu6N0DyAEJqQKs30H9WHyzPqgDAaoEzAFP0JiHgkPL8dR874__f3UN3Y4UuXbhK8lEtWBnk8NU5cbflhPR0B6ujxVxAYpl2BlkluWgXbBwogPs4Z-rQr6n2B8gz9eWgdANlhUHsQ9pJM3DQg5moMI6RjPVhBNO3KacZw7PQ-8cB02xiKQ6IyMM_ydYdY7iXu2_HpVWQ0VzbxzLCebXNZjggK0jir7cMdDDM0ekAIBUjoXmcRR7EIQbkaatBwUKNoW0aZvww2nDcjleUyqY5Py0LPGbvaAdVxmtCWhzGkWqWwfGtsCABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-E1pa5qukR2P3XopM0sR3osUjRQ%26client%3Dca-pub-2173063720940886%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:52 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
688680
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 07 Oct 2021 12:35:52 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
69e8d973fc1d4d84-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame C2CB 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gxej9vj981p3a35z6re8qjty87pwbpbmsbyz5zdrnxfhsjw9zv7gck07qj9s8eapy0chrysnz9894zajgebtbqt49ssbtvseradhg1c19j2a26cqryz2qsv5qwparrybq7kbx2nqdcbcj1gy9xm0r5dsdm1bxzwxymb7pm9gj64ype469a6evbcdvkp1e2r0td1e5dvh3ma3zaz57jzqdsp7nt8xxg3qzkmqk0phtgkpa93fsy2x02dsagacgrp3kcbfdbj95r9b81xjksqet4w5w6tz758rkbkskmj9hhxbdd4f83n9t3yncfs4v891fq84n7bkz9afrqyq6gwqr7mfpqnfj285t1v9kvy5h6qye0aamq8vbtj1c0ryymgv4t655mmxs43wbsye4836e0z&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR7JKzmtpYcKMOqKm3gPjx66ADpDhgYRctqjCivACwI23ARABIABglbqsgrQHggEXY2EtcHViLTIxNzMwNjM3MjA5NDA4ODagAcKu6N0DyAEJqQKs30H9WHyzPqgDAaoEzAFP0JiHgkPL8dR874__f3UN3Y4UuXbhK8lEtWBnk8NU5cbflhPR0B6ujxVxAYpl2BlkluWgXbBwogPs4Z-rQr6n2B8gz9eWgdANlhUHsQ9pJM3DQg5moMI6RjPVhBNO3KacZw7PQ-8cB02xiKQ6IyMM_ydYdY7iXu2_HpVWQ0VzbxzLCebXNZjggK0jir7cMdDDM0ekAIBUjoXmcRR7EIQbkaatBwUKNoW0aZvww2nDcjleUyqY5Py0LPGbvaAdVxmtCWhzGkWqWwfGtsCABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3-E1pa5qukR2P3XopM0sR3osUjRQ%26client%3Dca-pub-2173063720940886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date
Fri, 15 Oct 2021 11:53:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23696
x-guploader-uploadid
ADPycdtFtdKKrts0j4ouOA4Whf4kLEXAYIAaO_o_O2WoAiEFW-C0foPriUk8gOVwUuGxcdzNrVCHvwnSOMXaq-2XJjE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 09 Oct 2021 05:18:34 GMT
server
cloudflare
etag
W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TR3RbqSW2I%2F%2FPVDN9vheShGAsR8ycagB9KRm9BvksG%2F7Ny54IFlOtDs6C0lX3OZ%2FTiZl%2B108T%2FZMUjT%2BrEQvHHPRQl2OxAKNE6aE%2B35GiOU%2FdFCBLRUOJifVFeA2GUw9kZS8ac%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1630387096547004
content-type
application/javascript; charset=utf-8
expires
Fri, 15 Oct 2021 05:18:55 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
69e8d97219304d84-FRA
cf-bgj
minify
csub.js
js.wpushsdk.com/npc/sdk/wpu/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:51 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 06:06:24 GMT
server
nginx/1.18.0
etag
W/"61233ae0-1e8b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 15 Oct 2021 12:53:51 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
build.js
js.cabnnr.com/banner-admanager/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cabnnr.com/banner-admanager/build.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cb69ebef736d09eb8e46d48b3ffb05ac7b1223085825f4159ce62a8d68770021

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:53:51 GMT
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 08:56:00 GMT
server
nginx/1.18.0
etag
W/"6167f0a0-adb5"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 15 Oct 2021 12:53:51 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
1x1.png
cdn.1vag.com/ Frame 9DC3
Redirect Chain
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSwyNiw0Niw0Nyw1NCw1NSw2MSIsInR...
  • https://btds.zog.link/in/912/?sid=10614&source=160473538&idzone=&w=1&h=1&mo=&ve=&site_id=10614&utm1=&utm2=&utm3=&utm4=&ad_tags=&spot_id=10614&p=https%3A%2F%2Fja.scriptcult.com%2Fopen-zrd-files-1760...
  • https://cdn.1vag.com/1x1.png
68 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.1vag.com/1x1.png
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

:method
GET
:authority
cdn.1vag.com
:scheme
https
:path
/1x1.png
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ja.scriptcult.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/

Response headers

date
Fri, 15 Oct 2021 11:53:51 GMT
content-type
image/png
content-length
68
server
nginx/1.18.0
last-modified
Wed, 15 Apr 2020 13:30:15 GMT
etag
"5e970c67-44"
cache-control
max-age=3600
x-request-id
c710b652d5647a5f3e1673de497310c5
expires
Fri, 15 Oct 2021 12:53:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
accept-ranges
bytes

Redirect headers

server
nginx/1.17.2
date
Fri, 15 Oct 2021 11:53:51 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://cdn.1vag.com/1x1.png
vary
*
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
set-cookie
912.0=1; expires=Sat, 16 Oct 2021 11:53:52 GMT; path=/; secure; SameSite=None
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C2CB 		0
0
frame.html
ad4m.at/ Frame 74D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 15 Oct 2021 11:53:52 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Fri, 15 Oct 2021 12:53:52 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
1781872
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cwrp2Ke5L9%2Ff%2BI%2FhNe6NI80bWeF8X3Tv91FtFIqAOU7%2Bs6ovCyzHC4WYVG2U9fjHP9b%2FG7wQLRNEQUGkmiqlJmueJq%2BVnKhmZ7%2Bn2okV1uFnTHbz0KsOk1x3Q0FrPL8ExC3NW1I%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
69e8d9742c794d84-FRA
content-encoding
br
activeview
pagead2.googlesyndication.com/pcs/ Frame B84E 		0
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012109102127000/ 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
222527
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55506
x-xss-protection
0
server
sffe
date
Tue, 12 Oct 2021 22:05:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c42e3b94efe0099e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 12 Oct 2022 22:05:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
195554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4995
x-xss-protection
0
server
sffe
date
Wed, 13 Oct 2021 05:34:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc03df60ee69192f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Oct 2022 05:34:38 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
147908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28507
x-xss-protection
0
server
sffe
date
Wed, 13 Oct 2021 18:48:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"283b6526337df106"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Oct 2022 18:48:44 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
196050
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1638
x-xss-protection
0
server
sffe
date
Wed, 13 Oct 2021 05:26:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b3f838efba7b15f2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Oct 2022 05:26:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
410583
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12820
x-xss-protection
0
server
sffe
date
Sun, 10 Oct 2021 17:50:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2e8049efde94274d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 10 Oct 2022 17:50:49 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e9420bad9b951ab32538fe38e7604bc89f5f0ccfa8dd1ff153292ee8aa0981b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
5058683443461167931
tpc.googlesyndication.com/simgad/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5058683443461167931?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkVXpfTlk4k5lWFVPkvJ5yZIiwJcQ
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3745f2e7dbf3de7c7e2c28590159fe6b6c7291ac75f39c82246661ff81634957
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 04:51:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Jul 2021 08:52:49 GMT
server
sffe
age
370958
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41346
x-xss-protection
0
expires
Tue, 11 Oct 2022 04:51:14 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 17:56:32 GMT
x-content-type-options
nosniff
server
cafe
age
64640
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Fri, 15 Oct 2021 17:56:32 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ 		344 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 07:25:40 GMT
x-content-type-options
nosniff
server
cafe
age
16092
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 16 Oct 2021 07:25:40 GMT
adview
securepubads.g.doubleclick.net/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cq-aKz2tpYYXJLOCN7_UP59mf-AOs-trBZNLF04W_DtistpWLAxABIKqAwyJglYKAgLAHoAHRgZm-A8gBAuACAKgDAcgDCKoE_QFP0LVkQwK9cGE_BEPeMTXfwmBmulYfjoi8qlXOLFUWEN0NNwk1G4R095Cf3FxHwUwzBdMPuJJFzekqoOuwgIccYV_umUJFPB1ulwNg2-Q_3JSo9YuJOX0Nk2YeUi3YszwaomMfkMSbOxj--n22NcxcCU_x54lCKoISRoV7NFyC04bwOeaVRMW7nCpHmCKCRbV8fsAFbciNOToAozO3FtZpQjnTRqUS2pdhQ47K_EIR7b83VToxHICPxbYBL8Ey88Wka7kCyKtWDveWNMWPbK2ok5c2p7UmXVFjX-4493bjGVXcQffcGPJGYKvwZCjwYcqBzi4QLgAYnQK1LGgqwAT5vqbHyAPgBAGSBQQIBBgBkgUECAUYBKAGAoAH5b_IzgGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEPPCD9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMzQyMzc0ODM1MDE3NTc5OIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=A-Bruk_MMNc&uach_m=[UACH]
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ja.scriptcult.com
URL: https://ja.scriptcult.com/open-zrd-files-1760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date
Fri, 15 Oct 2021 11:53:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpHMmWwgvZjW7CRIQ96FMj5QDQOfBVZR-N94l-nsMnZEHCDB_PpBVUZczBL2x98gbuNyJOxI-kH_VB2R_fRqlOfpJgp1sfDPZ1-PScXtPVo3wD11Kf-1OxqZVJYPrJ-8gR7Lt3734oFzF9&sai=AMfl-YSXAm2tL-s-MiBVdrOpi_UT2P_ChKBrvntBbxZjsvcuKfr9TKoBH7Eb9Sg-4Nvx9sHAaQFbwGXNAf1YAckmFBlnxlmGpvLq7ZbungwPCXkbLva-WKQ5a_pUZ7-I&sig=Cg0ArKJSzFzP4m_u8DbsEAE&cid=CAASF-RoaZy3CxRHg0kk1jfV0yW1fSOnzfoJ&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=75&tls=1075&g=100&h=100&tt=1076&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2121637298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 11:53:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.scriptcult.com%2F&domain=ja.scriptcult.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=QEWihXw1RXhNNGtxN3RYVnFjR2lBa0pmWmorUjZLd0lOenJRYVQzcmNza1hJTlJ6MkpIcXJKT1NUbC83djV6dUg3Ty9TcERZc1NQblQwRGtIS2RINitUZnFZYUJRa2hzd25wTUJiY3krbnZ6cEZjbmlTMzVXeDErVEV4Zk...
340 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=QEWihXw1RXhNNGtxN3RYVnFjR2lBa0pmWmorUjZLd0lOenJRYVQzcmNza1hJTlJ6MkpIcXJKT1NUbC83djV6dUg3Ty9TcERZc1NQblQwRGtIS2RINitUZnFZYUJRa2hzd25wTUJiY3krbnZ6cEZjbmlTMzVXeDErVEV4ZkIyR2dLN2d5ek82bzZVd05vVlV3TWlZZERvck1GVzIrTjErbmJxN2xXT0tJSDJTSDVDenNpUGc5VXFCcUYrSnEwb3FXN3I0TVZ0eFlYSUVvMU1sUXpsVGYraXN5OG5XU1VNVHloZGs3MkFmWWc1MlpqRFR2TU93Sm1hVndUZUtHMHdtWGhkdnY4fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
b88311ecb12077b7e671513aaa151ce95c04680d7a8188c2f354356054021c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 15 Oct 2021 11:53:54 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3006
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 15 Oct 2021 11:53:53 GMT
location
https://mug.criteo.com/sid?cpp=QEWihXw1RXhNNGtxN3RYVnFjR2lBa0pmWmorUjZLd0lOenJRYVQzcmNza1hJTlJ6MkpIcXJKT1NUbC83djV6dUg3Ty9TcERZc1NQblQwRGtIS2RINitUZnFZYUJRa2hzd25wTUJiY3krbnZ6cEZjbmlTMzVXeDErVEV4ZkIyR2dLN2d5ek82bzZVd05vVlV3TWlZZERvck1GVzIrTjErbmJxN2xXT0tJSDJTSDVDenNpUGc5VXFCcUYrSnEwb3FXN3I0TVZ0eFlYSUVvMU1sUXpsVGYraXN5OG5XU1VNVHloZGs3MkFmWWc1MlpqRFR2TU93Sm1hVndUZUtHMHdtWGhkdnY4fA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ja.scriptcult.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2098
content-length
509
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.scriptcult.com%2F&domain=ja.scriptcult.com&cw=1&lsw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://ja.scriptcult.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ja.scriptcult.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1499
date
Fri, 15 Oct 2021 11:53:53 GMT
content-encoding
gzip
vary
Accept-Encoding
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ja.scriptcult.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=QEWihXw1RXhNNGtxN3RYVnFjR2lBa0pmWmorUjZLd0lOenJRYVQzcmNza1hJTlJ6MkpIcXJKT1NUbC83djV6dUg3Ty9TcERZc1NQblQwRGtIS2RINitUZnFZYUJRa2hzd25wTUJiY3krbnZ6cEZjbmlTMzVXeDErVEV4ZkIyR2dLN2d5ek82bzZVd05vVlV3TWlZZERvck1GVzIrTjErbmJxN2xXT0tJSDJTSDVDenNpUGc5VXFCcUYrSnEwb3FXN3I0TVZ0eFlYSUVvMU1sUXpsVGYraXN5OG5XU1VNVHloZGs3MkFmWWc1MlpqRFR2TU93Sm1hVndUZUtHMHdtWGhkdnY4fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1336
date
Fri, 15 Oct 2021 11:53:54 GMT
content-encoding
gzip
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWlrzw_zH2AF31n5Gz-NAQAABK4AAAAB&google_gid=CAESEITtqKoDQzx3pb3CpqM5lgs&google_cver=1&google_push=AYg5qPKMRJYWxnNRF6PbL0Hw_Z2wefDu7P-0VA4Q21mniVmIhaHg86pA3lJjusEhN6eSKz3jzvb-amtNXMNUY4HpU9zzJfq4sA
Domain
static-de.ad4mat.net
URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBJO59dJEmufH6MUFk5A2OCgT3m8LdB_8HUgQqALDbsGAfxYlP2s-BBpkctw_yhNtagoM_jFWuIXnwxDzaFVlpgw&sig=Cg0ArKJSzBAdeoxPHkfuEAE&cid=CAASF-RoKpDFr6AMdYWQWtZpYL31SkjbxWbH&id=lidartos&mcvt=0&p=0,0,250,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=655493194&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1634298831280&rpt=226&ec=0&met=ie&wmsd=0

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect boolean| originAgentCluster object| adsbygoogle function| ym function| dyamar_polls_send_vote function| dyamar_polls_view_result function| dyamar_polls_view_question undefined| $ function| jQuery object| Sk object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| __adFormats object| __formatsGetters object| AdManager object| a3klsam object| jQuery11240795692825262555 function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| EventEmitter object| eventie function| imagesLoaded object| lightbox object| zxConsentParams object| t object| e object| data object| Ya object| yaCounter53505307 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime boolean| __isGoogleAllowed object| googletag object| pbjs325474 function| AdPlayerPro object| _0xe9ce object| $jscomp function| $jscomp$lookupPolyfilledValue function| ZxStartMainModule21 object| __ZXCONSENT21 number| zxConsentEnabled number| ZxConsentFlg number| OaCmpEnabledflg number| ZxConsentCheckStatus string| didomiCountry object| didomiGeoRegulations object| didomiOnReady string| _CSS object| didomiRemoteConfig function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| didomiEventListeners object| dataLayer function| __tcfapi object| didomiState object| DMVAST function| playerPro object| sas object| apntag object| _ADAGIO object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| __banner-init object| AMP object| AMP_CONFIG object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_MODE object| __AMP_TOP object| __AMP_SERVICES object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS boolean| __AMP_TAG function| FormProxy

42 Cookies

Domain/Path Name / Value
.g3news.biz/ Name: uuid
Value: e0c59f73-aa85-499d-be9d-52218a4ef873
.scriptcult.com/ Name: _ym_uid
Value: 1634298830921441574
.scriptcult.com/ Name: _ym_d
Value: 1634298830
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 286639463fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 238945561fake
.scriptcult.com/ Name: _ym_isad
Value: 2
.yandex.com/ Name: yandexuid
Value: 8132496481634298830
.yandex.com/ Name: yuidss
Value: 8132496481634298830
mc.yandex.com/ Name: yabs-sid
Value: 547148911634298830
.yandex.com/ Name: i
Value: OsicEAET+0bBMwMctTbmbQlzInSCfK1rR3qZYvoZ3Vi/ZRMkVPL9lRqTEd3a+EcI4onvUYF2mPwxzuOzoIiexnYBJFY=
.yandex.com/ Name: ymex
Value: 1665834830.yrts.1634298830#1665834830.yrtsi.1634298830
ja.scriptcult.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.doubleclick.net/ Name: IDE
Value: AHWqTUn6UuvtqMD3kFCfFjZuIEpvBiVXi2VX6jbxhW-4DripmEFG3220k4BdM5AYBy0
prebid.a-mo.net/ Name: __amc
Value: 1_1634298831_1634298831
.a-mo.net/ Name: amuid2
Value: f226cd27-f761-4240-96d8-99a2ff09104e
.adnxs.com/ Name: icu
Value: ChgIiI5zEAoYASABKAEwz9eliwY4AUABSAEQz9eliwYYAA..
.adnxs.com/ Name: uuid2
Value: 4295586590984504352
.quantserve.com/ Name: d
Value: EAIBCQG-JIEA
.quantserve.com/ Name: mc
Value: 61696bcf-899ab-b4c1c-78cc4
.openx.net/ Name: i
Value: 413a3397-c454-45dd-9033-b4e584eb73d1|1634298831
.casalemedia.com/ Name: CMID
Value: YWlrzw-zH2AF31n5Gz.NAQAA
.casalemedia.com/ Name: CMPS
Value: 5228
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.scriptcult.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTdjODNjZDItMDZiZi02NzllLTkyYTEtZjJlOGFhYjI3YTYyIiwiY3JlYXRlZCI6IjIwMjEtMTAtMTVUMTE6NTM6NTEuNTYxWiIsInVwZGF0ZWQiOiIyMDIxLTEwLTE1VDExOjUzOjUxLjU2MVoiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.scriptcult.com/ Name: euconsent-v2
Value: CPOHjYcPOHjYcAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7D80AE66-845A-45B1-8D1F-532847F59334
.casalemedia.com/ Name: CMPRO
Value: 1198
.casalemedia.com/ Name: CMST
Value: YWlrz2Fpa88A
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2021101511535100042687294025
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 61696bcf57bad40a
.addthis.com/ Name: ouid
Value: 61696bcf000171023ac4e4a834f5a8ed9057a0f0d0f02cf6a335
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20211015
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
btds.zog.link/ Name: 912.0
Value: 1
.scriptcult.com/ Name: __gads
Value: ID=a074e9d1542c6203:T=1634298830:S=ALNI_Ma6hyo_5ddUdwXZQsDPkDP3iy9X3Q
.doubleclick.net/ Name: DSID
Value: NO_DATA
ja.scriptcult.com/ Name: cto_bundle
Value: 3L5eh19DTG43cjVtdUxJSmtoSXN5OEtQayUyRlJpdnh5ajV1RWRTeHZxdXJmQjROVW1MR2VZZUtkdE9NTm9jWEs5YWVwTXNyVFdIUFpuSWVLcWxCR2FjcndaNWFlNU56VEVPTXpEWE84d3plZE9TJTJGamJKTHJkNVg1cU5ITXJWNlgzU0lWbiUyQg
ja.scriptcult.com/ Name: cto_bidid
Value: XbGSMl9LelhuejZqajRHQmxwTk1jcnFRdFdodHlXUm1USFZhczRLYUw0S3RSa1JPc280N0p0UHI1SVpNS1RMU3BLNXlhZ2diQ1Ewc3F0ZDBBbWhUYXMyNHRJdyUzRCUzRA

15 Console Messages

Source Level URL
Text
network error URL: https://scriptcult.com/img/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://scriptcult.com/template/apollo/css/close.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://scriptcult.com/template/apollo/css/loading.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9427.gTFBgcxflvCoD_R7WfU3H1K81w4sGeHBDTTHBNfXcjKccIe2qSo_4IIHfudvsmErWow1ZA0jufgDSsrXhgupig%2C%2C.LlgCdtQ9wokErVcSjqBhnbyDqVk%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://scriptcult.com/template/apollo/css/footer.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://get.optad360.io/
Message:
Refused to frame 'https://ssp.wp.pl/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://get.optad360.io/
Message:
Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://get.optad360.io/
Message:
Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://get.optad360.io/
Message:
Refused to frame 'https://cdn.connectad.io/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://get.optad360.io/
Message:
Refused to frame 'https://onetag-sys.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://get.optad360.io/
Message:
Refused to frame 'https://onetag-sys.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://get.optad360.io/
Message:
Refused to frame 'https://cdn.connectad.io/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://get.optad360.io/
Message:
Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://get.optad360.io/
Message:
Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://get.optad360.io/
Message:
Refused to frame 'https://ssp.wp.pl/' because it violates the following Content Security Policy directive: "frame-src 'none'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
adservice.google.com
adservice.google.de
adx.adform.net
as.ad4m.at
btds.zog.link
cdn.1vag.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.zx-adnet.com
cm.g.doubleclick.net
cms.quantserve.com
cst.cstwpush.com
e.dlx.addthis.com
eb9684034aec506d9892771e51ce1592.safeframe.googlesyndication.com
g3news.biz
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.connectad.io
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
ja.scriptcult.com
js.cabnnr.com
js.wpadmngr.com
js.wpushsdk.com
mc.yandex.com
mc.yandex.ru
mug.criteo.com
na.nawpush.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prod-rtb.ad4mat.net
rtb.openx.net
rtbbnr.com
script.4dex.io
scriptcult.com
securepubads.g.doubleclick.net
serving.stat-rock.com
ssp.wp.pl
static-de.ad4mat.net
tpc.googlesyndication.com
web.hb.ad.cpe.dotomi.com
www.google.com
www.googletagservices.com
cm.g.doubleclick.net
pagead2.googlesyndication.com
static-de.ad4mat.net
104.111.215.191
142.250.185.162
142.250.186.162
147.75.38.124
151.101.1.195
164.90.194.65
178.250.0.157
185.184.8.65
185.64.189.112
185.64.189.115
212.77.99.29
213.174.135.24
213.174.135.25
2600:1901:0:76b9::
2600:9000:21f3:f200:11:a4de:2580:93a1
2606:4700:10::6816:36ce
2606:4700:20::681a:9a9
2606:4700:20::ac43:4a81
2606:4700:3032::ac43:9286
2606:4700:3035::6815:2196
2606:4700::6810:5614
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2001
2a00:1450:4001:812::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a01:4f8:252:564d::2
2a02:128:7:4715::2
2a02:2638::1c
2a02:6b8::1:119
2a02:fa8:8806:12::1460
34.98.67.61
35.227.252.103
37.157.6.242
37.252.172.250
51.89.9.253
69.173.144.138
78.140.185.32
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
09bce2e6ddd7c52a12b3a0797751cc16fd5ee2798db54be34d3c2dbe5c8e29b4
0ab213bc65d3bb6a8aedd6a202673469e59a38dbf138f63ecedc031dad72c9bc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
14fb37ae24dca7ba941a9194d45886eb470dc3999f8b2303d67535f1b1d86de2
1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b
16c62924f41c1322ca51832d71192c8e31d4671bbaf83ca867f9038852f7e66c
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
1b5fb211d28a4781b339cfded0f5bb2dcc357d003430aedc7e1f771c5f2abea5
1ea954041b706c3197c899a65d52286dd39b133a2e6b1677274ce9aa4f3fd45d
22e4198b73c21bb8594b6b0c38276bfcd2e8c23c55349bc5e700d8c5441023d0
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
29d3ac66cb7823c6a5771bbb0ee77b819f72c251c06f7c9eb5c3000ea9611b32
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
32a5848462ade3829382c26ff6fca5f99583cb0905a4cd17cfda665761b2b92b
3745f2e7dbf3de7c7e2c28590159fe6b6c7291ac75f39c82246661ff81634957
3d271178807f0752a89f34ca52fa704f1571df7070d0d860e2e26195648d614e
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d
4c90047566c486c0588980a56952b2f15fabf82ea33babb5eecd84827e3b566b
4dd88eb2ac8cce17698b50a5d80bb979fdfc50065fe8eb897f9d9e176c5f1fd7
4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
51de53ac835a3e11b545be8454c808f1b4a655b1681b02b1db6b87f44ebf4257
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d08a91822d0a7c6a0ac45a1779ca3a81a0a406b938e74040de68c51a2078b2
5caad4a4232e5f638f51249e3b76fc327298c198c53743abd2b2a6f87b09165e
60dc3bd2bc610f661d6ca43f50c057e2a7a56f96d3e20a96e7604886e048123f
60f1c25d56fe236cc657ec6a761acd9a806f4616adc24eb27817cf7878b5901c
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
68df2e56274e0fee3b1539dd6224e6c25b59b9571a45925be1927eff387737f0
69dc278870e8239e0b043d163b23253c4416a292c0814710974fe0d4e67f349d
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
74376393c26fe59ec8d36fce2ce596487f33b5d812c4ac6440750ec5eb3ae2ff
76bb2a462c22a6e4468a4693c9592cd0e522874fc2dc3a5d1a9d188e9958a09f
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
850a5427b601f5d72a7b54a033c7240d48a406c19a4c445a9cc52ad36d88cc35
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8c2c3fee87756e3b9ec4d7e70bda112774ba857c5004b4a41a50fac001948c30
8c2eea5207c883fbd0d0a18f031e9cbf7ab7934f87b48ac7ae79e0fb82519cd9
8e9420bad9b951ab32538fe38e7604bc89f5f0ccfa8dd1ff153292ee8aa0981b
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
94e80c20e0699967e467210137ba404e51aba5b79f12ca626237214e4370a1b0
98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8f4b2d8bb7068f9d4a289865dae78f52a05390d2c4add2634d09d4d465be00
9d83e7cda3ff6c3ffe85ec390da052257d18df60dca9751dac386d1994f76029
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0d7112e0106b6f38edd856f3c8020c7977581969847d6b83fc9024596003660
a28f55a84004651981942494c461948d30c2eaffa8be9d7e6c004daf3ea7f9c9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5eb0f6fddc970cb29d4b09b11c512e01714a0d092e494af086efd394696bf5c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abde463ef27458713d91e9be883fdd389298ef57411b601cab5f66db609c508d
ae57fb48141e29ca72e2ae4f335526df639a860aebdd55222f35058d2acab99f
ae5b1b4d01c442b60e3d9edfb69bcc5a23de0e8cbe027f15fb4e26f9140a2b4f
af6e28fbccfa7c6a58de5188801218b01dd80c279d1e3b576e109082eef763fc
b08f0c69590eb4548f69e947fe752902657934a19826a0364aa9d6b1032482bc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b149beb18c38b5ac4efa26bd003deabdb89daa1b4ed79f5ad9bb3b78a05707f3
b18bae2e16647bca7a1913343f21a0217cd053203396ba96cc1093fa51dd648f
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b8268c7c0d9391da63beda73177b9fba5b1c42c3d08baed1c3f634324741ffbc
b88311ecb12077b7e671513aaa151ce95c04680d7a8188c2f354356054021c5c
b8e7afbc5dc15c290434dc80ae5d662782271e53b286338a158b9a4c7c824d73
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
bd25f8f41e81889aa1d1fd22f467449a51506a7d34aceefea48bb566d9da5d4b
c37038cd3b8d272e5933f4c8bd708dddf2e3be641094d3d20ae52cf5b9eae7df
c6db1afc910af179cf0e49975b4a00f0840e18f6842a2d255054553f1a63237d
cb546761497585fa9ebff5bb5e74967462739dcb550ec88bfa1c3ad85124b267
cb69ebef736d09eb8e46d48b3ffb05ac7b1223085825f4159ce62a8d68770021
ce6812c6b0b18dbd69553874ef1147cbaf54d3c7b50e70903568dafc5b9f8226
d2637821c29aba574560f2e468ab92089aacfac5090c7c1c016d4274e7344fc9
d2774f2976d38014bcbcdcafb7b703da7a9564d17fb9130a60ae158581799a5d
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
d807b8ea3bd956efab53f6b572bb0e156a22f7a647d713c0d70743adb6933a85
dae2c000a9bbc39a23276d56cae786ad1e46f0a745f16cf4cfce35638194c157
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9f18b5f9ed6ffddd86c2f764df72ea0f4aa7fba3f8e41102c81002d421f74ac
ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064
ecdeb0b2751d79c8951811ca225a1c98cd860f650e159d4244c7ae1389ffa7a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16a4d8efd0604291f81ab7b9c256e100f1cf3fc78fdcf2611fd0ed0c13aafc7
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f4f9ca83a559737af37d1cf275f31df54b5b20ada84aa0daa29f3167763d641b
fa930a50abe8d44a9e916704ea2af37ee24d57e48866f7e3d4b75d49c63e6d9e
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68