URL: https://www.plurk.com/p/o8mvnb
Submission: On February 28 via manual from VN

Summary

This website contacted 33 IPs in 6 countries across 18 domains to perform 104 HTTP transactions. The main IP is 2606:4700::6811:4503, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.plurk.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 17th 2020. Valid for: 2 years.
This is the only time www.plurk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
10 65.9.58.8 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 5 142.250.186.162 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 6 2a02:2638::1c 44788 (ASN-CRITE...)
4 178.250.0.157 44788 (ASN-CRITE...)
2 178.250.2.131 44788 (ASN-CRITE...)
2 162.210.196.208 30633 (LEASEWEB-...)
2 210.59.219.34 3462 (HINET Dat...)
2 103.132.192.30 138552 (RTBHOUSE-...)
2 210.59.219.180 3462 (HINET Dat...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a02:2638::3 44788 (ASN-CRITE...)
2 210.59.219.175 3462 (HINET Dat...)
1 1 23.37.42.132 16625 (AKAMAI-AS)
2 104.108.50.124 16625 (AKAMAI-AS)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 3 192.96.200.41 30633 (LEASEWEB-...)
1 69.173.144.165 26667 (RUBICONPR...)
104 33
Domain Requested by
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.plurk.com
013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
tpc.googlesyndication.com
12 s.plurk.com www.plurk.com
s.plurk.com
10 img.scupio.com www.plurk.com
img.scupio.com
6 gum.criteo.com 2 redirects static.criteo.net
4 static.criteo.net img.scupio.com
static.criteo.net
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
4 mug.criteo.com
4 cdnjs.cloudflare.com www.plurk.com
3 sync.aralego.com 1 redirects img.scupio.com
3 www.google.com 1 redirects www.plurk.com
013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.plurk.com
3 assets.plurk.com cdnjs.cloudflare.com
3 www.googletagservices.com www.plurk.com
securepubads.g.doubleclick.net
013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
2 eus.rubiconproject.com www.plurk.com
eus.rubiconproject.com
2 rec.scupio.com img.scupio.com
2 cm.g.doubleclick.net 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 googleads.g.doubleclick.net 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
2 bw.scupio.com ajax.googleapis.com
2 prebid-asia.creativecdn.com img.scupio.com
2 prebid.scupio.com img.scupio.com
2 hb.aralego.com img.scupio.com
2 bidder.criteo.com img.scupio.com
2 ajax.googleapis.com img.scupio.com
2 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.plurk.com
www.google-analytics.com
2 www.plurk.com cdnjs.cloudflare.com
1 token.rubiconproject.com eus.rubiconproject.com
1 www.facebook.com img.scupio.com
1 secure-assets.rubiconproject.com 1 redirects
1 fonts.googleapis.com tpc.googlesyndication.com
1 www.google.de www.plurk.com
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 imgs.plurk.com www.plurk.com
1 avatars.plurk.com www.plurk.com
0 ad2.apx.appier.net Failed img.scupio.com
104 38

This site contains links to these domains. Also see Links.

Domain
www.bandatnendongnai.vn
Subject Issuer Validity Valid
*.plurk.com
Sectigo RSA Domain Validation Secure Server CA
2020-05-17 -
2022-07-16
2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA
2019-10-15 -
2021-10-28
2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.google.de
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
www.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
www.google.de
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-23 -
2021-11-21
2 years crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018
2019-01-11 -
2021-04-11
2 years crt.sh
*.gstatic.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-05 -
2022-01-18
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-02-10 -
2021-05-10
3 months crt.sh

This page contains 13 frames:

Primary Page: https://www.plurk.com/p/o8mvnb
Frame ID: 7E9010142AB4979F41B9A6C65F08B4ED
Requests: 42 HTTP requests in this frame

Frame: https://img.scupio.com/html/mv.html?v=1.0.76
Frame ID: 37678E46162B22F33B2164895EB06E72
Requests: 13 HTTP requests in this frame

Frame: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 6660374948C475F5FA0497CF3C427A90
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html
Frame ID: 7C63FBC4300AC27EA82BC2F8330FA284
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2224EF482F0016A81FD9AA1B633898D2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: C53EF382C60ED2F02197AA41D2D9B4C2
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.49
Frame ID: 9B2D447E2121B150F7AB594EF9191203
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.plurk.com
Frame ID: 49B770EEE50B1C4BD5369D02FA9E794A
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.1
Frame ID: 732178AD02A18C9D46E678DA8D50D6AB
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: F066C89C8DC034FFB7A8C1A663DEE913
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEMhqdaO58J7YN-saPppgWU&google_cver=1&google_ula=3918219,0
Frame ID: 9D1CDC08D76FA5921BE3714C852D630F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: C6B48B3B39624E886F5504084AFD9CA6
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.plurk.com
Frame ID: E7F4DC161BDE997976B1FBBB6E78DB42
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

104
Requests

99 %
HTTPS

61 %
IPv6

18
Domains

38
Subdomains

33
IPs

6
Countries

1248 kB
Transfer

3227 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=26L4tHxuSDMybHVjd3dDTFI2Z21BTG5oaGJXQ3VrKzFlRm5CdzhUdnBFc2R3ZXZ3aWtqMjhKUll6MFhxVExrSHFSWjhGNHg1QmJkMUhvNkZwYVRmNi91TUtBRDVkSjZqSzZMRlF5elRZdHV2dEZxZGFaaFhRZ0lnaUN3U3o4dVZVZm5wbU5ycnVIYVpVTkFDaWV6d0psNjF6WW9FcWx5YWNCWUZPVFE4VWNVMkdDWDB0a2kvRU1TOGcxMU5oWHZhOE01UXI2NFdyTU50cm5Sckc3L0c2c2hqSnVqUGF2MWQ3eTFMdisrN2ZwSXI0N1ZJPXw&cppv=2
Request Chain 67
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 80
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=V-PYtXxyVWY4U2h2RlhWRHNzNUVEZ1ZtZkVJU3NMVWZtNDVYNldDVk5JZEFmOTNUMXJ0R3BGWXBmVFhXbDdLSFVCZU13eEpxdEpOZE9YMWE5dGlBYnRJVlRxbzhQaTRNbG5sc0pDM0s1NUFzcXFjRFNWMjJIamtUazdWbEcrdU45aHVWWmU0U0wzQXpjdmJUTno3UFA4Um1mY1Q2WlZJMGY2OXlib3Eyd3dCRTlDRDhsOWlXSWdQdHZKVzZxZ2JwN2ZRTXRFZXNYa1JpWC85WmlhR0J6ZWJxSThBMXo4c2dkVHpTdTJXdmtmV0lyMHRrPXw&cppv=2
Request Chain 93
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1VBMjAyMTAyMjgwOTM5NDIyNDY4MTQ%3d&layout=js HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q1VBMjAyMTAyMjgwOTM5NDIyNDY4MTQ%3D&layout=js&google_tc= HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEMhqdaO58J7YN-saPppgWU&google_cver=1&google_ula=3918219,0
Request Chain 94
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 96
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CUA20210228093942246814 HTTP 302
  • https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

104 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request o8mvnb
www.plurk.com/p/
17 KB
5 KB
Document
General
Full URL
https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60d22e55e65ef331b71d12b20c42bde842b812d6c90b237dc474361e903b93f0

Request headers

:method
GET
:authority
www.plurk.com
:scheme
https
:path
/p/o8mvnb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d590ef1591844f32e7e7c6393645c62ea1614476380; expires=Tue, 30-Mar-21 01:39:40 GMT; path=/; domain=.plurk.com; HttpOnly; SameSite=Lax; Secure plurkcookiea="CPAHQhFGIeiDU5SjuPmjW4jdNJUOMDDcemyJjJPDXAs=?from_url=Ii9wL284bXZuYiI=&invitation_from_uid=MTQ4MDc2MzQ="; Domain=.plurk.com; Expires=Mon, 15-Mar-2021 01:39:40 GMT; Max-Age=1296000; Secure; HttpOnly; Path=/
cf-cache-status
DYNAMIC
cf-request-id
0887e3a0890000638952bc7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
62866ee0df1b6389-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
0.a338a21b0a6a5ba1fd58.js
s.plurk.com/
101 KB
30 KB
Script
General
Full URL
https://s.plurk.com/0.a338a21b0a6a5ba1fd58.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f044aeec44b3497674ca623764de3775e6d91b0c5a507417df5441b831237e

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
cf-cache-status
HIT
age
222723
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
048F68E483E9B72E
x-amz-id-2
3jbmYQ2cZqJ9IM3V1yfBdN03ly6biIRiw4+21xs+fWxZWyMHYFMErjV9coGtvoM0dqng1M8IwUk=
x-amz-expiration
expiry-date="Sat, 26 Feb 2022 00:00:00 GMT", rule-id="Auto Expire Object (365days)"
last-modified
Thu, 25 Feb 2021 06:35:00 GMT
server
cloudflare
etag
W/"b1505f868f0ee3984e95193ea9b2c81d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-request-id
0887e3a2670000638946af2000000001
cf-ray
62866ee3df526389-FRA
expires
Mon, 02 Feb 2026 01:39:40 GMT
1.5b80825f58f3521f18c6.js
s.plurk.com/
249 KB
79 KB
Script
General
Full URL
https://s.plurk.com/1.5b80825f58f3521f18c6.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc714cd9a5c42c32767304fae88486c755bb74fe192365bf3ba90f75e8754a4b

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
cf-cache-status
HIT
age
222653
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
3893736AB5D34B8E
x-amz-id-2
odIB4TT6H+pA6K/dMHAoGHRuTmwvF/ngBYl8qKmTvAZuw1Sp0wwo3mAR+mYFM8m647QhSx9hRxk=
x-amz-expiration
expiry-date="Sat, 26 Feb 2022 00:00:00 GMT", rule-id="Auto Expire Object (365days)"
last-modified
Thu, 25 Feb 2021 06:35:00 GMT
server
cloudflare
etag
W/"7fa7760d429ca133498879fd0ac41f33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-request-id
0887e3a2670000638955b18000000001
cf-ray
62866ee3df536389-FRA
expires
Mon, 02 Feb 2026 01:39:40 GMT
762c0029e136b63e92bd.js
s.plurk.com/
2 KB
1 KB
Script
General
Full URL
https://s.plurk.com/762c0029e136b63e92bd.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
322f42c84834d69d42ae6fbfd7aef8a5fea34b276c95ead7e2cf9a61be64af3a

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
cf-cache-status
HIT
age
222653
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
AA6C87AEB49A1E60
x-amz-id-2
XHGZ+0zdzY/XX4SkfBArTW0OjbwxKPFJnyEYvzpE3ZDUf3p8CqmHwDCHFr2wfRlzY1Gf/bVvYgU=
x-amz-expiration
expiry-date="Sat, 26 Feb 2022 00:00:00 GMT", rule-id="Auto Expire Object (365days)"
last-modified
Thu, 25 Feb 2021 06:34:51 GMT
server
cloudflare
etag
W/"748293ae2981692c1f1ec21cf8647b2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-request-id
0887e3a2660000638943918000000001
cf-ray
62866ee3df4f6389-FRA
expires
Mon, 02 Feb 2026 01:39:40 GMT
0.700ba6ee539678924790.css
s.plurk.com/
9 KB
2 KB
Stylesheet
General
Full URL
https://s.plurk.com/0.700ba6ee539678924790.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09bac6502db6900e4dd810ff11d2e2f42ab27678d4a4357571231e5c253612bb

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
cf-cache-status
HIT
age
500045
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7B7986F85C7F5A4B
x-amz-id-2
uiQQjW6EsrDGhMK73SpA1eCBycSdLiIsrx2qy/ewuW46hyD0cn5/V/4WxZS/xqOZvnuYwtYTzRA=
last-modified
Mon, 22 Feb 2021 04:25:42 GMT
server
cloudflare
etag
W/"1a572589e3a795fbdf3d7eabc098c11e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-request-id
0887e3a265000063894e398000000001
cf-ray
62866ee3df4c6389-FRA
expires
Mon, 02 Feb 2026 01:39:40 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/
85 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.plurk.com
Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1476295
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27433
cf-request-id
0887e3a26300004a6d73a65000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2uYWcb4tDe8mZROdeRpHv6om4EN0YpSKHdRdQA5bGgqHPUgJ5xHz3RK1cS7kg7NhNEMHBgoKF4NwsOgqTAxVc6%2FddHpdCVJMqtocFiGacfqELj1HYI%2BgDJXW5AOEvgZ%2F1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62866ee3dc854a6d-FRA
expires
Fri, 18 Feb 2022 01:39:40 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/
21 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.plurk.com
Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3296622
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4037
cf-request-id
0887e3a26300004a6dc817b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-55e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vlkKm8ifwa7YOVIT1OjnSclo0UzbSmfZZUYflOawtfDn0i7eNCdMW66Yd%2FWp0UQ8l0ysGJLll7lh%2F6pnT5fEDk6prGNuylnUioObOM%2BY8xU4UXqPiqK22WFOcf1nyRmFxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62866ee3dc844a6d-FRA
expires
Fri, 18 Feb 2022 01:39:40 GMT
5b976a9ca7c2207798dd.js
s.plurk.com/
1 KB
885 B
Script
General
Full URL
https://s.plurk.com/5b976a9ca7c2207798dd.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
711bba755e57607afd295f3765c46a4926f5bd085f0a810b4c2b8202c1b518a1

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
cf-cache-status
HIT
age
222653
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
5K8T2N1G1P4S7H7P
x-amz-id-2
OAN+PZS0T+930BH+N1/A+zSM3zQBVR/LIE4/EZfzc//jdHV1PaoYNjWALoPtROkynK+PW3FEeaQ=
x-amz-expiration
expiry-date="Sat, 26 Feb 2022 00:00:00 GMT", rule-id="Auto Expire Object (365days)"
last-modified
Thu, 25 Feb 2021 06:34:51 GMT
server
cloudflare
etag
W/"c858ecdaac79c1ac75211d9982320dbb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-request-id
0887e3a266000063895492d000000001
cf-ray
62866ee3df506389-FRA
expires
Mon, 02 Feb 2026 01:39:40 GMT
20e98ced63608cc71d44.css
s.plurk.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://s.plurk.com/20e98ced63608cc71d44.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31cd448810f1526683422701edfda3fda04e49df1dd22cbc6718867eef7b1c5

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
cf-cache-status
HIT
age
683156
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0090BB573F2B4285
x-amz-id-2
o5ubL2EB6x+t45zt6Us/S8xqSdYs4RPGUjmdfm/PA2c3Xax20F5yLuZrX8gHGytykTNpV5IUZ54=
last-modified
Tue, 15 Dec 2020 07:16:13 GMT
server
cloudflare
etag
W/"46cce1ab85cbbb15a25283ff3cbd14ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-request-id
0887e3a264000063894baa8000000001
cf-ray
62866ee3df4a6389-FRA
expires
Mon, 02 Feb 2026 01:39:40 GMT
sweetalert.min.js
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/
40 KB
11 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.plurk.com
Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
872054
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10494
cf-request-id
0887e3a26400004a6d61881000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ff8-9f68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qIev4J%2BDlFQIgG83z9vXCC7bf0rFxtwNlV1j3llVOwqQq6KYRLtrUoyRLar5doZYIYULG9H9TG3grJGwcp1L2%2FpdAJ2EfCifycdYN%2F6XG%2B9gEJ7yOZLFyQ9ix729Acm6lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62866ee3dc884a6d-FRA
expires
Fri, 18 Feb 2022 01:39:40 GMT
handlebars.min.js
cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/
43 KB
12 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/handlebars.min.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.plurk.com
Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1446695
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11830
cf-request-id
0887e3a26400004a6d95246000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e72-ac34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FfhDG%2BgAaSZLtlmn32%2BmkiF9FBxz8AHgPCNiZz38XKjBz08ml9bDu2%2B4%2FeBt%2B8y%2BeQ3xa9ITaLER75k1EweLKQkdKoo1NNjjK%2F9JTe8FGZq3K%2BBdMBQdae3s3sG%2B3AHwfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62866ee3dc874a6d-FRA
expires
Fri, 18 Feb 2022 01:39:40 GMT
46e6a8fbeab1c000f956.js
s.plurk.com/
64 KB
21 KB
Script
General
Full URL
https://s.plurk.com/46e6a8fbeab1c000f956.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29f62aaef9191b0a89b4c0d23372144b12a2a9deb1decb55de811010d7173bb8

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
cf-cache-status
HIT
age
94000
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
F882CD51EAD997BC
x-amz-id-2
+L2UAKz390t2CO9kNbfWk0n4rqyo/HOJEOKfF69TDFBkkE5UBzXs+dki3MumAutzR0Jn85tv7Jo=
last-modified
Fri, 26 Feb 2021 06:59:49 GMT
server
cloudflare
etag
W/"00ec36754d78315725bd5664035cc645"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-request-id
0887e3a266000063893d8da000000001
cf-ray
62866ee3df516389-FRA
expires
Mon, 02 Feb 2026 01:39:40 GMT
2aa084d58ada32dfe6fe.css
s.plurk.com/
34 KB
7 KB
Stylesheet
General
Full URL
https://s.plurk.com/2aa084d58ada32dfe6fe.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70883ab3472861e764e036877549309d461f0458372477c51e2c38c9174947fe

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
cf-cache-status
HIT
age
618521
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
E5DBD6B43A822EFE
x-amz-id-2
FzqPQHJDKlIIyQl3O3VE85yfKlO67JHtcxgIYRqn96TNNxqTodxUrgF9KNoYeNK7DfJ9FF2iE0k=
last-modified
Sat, 23 Jan 2021 21:33:09 GMT
server
cloudflare
etag
W/"67f20f8651d1b0f6923f442df1a4f24f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-request-id
0887e3a265000063893d373000000001
cf-ray
62866ee3df4b6389-FRA
expires
Mon, 02 Feb 2026 01:39:40 GMT
7b5fa6946f1a5d0e7cf5.js
s.plurk.com/
233 KB
67 KB
Script
General
Full URL
https://s.plurk.com/7b5fa6946f1a5d0e7cf5.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13b8f3d3c776c32e06c92aa5974e213eceecd46aaa76cc1a704100b24ec980f

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
cf-cache-status
HIT
age
220678
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
87985DC775554A79
x-amz-id-2
8nhESkzPgc7ABenL7UJdjAgUNvu6K9/Pra1puNuJBt8m3PrQ1DGOqUFiD0QzsjVlxekgIa3TNrw=
x-amz-expiration
expiry-date="Sat, 26 Feb 2022 00:00:00 GMT", rule-id="Auto Expire Object (365days)"
last-modified
Thu, 25 Feb 2021 06:35:01 GMT
server
cloudflare
etag
W/"521e3ded7a7e44c30f8286486ad24b91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-request-id
0887e3a2650000638940b4d000000001
cf-ray
62866ee3df4e6389-FRA
expires
Mon, 02 Feb 2026 01:39:40 GMT
064e6dff298ac12fca79.css
s.plurk.com/
60 KB
12 KB
Stylesheet
General
Full URL
https://s.plurk.com/064e6dff298ac12fca79.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb619e48590bc0fbbbf1a395d27b74a7669f5c814d0ea4fe1afceebba0c2e630

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
br
cf-cache-status
HIT
age
1010884
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
D22B6B0C0C1D93AB
x-amz-id-2
qVCYcX/lFEN8uWpa0cXDOJo6CfJYCYwXZXWAGSGeQwdoVloGkcWrkmblTRLFd8mM3M0p0DwjjuA=
last-modified
Wed, 10 Feb 2021 07:19:13 GMT
server
cloudflare
etag
W/"f21d48da72b1b8bed261255df1b12597"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-request-id
0887e3a2640000638959b3a000000001
cf-ray
62866ee3df496389-FRA
expires
Mon, 02 Feb 2026 01:39:40 GMT
ad.js
img.scupio.com/js/
42 KB
15 KB
Script
General
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
29f5c26b42fdd38a01de8e22676ebfa67d355c2b19f5cd6f9875bfb9b66f6e03

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:38:14 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 03:43:17 GMT
server
nginx/1.12.1
age
118
etag
W/"603479d5-a852"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
M_1vW7KsCoCoDLz7g6yKZGJpUqYKWXrxhNr5bl0mrl-qTJVRxVKDVg==
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
expires
Sun, 28 Feb 2021 01:52:42 GMT
14807634-medium15092772.gif
avatars.plurk.com/
1 KB
2 KB
Image
General
Full URL
https://avatars.plurk.com/14807634-medium15092772.gif
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
cf-cache-status
HIT
age
345119
cf-polished
origSize=1287
cf-ray
62866ee4bf5e6389-FRA
x-amz-storage-class
REDUCED_REDUNDANCY
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1279
x-amz-id-2
Pdy33bV2l0z9fohyIjdMH3XqMDcAd2oQy/gzWsQcbmZ9i7BXxbfENfG2sNb2u+xBw0+2tHte2Os=
last-modified
Wed, 24 Oct 2018 17:48:38 GMT
server
cloudflare
etag
"6c0779ae49111313047639c892eef67c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
D7C0836436369703
expires
Mon, 02 Feb 2026 01:39:40 GMT
cache-control
public, max-age=155520000
cf-request-id
0887e3a2f70000638943919000000001
accept-ranges
bytes
content-type
image/gif
cf-bgj
imgq:100,h2pri
gI3PjDd4aD1ag7G5pPql0pA96s0_mt.jpg
imgs.plurk.com/QzI/eAh/
11 KB
11 KB
Image
General
Full URL
https://imgs.plurk.com/QzI/eAh/gI3PjDd4aD1ag7G5pPql0pA96s0_mt.jpg
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f027798f9ae37e02c7090a4615c4cc4adf19abd5c272c0be41e0d45f234b697

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
cf-cache-status
HIT
age
345119
cf-polished
origSize=11598
x-amz-meta-source
https://www.bandatnendongnai.vn/wp-content/uploads/2021/02/cung-ung-lao-dong.jpg
x-amz-meta-content-type
image/jpeg
last-modified
Wed, 24 Feb 2021 01:47:16 GMT
content-length
11193
x-amz-meta-hash
eAhgI3PjDd4aD1ag7G5pPql0pA96s0
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
EW7Z3JDZ0T4ZFM5J
x-amz-id-2
Tz35s2T2S9ofE+wmP7ht0mH541IXfrDIYIDzQENR0LbQKO26YrotFIPMztDrZ18EwT5FuApTO54=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"60d8a01febfc85986cac26e54e1cf9ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-request-id
0887e3a3080000638946af3000000001
accept-ranges
bytes
cf-ray
62866ee4df616389-FRA
expires
Mon, 28 Feb 2022 01:39:40 GMT
gpt.js
www.googletagservices.com/tag/js/
56 KB
19 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213b9ca5a900159a345f090a85fc24bed8dac9ed54fb205682469fecb53f12d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"797 / 960 of 1000 / last-modified: 1614381521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19359
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:39:40 GMT
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
5824
date
Sun, 28 Feb 2021 00:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sun, 28 Feb 2021 02:02:36 GMT
background.css
assets.plurk.com/static/theme/v5/default2018-theme/
0
380 B
Stylesheet
General
Full URL
https://assets.plurk.com/static/theme/v5/default2018-theme/background.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
cf-cache-status
HIT
age
678359
cf-ray
62866ee47f5b6389-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-amz-id-2
gDXkvkWQwKnpCkwSvcS5g0/8wjn7jALsdu8+wUqqu0sIZhwL9538dGv3kT5p+5DccgXsMUyDaWs=
last-modified
Wed, 01 Aug 2018 09:38:50 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag
"d41d8cd98f00b204e9800998ecf8427e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
00E6999D46E58D2A
cache-control
public, max-age=31536000
cf-request-id
0887e3a2cb000063894e399000000001
accept-ranges
bytes
content-type
text/css
expires
Mon, 28 Feb 2022 01:39:40 GMT
timeline.css
assets.plurk.com/static/theme/v5/default2018-theme/
0
154 B
Stylesheet
General
Full URL
https://assets.plurk.com/static/theme/v5/default2018-theme/timeline.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
cf-cache-status
HIT
age
843875
cf-ray
62866ee47f5d6389-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-amz-id-2
L3pErnHNJgKwc3EaxRwfGMTVnBa/7Z424chQbhTghEP0jLq7JPCH6IxJzalLjL3mObgESE9Xnr0=
last-modified
Wed, 01 Aug 2018 09:38:50 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag
"d41d8cd98f00b204e9800998ecf8427e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
403924EB832C5023
cache-control
public, max-age=31536000
cf-request-id
0887e3a2cc0000638940b4e000000001
accept-ranges
bytes
content-type
text/css
expires
Mon, 28 Feb 2022 01:39:40 GMT
dashboard.css
assets.plurk.com/static/theme/v5/default2018-theme/
0
176 B
Stylesheet
General
Full URL
https://assets.plurk.com/static/theme/v5/default2018-theme/dashboard.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
cf-cache-status
HIT
age
240313
cf-ray
62866ee47f5c6389-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-amz-id-2
UnNSxubFhCWFoHPuDf47fK3fulzUw8sBNuCxKyl+9oRlfwQar0zjMAEh6caxMnY6LKu47NiPbEo=
last-modified
Wed, 01 Aug 2018 09:38:50 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag
"d41d8cd98f00b204e9800998ecf8427e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
1A5A5641377947DB
cache-control
public, max-age=31536000
cf-request-id
0887e3a2cc000063895d057000000001
accept-ranges
bytes
content-type
text/css
expires
Mon, 28 Feb 2022 01:39:40 GMT
pubads_impl_2021022301.js
securepubads.g.doubleclick.net/gpt/
290 KB
102 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Feb 2021 09:41:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104129
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:39:40 GMT
collect
www.google-analytics.com/j/
4 B
389 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=265095571&t=pageview&_s=1&dl=https%3A%2F%2Fwww.plurk.com%2Fp%2Fo8mvnb&ul=en-us&de=UTF-8&dt=datnendongnai%20-%20Cho%20thu%C3%AA%20l%E1%BA%A1i%20lao%20%C4%91%E1%BB%99ng%20(Cung%20%E1%BB%A9ng%20lao%20%C4%91%E1%BB%99ng)%20l%C3%A0%20g%C3%AC%3F%20Theo%20quy%20%C4%91%E1%BB%8Bnh%20t%E1%BA%A1i%20%C4%90i%E1%BB%81u%2053%20B%E1%BB%99%20lu%E1%BA%ADt%20Lao%20%C4%91%E1%BB%99ng%202012%2C%20cho%20thu%C3%AA%20l%E1%BA%A1i%20lao%20%C4%91%E1%BB%99ng%20l%C3%A0%20h%C3%ACnh%20th%E1%BB%A9c%20ng%C6%B0%E1%BB%9Di%20lao%20%C4%91%E1%BB%99ng%20%C4%91%C3%A3%20%C4%91%C6%B0%E1%BB%A3c%20tuy%E1%BB%83n%20d%E1%BB%A5ng%20b%E1%BB%9Fi%20doanh%20nghi%E1%BB%87p%20%C4%91%C6%B0%E1%BB%A3c%20c%E1%BA%A5p%20ph%C3%A9p%20cho%20thu%C3%AA%20l%E1%BA%A1i%20lao%20%C4%91%E1%BB%99ng%20(Cung%20%E1%BB%A9ng%20lao%20%C4%91%E1%BB%99ng)%20sau%20%C4%91%C3%B3%20l%C3%A0m%20vi%E1%BB%87c%20cho%20ng%C6%B0%E1%BB%9Di%20s%E1%BB%AD%20d%E1%BB%A5ng%20lao%20%C4%91%E1%BB%99ng%20kh%C3%A1c%20Cho%20thu%C3%AA%20lao%20%C4%91%E1%BB%99ng%20(Cung%20%E1%BB%A9ng%20lao%20%C4%91%E1%BB%99ng)%20-%20Plurk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1268974993&gjid=1583102772&cid=1144627910.1614476381&tid=UA-53436-7&_gid=42440168.1614476381&_r=1&_slc=1&z=1453610681
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:39:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.plurk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
d4c0955530a8e2c432946c6057221cab.woff
s.plurk.com/plurkiconfont/fonts/
21 KB
22 KB
Font
General
Full URL
https://s.plurk.com/plurkiconfont/fonts/d4c0955530a8e2c432946c6057221cab.woff
Requested by
Host: s.plurk.com
URL: https://s.plurk.com/20e98ced63608cc71d44.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1

Request headers

Origin
https://www.plurk.com
Referer
https://s.plurk.com/20e98ced63608cc71d44.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:41 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
681047
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
EYCG5J0Q9J9ZEM0M
x-amz-id-2
aaIW2VotnvNvxQB/6FrtmU7rzJOP/lLVybPqC/N2QnF0T7sfFeXLnFnxSo77BHopXaZ5esov6p8=
last-modified
Tue, 15 Dec 2020 07:16:12 GMT
server
cloudflare
etag
W/"d4c0955530a8e2c432946c6057221cab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=155520000
cf-request-id
0887e3a37f00004e38c800c000000001
cf-ray
62866ee59af64e38-FRA
expires
Mon, 02 Feb 2026 01:39:41 GMT
integrator.js
adservice.google.de/adsid/
107 B
799 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.plurk.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
243 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.plurk.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
89 KB
29 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3068002578743198&correlator=1581089378169845&output=ldjh&impl=fif&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=75142684%2Cplurk_message_300x250_SB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1614476381&dt=1614476381132&dlt=1614476380753&idt=267&frm=20&biw=1600&bih=1200&oid=3&adxs=1005&adys=102&adks=2862190043&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.plurk.com%2Fp%2Fo8mvnb&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1144627910.1614476381&ga_sid=1614476381&ga_hid=265095571&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f082045e8c9e79cde0bdd8f50065baf1ff6c7bf50626f2800517f05c208d78b1
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLHPzZm5i-8CFa_uuwgdeiQFEw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10632268624349161646/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLHPzZm5i-8CFa_uuwgdeiQFEw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10632268624349161646/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28346
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Sun, 28 Feb 2021 01:39:41 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.plurk.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

collect
stats.g.doubleclick.net/j/
4 B
445 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-53436-7&cid=1144627910.1614476381&jid=1268974993&gjid=1583102772&_gid=42440168.1614476381&_u=IEBAAEAAAAAAAC~&z=1197110437
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 28 Feb 2021 01:39:41 GMT
content-type
text/plain
access-control-allow-origin
https://www.plurk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
10987.json
img.scupio.com/js/config/
452 B
843 B
XHR
General
Full URL
https://img.scupio.com/js/config/10987.json?v=1.0.3791
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
4ecea5f66a77e522a06bd4b3cfd85f062e99be44ef791cc993dc93291d0d2540

Request headers

Accept
application/json, text/javascript, */*
Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 28 Feb 2021 01:34:51 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 09:49:10 GMT
server
nginx/1.12.1
age
289
etag
"60055996-1c4"
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
452
x-amz-cf-id
e08frvxbYgYJ1JAdaMhcz-6FEZONwXvoxPMkR1t16l22ZTL1M0Xwtg==
expires
Sun, 28 Feb 2021 04:34:51 GMT
mv.html
img.scupio.com/html/ Frame 3767
67 KB
21 KB
Document
General
Full URL
https://img.scupio.com/html/mv.html?v=1.0.76
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
43117f501d26cd0d4a90b49a92cde44257b11372b953b6374d7e857f52b662fd

Request headers

:method
GET
:authority
img.scupio.com
:scheme
https
:path
/html/mv.html?v=1.0.76
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.plurk.com/p/o8mvnb
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.plurk.com/p/o8mvnb

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Fri, 11 Dec 2020 01:26:18 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Sun, 28 Feb 2021 01:27:16 GMT
expires
Sun, 28 Feb 2021 01:35:49 GMT
cache-control
max-age=1500
etag
W/"5fd2caba-10ca4"
x-cache
Hit from cloudfront
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
W3p7C3X_4SGyJT18OAYtjKkmg5K3onTqJFWjzMnvuXsWw8w2oEzdnA==
age
1732
d236fd746e000431a8e2c6bc787ee7c5.gif
s.plurk.com/
34 KB
35 KB
Image
General
Full URL
https://s.plurk.com/d236fd746e000431a8e2c6bc787ee7c5.gif
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af9c36eb65ef1ee2bd3b895ab1295065f7c43f07fceac8e7d8c076a0058325c7

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:41 GMT
cf-cache-status
HIT
age
678359
cf-ray
62866ee69f7d6389-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35115
x-amz-id-2
7wM2ey66q4T1sIPDTz0QKtaAr7g18lnyaC3rYFQgNuC7MPWg6IxeHzrt27ldP4pylDjmB4wGfjk=
last-modified
Tue, 15 Dec 2020 07:16:12 GMT
server
cloudflare
etag
"d236fd746e000431a8e2c6bc787ee7c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
07A19F6709FF1831
cache-control
public, max-age=155520000
cf-request-id
0887e3a41f000063895c853000000001
accept-ranges
bytes
content-type
image/gif
expires
Mon, 02 Feb 2026 01:39:41 GMT
get
www.plurk.com/Responses/
104 B
344 B
XHR
General
Full URL
https://www.plurk.com/Responses/get
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949

Request headers

Accept
*/*
Referer
https://www.plurk.com/p/o8mvnb
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-request-id
0887e3a430000063895fa1e000000001
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Sun, 28 Feb 2021 01:39:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
cf-ray
62866ee6bf816389-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame 3767
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 16:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206636
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 16:15:45 GMT
prebid.js
img.scupio.com/js/ Frame 3767
212 KB
77 KB
Script
General
Full URL
https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
8e19184c4a4e60583340f58f787efe8eccd66f0fc60d1f1d83f93fee4638226b

Request headers

Referer
https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:38:19 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 01:52:53 GMT
server
nginx/1.12.1
age
165
etag
W/"5fd2d0f5-3502a"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
KS6e0jtpGQCETi94qdyyopl8Rkx91KX1iZ2rYzJ9WTtQtKxWa_sqZg==
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
expires
Sun, 28 Feb 2021 07:36:55 GMT
ga-audiences
www.google.com/ads/
42 B
344 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-53436-7&cid=1144627910.1614476381&jid=1268974993&_u=IEBAAEAAAAAAAC~&z=1420294299
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:39:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
505 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-53436-7&cid=1144627910.1614476381&jid=1268974993&_u=IEBAAEAAAAAAAC~&z=1420294299
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:39:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame
0
0
Other
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://img.scupio.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://img.scupio.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1668
date
Sun, 28 Feb 2021 01:39:41 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 3767
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
  • https://mug.criteo.com/sid?cpp=26L4tHxuSDMybHVjd3dDTFI2Z21BTG5oaGJXQ3VrKzFlRm5CdzhUdnBFc2R3ZXZ3aWtqMjhKUll6MFhxVExrSHFSWjhGNHg1QmJkMUhvNkZwYVRmNi91TUtBRDVkSjZqSzZMRlF5elRZdHV2dEZxZGFaaFhRZ0lnaUN3U3...
352 B
633 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=26L4tHxuSDMybHVjd3dDTFI2Z21BTG5oaGJXQ3VrKzFlRm5CdzhUdnBFc2R3ZXZ3aWtqMjhKUll6MFhxVExrSHFSWjhGNHg1QmJkMUhvNkZwYVRmNi91TUtBRDVkSjZqSzZMRlF5elRZdHV2dEZxZGFaaFhRZ0lnaUN3U3o4dVZVZm5wbU5ycnVIYVpVTkFDaWV6d0psNjF6WW9FcWx5YWNCWUZPVFE4VWNVMkdDWDB0a2kvRU1TOGcxMU5oWHZhOE01UXI2NFdyTU50cm5Sckc3L0c2c2hqSnVqUGF2MWQ3eTFMdisrN2ZwSXI0N1ZJPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
13ea1dad23d6c81d414b13ef4972c6c85a69e08964df7ecceb4dad85924408fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 28 Feb 2021 01:39:41 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2334
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 28 Feb 2021 01:39:40 GMT
location
https://mug.criteo.com/sid?cpp=26L4tHxuSDMybHVjd3dDTFI2Z21BTG5oaGJXQ3VrKzFlRm5CdzhUdnBFc2R3ZXZ3aWtqMjhKUll6MFhxVExrSHFSWjhGNHg1QmJkMUhvNkZwYVRmNi91TUtBRDVkSjZqSzZMRlF5elRZdHV2dEZxZGFaaFhRZ0lnaUN3U3o4dVZVZm5wbU5ycnVIYVpVTkFDaWV6d0psNjF6WW9FcWx5YWNCWUZPVFE4VWNVMkdDWDB0a2kvRU1TOGcxMU5oWHZhOE01UXI2NFdyTU50cm5Sckc3L0c2c2hqSnVqUGF2MWQ3eTFMdisrN2ZwSXI0N1ZJPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2621
content-length
482
expires
0
cdb
bidder.criteo.com/ Frame 3767
0
144 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.19.0-pre&cb=970753502
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Sun, 28 Feb 2021 01:39:41 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
header
hb.aralego.com/ Frame 3767
0
323 B
XHR
General
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7844B6A6EAE2406AB34AB2A734EE&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&fp=undefined&host=img.scupio.com&u=https%3A%2F%2Fwww.plurk.com%2Fp%2Fo8mvnb&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=bf1efc6c-372a-44f1-9cd0-1ca2f72548ab&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Sun, 28 Feb 2021 01:39:41 GMT
access-control-allow-credentials
true
connection
close
bid
ad2.apx.appier.net/v1/prebid/ Frame 3767
0
0

prebid.aspx
prebid.scupio.com/recweb/ Frame 3767
0
285 B
XHR
General
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.86172671142637
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.34 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 28 Feb 2021 01:39:42 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 3767
0
176 B
XHR
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Sun, 28 Feb 2021 01:39:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
videoad.aspx
bw.scupio.com/adpinline/ Frame 3767
74 B
958 B
XHR
General
Full URL
https://bw.scupio.com/adpinline/videoad.aspx?cb=0.580517565123142
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d

Request headers

Accept
*/*
Referer
https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sun, 28 Feb 2021 01:39:41 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
text/xml; charset=utf-8
Content-Length
185
sid
mug.criteo.com/ Frame
0
0
Other
General
Full URL
https://mug.criteo.com/sid?cpp=26L4tHxuSDMybHVjd3dDTFI2Z21BTG5oaGJXQ3VrKzFlRm5CdzhUdnBFc2R3ZXZ3aWtqMjhKUll6MFhxVExrSHFSWjhGNHg1QmJkMUhvNkZwYVRmNi91TUtBRDVkSjZqSzZMRlF5elRZdHV2dEZxZGFaaFhRZ0lnaUN3U3o4dVZVZm5wbU5ycnVIYVpVTkFDaWV6d0psNjF6WW9FcWx5YWNCWUZPVFE4VWNVMkdDWDB0a2kvRU1TOGcxMU5oWHZhOE01UXI2NFdyTU50cm5Sckc3L0c2c2hqSnVqUGF2MWQ3eTFMdisrN2ZwSXI0N1ZJPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
975
date
Sun, 28 Feb 2021 01:39:40 GMT
content-encoding
gzip
vary
Accept-Encoding
container.html
013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 6660
6 KB
3 KB
Document
General
Full URL
https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.plurk.com/p/o8mvnb
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.plurk.com/p/o8mvnb

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 28 Feb 2021 01:39:41 GMT
expires
Mon, 28 Feb 2022 01:39:41 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342938524533"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:39:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75837f87b0d5f3b1405b71701c113366be526353bba3624bcdb99117b760ed65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Feb 2021 01:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6393
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/ Frame 7C63
104 KB
22 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5691463091f8b672bb19a3001ad5d5f107097874d6010f8b8dce81ecfd63c91
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/10632268624349161646/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Fri, 26 Feb 2021 04:43:35 GMT
expires
Sat, 26 Feb 2022 04:43:35 GMT
last-modified
Fri, 29 Jan 2021 14:45:29 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
21111
age
161766
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 6660
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C36peXfQ6YPGsDa_d7_UP-siUmAHFvqLKYdOl9aOODdrZHhABIPSXgjVgkYSThfwXoAHGo4iDAsgBCakCHs_zo0dBtD7gAgCoAwHIAwiqBN0BT9AqVWwnNuMKOylnkn5qkAgSaQ5OA8H2iBF-pwREmfwYtWLPjr1QlNkIbDOWOOKZ0gERVxKP4Nlkrgx6Ff_G-umda4qW7CcxxSh6rKM69lD9JaUcPWlTrT-b71imawUAetkysI5uQ413HzGBK55tFBeQk7_lBVUQpSknI-jQbiTbHDsJsFQ-rVXeI5GsfXgk-Db51ammHTS8FdRmqnfC1mmMFWKrsgG2z1JB1yUmnxP7bKnQzGKS1dDMEwInkR4zydedFThp9on-nMQKSs5ablnbpiZVX1xq4DhI1_vABNGRjOC6A-AEAZIFBAgEGAGSBQQIBRgEoAYugAei3Pf8AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCO9QLSCAkIgOGAUBABGB2ACgPICwHYEw2yFxoKGAgAEhRwdWItNDEyNDk2OTI5MDEwOTM2MA&sigh=nowL7l8ce94&template_id=419&tpd=AGWhJmsBB9UFslEfSieG7Jgw7ntYd_773dYM6_D33P8RQCf1dQ
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 6660
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js
Requested by
Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
18079855114753437313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 01:17:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 6660
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js
Requested by
Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:24:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 01:24:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6660
107 KB
33 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614342950420569"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33470
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:39:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 6660
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
4905056106247604317
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Mar 2021 01:39:34 GMT
l
www.google.com/ads/measurement/ Frame 6660
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLBja20Khg9Q4lyZqDV_3wePX5wfThRibb9KBptWegOdRPitoHbYjwmuT0Pj-zudVaefBG
Requested by
Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sun, 28 Feb 2021 01:39:41 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2224
143 B
430 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 28 Feb 2021 00:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3497
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6660
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00b47a03581bb0bca92448936ff4894eda7dce3a072ef9265b772742a27edf49

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 7C63
2 KB
573 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Barlow+Condensed:800,700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c1635a4ccff834ea77c835f6982c3f93f4bd91e04b4dc0d6d4eef1865448d06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 28 Feb 2021 00:39:30 GMT
server
ESF
date
Sun, 28 Feb 2021 01:39:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Feb 2021 01:39:41 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7C63
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 04:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76440
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 28 Feb 2021 04:25:41 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7C63
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 12:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 28 Feb 2021 12:41:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame C53E
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.plurk.com/p/o8mvnb
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.plurk.com/p/o8mvnb

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sun, 28 Feb 2021 00:42:46 GMT
expires
Mon, 28 Feb 2022 00:42:46 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3415
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
HTxwL3I-JCGChYJ8VI-L6OO_au7B47b1z3bWuYMBYro.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ Frame 7C63
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B47b1z3bWuYMBYro.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:800,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73f055ea6bb30904f982239d5dcb4814f72e19f58cbc1e46e50e71fe8336f97c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/css?family=Barlow+Condensed:800,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 05:58:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:40 GMT
server
sffe
age
243677
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13144
x-xss-protection
0
expires
Fri, 25 Feb 2022 05:58:24 GMT
HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuYMBYro.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ Frame 7C63
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuYMBYro.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:800,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca2992d354532013b78f5db40ac0f65a9f6fb83343b43a7cbb066cc52c9b24c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/css?family=Barlow+Condensed:800,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 08:20:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:05:14 GMT
server
sffe
age
235124
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
expires
Fri, 25 Feb 2022 08:20:57 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2224
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
496 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmwXtK0vzTZotq59wrG1dktlaeS2_QU1hyMsdK85nfxBSs7NSOMUNPNs1kMU2Y
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 28 Feb 2021 01:39:41 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 28-Feb-2021 02:39:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 28 Feb 2021 01:39:41 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 28 Feb 2021 01:39:41 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js
pagead2.googlesyndication.com/bg/ Frame C53E
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 20:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:15:00 GMT
server
sffe
age
104568
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6212
x-xss-protection
0
expires
Sat, 26 Feb 2022 20:36:53 GMT
button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/ Frame 7C63
5 KB
7 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/button.png
Requested by
Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99548e38930ef936243560c42de6b9a3916c96aab218755bad6cf07a6633f60a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
153570
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5613
x-xss-protection
0
last-modified
Fri, 29 Jan 2021 14:45:29 GMT
server
sffe
date
Fri, 26 Feb 2021 07:00:11 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 07:00:11 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/ Frame 7C63
14 KB
14 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/logo.png
Requested by
Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e625fdbf85a87c609a27792b0a399c27242d09303f9626ec75535e80b6e7e779
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
153570
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14737
x-xss-protection
0
last-modified
Fri, 29 Jan 2021 14:45:29 GMT
server
sffe
date
Fri, 26 Feb 2021 07:00:11 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Feb 2022 07:00:11 GMT
shape.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/ Frame 7C63
5 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/shape.png
Requested by
Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36a7965b79bb7ebc1c5fa62baa58a99262dda1d30dbc4fc4d2f24d0d0ed9f4a1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
194220
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5624
x-xss-protection
0
last-modified
Fri, 29 Jan 2021 14:45:29 GMT
server
sffe
date
Thu, 25 Feb 2021 19:42:41 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 19:42:41 GMT
background.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/ Frame 7C63
49 KB
49 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/background.jpg
Requested by
Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81cc04aaaef4074be8556715c80fefc74a8de57c1487a08e9a8b99a7a69f98da
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
194220
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49748
x-xss-protection
0
last-modified
Fri, 29 Jan 2021 14:45:29 GMT
server
sffe
date
Thu, 25 Feb 2021 19:42:41 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 19:42:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
224 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=3068002578743198&bg=!IiGlIWLNAAXB_3NtwTsAKQB2-DxaNYbFte7A-SO7njwbmmc9E6FUP3xHkdQOuhHoS4wwK2C4619dAgAAAGRSAAAACWgBBwoAZyFNY52L3aoc3z5Z3bNq1St98T5QI5p3jzxb5qU-ypAMGwy95_MatADogA-TajbhAP0No-U5yyp368R4WQNwoU3fL2ARsKTjjIhQDQhELjWd7dLwNHvuayfDc7YHbv1GtJWAOiY1lEOZAdNiR_Dpaf05poJkm8Hpg6xtp320d4Q0s5GuiPHTPSX5CY0fYnylIOXUJmqTzEFedsNMfzjrfT0Q_DO0KKIo-uHM99Sxdm1JVst70R3vk_MkRmYgt9vDjbV1FoR0wVJLVX-tIIEeN2rD4g6PrAXxzQ2FDrjCmMz49sjwm4Fc_fu1ScfNDZlIY5uChzaIwD9mVmO_qq_dGi4V8CGaGWmcUCN04PZKdVEPbEQTRgch-klOMe3rvxdWjs2VGjk2-YoY7zH4gLCOseDcxjFenjvdIpptq23Jn2Qhdg4hOEFXa8ceYfTjhcDZlkrmpEIWMOn7fMEtb7Myc-hz377-7EfDdHfTSo8kaVKscXzEreNT2JIQDdoX1hkFiBP8ciH8r8LJc7oDvbqU3tqT1y1L27-95HsNy_4jonO7iwsLaWYNS_Y7HH2O2B1hoX5_t4N1MaUHjWvmF2eizPJYFqJwPmocZ79plg0QIgk-AVIjIskCRz0N5EOKP_V3GKDxDpzH8tPRf6yLhms5pNaGTAK4HDoHzAgqTJUlPqaJS_D97WOB3-QDTf7bO2GeDQoBX9MJPLGWwuHCPpl2mTdzZLjIertdh3GZ_M8lhF_eMabP9fF3_AKnKX2cwg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:39:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6660
42 B
479 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8tJhXjIVp1x1AGuosayPcVujwrRhb3hFR4wI6Q32rDPZ84elBv8mQne-cLkV3y-RLtnXIkY7HHhL-pToujR99ZrrwyfK4hzAnD77F97Pm9WjvoBzKEsRm6Vfl9A&sai=AMfl-YTwqsJlsMyawXFEILNAV6wxIrA1Wx1x7QrSmPQ4pMMK5WkEpB3udvqllBjthSMdQ7XRBtc0F5GM2hzXSAk59K_2dmQEhffJNQLTAKqxyyuIe8DtoRVpdJKk9tiFPwc&sig=Cg0ArKJSzCfWdns1pKBUEAE&cid=CAASPeRovYPhUisWO9MrgHVV6WP8pkk44fLsINdgrAhPeojjTaeWnhVK3RSDfottvHIPfp39xQqGO180IY3wWkU&id=osdim&mcvt=1006&p=102,1005,352,1305&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210226&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2862190043&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614476381531&dlt=33&rpt=133&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:39:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13567.json
img.scupio.com/js/config/
373 B
766 B
XHR
General
Full URL
https://img.scupio.com/js/config/13567.json?v=1.0.3791
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
e64b0a3cc7e978d8c8aa4446ced6206f7d89608c71ca671f90d5b5292fa7bb74

Request headers

Accept
application/json, text/javascript, */*
Referer
https://www.plurk.com/p/o8mvnb
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 28 Feb 2021 01:37:20 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 09:49:11 GMT
server
nginx/1.12.1
age
143
etag
"60055997-175"
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
373
x-amz-cf-id
ix-F3VdORk3n-izldBMboHK_uhRx-KHnA1ZJ-4DLYpV2pEFMMoGMZw==
expires
Sun, 28 Feb 2021 04:37:20 GMT
ad.html
img.scupio.com/html/ Frame 9B2D
35 KB
13 KB
Document
General
Full URL
https://img.scupio.com/html/ad.html?v=1.0.49
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
1dd36c260f8851b86109b7aae20291cfdcd7b1abc22c3cae9837ffa76e19fc90

Request headers

:method
GET
:authority
img.scupio.com
:scheme
https
:path
/html/ad.html?v=1.0.49
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.plurk.com/p/o8mvnb
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
OrgKeyValue=CUA20210228093942246814
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.plurk.com/p/o8mvnb

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Wed, 17 Feb 2021 01:38:02 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Sun, 28 Feb 2021 00:40:56 GMT
expires
Sun, 28 Feb 2021 06:31:05 GMT
cache-control
max-age=21600
etag
W/"602c737a-8b05"
x-cache
Hit from cloudfront
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
bTcPb3xE_DNTdMVs1a-4rWdy6R5fjixJge4PrkWDF5mF98mN3hnldg==
age
4118
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 9B2D
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 15:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35233
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 15:52:30 GMT
prebid.js
img.scupio.com/js/ Frame 9B2D
212 KB
77 KB
Script
General
Full URL
https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
8e19184c4a4e60583340f58f787efe8eccd66f0fc60d1f1d83f93fee4638226b

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:38:19 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 01:52:53 GMT
server
nginx/1.12.1
age
167
etag
W/"5fd2d0f5-3502a"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
JQ_sMwTTIwt_ksL5CCQ5-B4_CmtqsH2y4jYunvIjRy9-c9T3V23DFg==
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
expires
Sun, 28 Feb 2021 07:36:55 GMT
json
gum.criteo.com/sid/ Frame
0
0
Other
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://img.scupio.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://img.scupio.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1548
date
Sun, 28 Feb 2021 01:39:42 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 9B2D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
  • https://mug.criteo.com/sid?cpp=V-PYtXxyVWY4U2h2RlhWRHNzNUVEZ1ZtZkVJU3NMVWZtNDVYNldDVk5JZEFmOTNUMXJ0R3BGWXBmVFhXbDdLSFVCZU13eEpxdEpOZE9YMWE5dGlBYnRJVlRxbzhQaTRNbG5sc0pDM0s1NUFzcXFjRFNWMjJIamtUazdWbE...
347 B
628 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=V-PYtXxyVWY4U2h2RlhWRHNzNUVEZ1ZtZkVJU3NMVWZtNDVYNldDVk5JZEFmOTNUMXJ0R3BGWXBmVFhXbDdLSFVCZU13eEpxdEpOZE9YMWE5dGlBYnRJVlRxbzhQaTRNbG5sc0pDM0s1NUFzcXFjRFNWMjJIamtUazdWbEcrdU45aHVWWmU0U0wzQXpjdmJUTno3UFA4Um1mY1Q2WlZJMGY2OXlib3Eyd3dCRTlDRDhsOWlXSWdQdHZKVzZxZ2JwN2ZRTXRFZXNYa1JpWC85WmlhR0J6ZWJxSThBMXo4c2dkVHpTdTJXdmtmV0lyMHRrPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9277fe33d0163e6647a4946802a7fef0df0cf270f496e33df3a6b74668cd4f9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 28 Feb 2021 01:39:43 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2399
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 28 Feb 2021 01:39:42 GMT
location
https://mug.criteo.com/sid?cpp=V-PYtXxyVWY4U2h2RlhWRHNzNUVEZ1ZtZkVJU3NMVWZtNDVYNldDVk5JZEFmOTNUMXJ0R3BGWXBmVFhXbDdLSFVCZU13eEpxdEpOZE9YMWE5dGlBYnRJVlRxbzhQaTRNbG5sc0pDM0s1NUFzcXFjRFNWMjJIamtUazdWbEcrdU45aHVWWmU0U0wzQXpjdmJUTno3UFA4Um1mY1Q2WlZJMGY2OXlib3Eyd3dCRTlDRDhsOWlXSWdQdHZKVzZxZ2JwN2ZRTXRFZXNYa1JpWC85WmlhR0J6ZWJxSThBMXo4c2dkVHpTdTJXdmtmV0lyMHRrPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3441
content-length
482
expires
0
header
hb.aralego.com/ Frame 9B2D
0
323 B
XHR
General
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7BE8827732D680EA64BB3A493A78B&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&fp=undefined&host=img.scupio.com&u=https%3A%2F%2Fwww.plurk.com%2Fp%2Fo8mvnb&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=405714e3-c8c4-40ac-9d47-e8f52a2bc06b&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Sun, 28 Feb 2021 01:39:43 GMT
access-control-allow-credentials
true
connection
close
cdb
bidder.criteo.com/ Frame 9B2D
0
144 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.19.0-pre&cb=7341628051
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Sun, 28 Feb 2021 01:39:42 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid.aspx
prebid.scupio.com/recweb/ Frame 9B2D
0
285 B
XHR
General
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7119674194047221
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.34 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 28 Feb 2021 01:39:43 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 9B2D
0
176 B
XHR
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Sun, 28 Feb 2021 01:39:43 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
sid
mug.criteo.com/ Frame
0
0
Other
General
Full URL
https://mug.criteo.com/sid?cpp=V-PYtXxyVWY4U2h2RlhWRHNzNUVEZ1ZtZkVJU3NMVWZtNDVYNldDVk5JZEFmOTNUMXJ0R3BGWXBmVFhXbDdLSFVCZU13eEpxdEpOZE9YMWE5dGlBYnRJVlRxbzhQaTRNbG5sc0pDM0s1NUFzcXFjRFNWMjJIamtUazdWbEcrdU45aHVWWmU0U0wzQXpjdmJUTno3UFA4Um1mY1Q2WlZJMGY2OXlib3Eyd3dCRTlDRDhsOWlXSWdQdHZKVzZxZ2JwN2ZRTXRFZXNYa1JpWC85WmlhR0J6ZWJxSThBMXo4c2dkVHpTdTJXdmtmV0lyMHRrPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1017
date
Sun, 28 Feb 2021 01:39:42 GMT
content-encoding
gzip
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3767
80 KB
26 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer
https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:28 GMT
server
nginx
etag
W/"6034e04c-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 01 Mar 2021 01:39:43 GMT
syncframe
gum.criteo.com/ Frame 49B7
0
150 B
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=www.plurk.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.plurk.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://img.scupio.com/html/mv.html?v=1.0.76
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://img.scupio.com/html/mv.html?v=1.0.76

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
2561
date
Sun, 28 Feb 2021 01:39:43 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3767
80 KB
26 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer
https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:28 GMT
server
nginx
etag
W/"6034e04c-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 01 Mar 2021 01:39:43 GMT
adsbyscupio.js
img.scupio.com/js/ Frame 7321
4 KB
2 KB
Script
General
Full URL
https://img.scupio.com/js/adsbyscupio.js?v=1.0.1
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
63f6cb1eb8c506a22e6b2d69d451a96962244596f3683db0035b8741544d6db9

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:38:07 GMT
content-encoding
gzip
last-modified
Fri, 13 Nov 2020 07:36:55 GMT
server
nginx/1.12.1
age
166
etag
W/"5fae3797-1115"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
QD0O1Tmm6AOMFD187Wb_4EHgNY1j_Qn_mXoYHFfRUCTI_C8uHhx2IA==
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
expires
Sun, 28 Feb 2021 04:36:57 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 9B2D
2 KB
2 KB
XHR
General
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.3005117855605819
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
92b96b4c22a94cd0c3f2c3d0b1211cb42839cbf99a9d7815e3fbd199b4795c32

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sun, 28 Feb 2021 01:39:42 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
1470
970x250.png
img.scupio.com/img/2011_gym/ Frame 7321
86 KB
86 KB
Image
General
Full URL
https://img.scupio.com/img/2011_gym/970x250.png
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:11:39 GMT
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
last-modified
Fri, 13 Nov 2020 07:26:05 GMT
server
nginx/1.12.1
age
3353
etag
"5fae350d-156c7"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
87751
x-amz-cf-id
ntTSwTTVsNUHgP-HWwU3rW13nIciSHGWv-ejwS1BN_RFgkzVwFh7tA==
expires
Mon, 28 Feb 2022 00:43:50 GMT
ls.html
img.scupio.com/html/ Frame F066
1 KB
1 KB
Document
General
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method
GET
:authority
img.scupio.com
:scheme
https
:path
/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://img.scupio.com/html/ad.html?v=1.0.49
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
OrgKeyValue=CUA20210228093942246814; gx=H4sIAN9kO2AA%2fxNmYGDg4uY4MnvO9B9P1loKsAqxcNgLMAEAwLhnZxcAAAA%3d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://img.scupio.com/html/ad.html?v=1.0.49

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Sun, 28 Feb 2021 01:16:56 GMT
expires
Sun, 07 Mar 2021 01:03:13 GMT
cache-control
max-age=604800
etag
W/"583295c9-4dc"
x-cache
Hit from cloudfront
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
sqik0FSqUq1zwlwE3oS8sVhA6AbBijVC6v5RnNIkq9jigSASL-67Dg==
age
2190
ggid.aspx
rec.scupio.com/recweb/ Frame 9D1C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1VBMjAyMTAyMjgwOTM5NDIyNDY4MTQ%3d&layout=js
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q1VBMjAyMTAyMjgwOTM5NDIyNDY4MTQ%3D&layout=js&google_tc=
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEMhqdaO58J7YN-saPppgWU&google_cver=1&google_ula=3918219,0
0
551 B
Script
General
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEMhqdaO58J7YN-saPppgWU&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:39:44 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
text/javascript
Content-Length
0

Redirect headers

pragma
no-cache
date
Sun, 28 Feb 2021 01:39:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEMhqdaO58J7YN-saPppgWU&google_cver=1&google_ula=3918219,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame C6B4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
291 B
559 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://img.scupio.com/html/ad.html?v=1.0.49
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://img.scupio.com/html/ad.html?v=1.0.49

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Sun, 28 Feb 2021 01:39:43 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date
Sun, 28 Feb 2021 01:39:43 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
www.facebook.com/tr/ Frame 9D1C
44 B
411 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.49&rl=&if=true&ts=1614476383760&cd[SBST]=25&cd[PuID]=plurk
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 28 Feb 2021 01:39:43 GMT
uxid.aspx
rec.scupio.com/recweb/ Frame 9D1C
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CUA20210228093942246814
  • https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
35 B
581 B
Image
General
Full URL
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:39:44 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
image/gif
Content-Length
35

Redirect headers

Location
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Date
Sun, 28 Feb 2021 01:39:44 GMT
Connection
close
Content-Length
71
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9B2D
80 KB
26 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:28 GMT
server
nginx
etag
W/"6034e04c-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 01 Mar 2021 01:39:43 GMT
usync.js
eus.rubiconproject.com/ Frame C6B4
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d1cc76a2ebad3324904785be3e4585b00f59a8b4c7b54b38736c64df07ee816b

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:39:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 20:32:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26340
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9308
Expires
Sun, 28 Feb 2021 08:58:43 GMT
khaos.jpg
token.rubiconproject.com/ Frame C6B4
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
syncframe
gum.criteo.com/ Frame E7F4
0
150 B
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=www.plurk.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.plurk.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://img.scupio.com/html/ad.html?v=1.0.49
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://img.scupio.com/html/ad.html?v=1.0.49

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1630
date
Sun, 28 Feb 2021 01:39:43 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9B2D
80 KB
26 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 01:39:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:28 GMT
server
nginx
etag
W/"6034e04c-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Mon, 01 Mar 2021 01:39:43 GMT
idSync
sync.aralego.com/ Frame 3767
35 B
266 B
Image
General
Full URL
https://sync.aralego.com/idSync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:39:46 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
idSync
sync.aralego.com/ Frame 9B2D
35 B
266 B
Image
General
Full URL
https://sync.aralego.com/idSync
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 01:39:46 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad2.apx.appier.net
URL
https://ad2.apx.appier.net/v1/prebid/bid

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| webpackJsonp object| pmd function| gettext function| _ function| ngettext function| format object| _i18n function| $ function| jQuery function| setImmediate function| clearImmediate function| swal function| sweetAlert object| Handlebars function| _gaq_push function| $static_path function| $theme_path object| GLOBAL string| GoogleAnalyticsObject function| ga string| LANG object| Languages function| protocolRelative function| cookieCapping function| formatDate function| ensureDateField function| objectkeys function| objectvalues function| getBody object| __translation object| CLIQUES_DEFAULT object| CLIQUES_DEFAULT_TRANS object| EventsManager object| Cal function| FeatureManager object| Features object| BroadcastStation object| Users object| SiteState object| HistoryManager function| copyTextToClipboard number| _popWindowCount object| _popWindows function| InfoOverlay function| FriendsSelectList function| UserComplete object| TopBar object| NotificationList function| PopView function| HoverPopView function| AddHoverToolTip function| PopWindow object| OpenX object| Themes function| QualifierSelector object| LANG_QUAL function| PlurkPoster object| EmoticonStatic object| regeneratorRuntime object| EmoticonCustom object| EmoticonSelector object| PlurkAdder function| ShareControl function| PrivateOptions object| PlurksManager object| ResponsesManager object| Media object| PlurkElement function| PlurkEditor function| TimelineHolderLayout function| HorizontalTimelineHolderLayout function| VerticalTimelineHolderLayout function| PlurkTimelineHolder object| _typingResponses function| ResponsesHolder object| PrivatePlurking function| BookmarkEditor function| TagsSelectList function| TagComplete object| googletag object| ggeac object| google_js_reporting_queue object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| Scupioads object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id function| hasOwnProperty object| scupiosdk object| plurk object| Qualifiers object| annoplurk object| tl_banana object| tl_native function| PlurkTimeline object| cbox object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests

5 Cookies

Domain/Path Name / Value
.plurk.com/ Name: _gat
Value: 1
.plurk.com/ Name: _gid
Value: GA1.2.42440168.1614476381
.plurk.com/ Name: _ga
Value: GA1.2.1144627910.1614476381
.plurk.com/ Name: plurkcookiea
Value: "CPAHQhFGIeiDU5SjuPmjW4jdNJUOMDDcemyJjJPDXAs=?from_url=Ii9wL284bXZuYiI=&invitation_from_uid=MTQ4MDc2MzQ="
.plurk.com/ Name: __cfduid
Value: d590ef1591844f32e7e7c6393645c62ea1614476380

1 Console Messages

Source Level URL
Text
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js(Line 6)
Message:
The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
ad2.apx.appier.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.plurk.com
avatars.plurk.com
bidder.criteo.com
bw.scupio.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
img.scupio.com
imgs.plurk.com
mug.criteo.com
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
rec.scupio.com
s.plurk.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync.aralego.com
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.plurk.com
ad2.apx.appier.net
103.132.192.30
104.108.50.124
142.250.186.162
162.210.196.208
178.250.0.157
178.250.2.131
192.96.200.41
210.59.219.175
210.59.219.180
210.59.219.34
23.37.42.132
2606:4700::6810:125e
2606:4700::6811:4503
2606:4700::6811:4603
2a00:1450:4001:800::200a
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c1b::9b
2a02:2638::1c
2a02:2638::3
2a03:2880:f11c:8183:face:b00c:0:25de
65.9.58.8
69.173.144.165
00b47a03581bb0bca92448936ff4894eda7dce3a072ef9265b772742a27edf49
09bac6502db6900e4dd810ff11d2e2f42ab27678d4a4357571231e5c253612bb
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13ea1dad23d6c81d414b13ef4972c6c85a69e08964df7ecceb4dad85924408fd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1dd36c260f8851b86109b7aae20291cfdcd7b1abc22c3cae9837ffa76e19fc90
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
213b9ca5a900159a345f090a85fc24bed8dac9ed54fb205682469fecb53f12d6
29f5c26b42fdd38a01de8e22676ebfa67d355c2b19f5cd6f9875bfb9b66f6e03
29f62aaef9191b0a89b4c0d23372144b12a2a9deb1decb55de811010d7173bb8
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2c1635a4ccff834ea77c835f6982c3f93f4bd91e04b4dc0d6d4eef1865448d06
2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae
322f42c84834d69d42ae6fbfd7aef8a5fea34b276c95ead7e2cf9a61be64af3a
36a7965b79bb7ebc1c5fa62baa58a99262dda1d30dbc4fc4d2f24d0d0ed9f4a1
43117f501d26cd0d4a90b49a92cde44257b11372b953b6374d7e857f52b662fd
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4ecea5f66a77e522a06bd4b3cfd85f062e99be44ef791cc993dc93291d0d2540
4f027798f9ae37e02c7090a4615c4cc4adf19abd5c272c0be41e0d45f234b697
4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60d22e55e65ef331b71d12b20c42bde842b812d6c90b237dc474361e903b93f0
63f6cb1eb8c506a22e6b2d69d451a96962244596f3683db0035b8741544d6db9
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
70883ab3472861e764e036877549309d461f0458372477c51e2c38c9174947fe
711bba755e57607afd295f3765c46a4926f5bd085f0a810b4c2b8202c1b518a1
73f055ea6bb30904f982239d5dcb4814f72e19f58cbc1e46e50e71fe8336f97c
75837f87b0d5f3b1405b71701c113366be526353bba3624bcdb99117b760ed65
81cc04aaaef4074be8556715c80fefc74a8de57c1487a08e9a8b99a7a69f98da
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f044aeec44b3497674ca623764de3775e6d91b0c5a507417df5441b831237e
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8e19184c4a4e60583340f58f787efe8eccd66f0fc60d1f1d83f93fee4638226b
9277fe33d0163e6647a4946802a7fef0df0cf270f496e33df3a6b74668cd4f9a
92b96b4c22a94cd0c3f2c3d0b1211cb42839cbf99a9d7815e3fbd199b4795c32
938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
99548e38930ef936243560c42de6b9a3916c96aab218755bad6cf07a6633f60a
9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af9c36eb65ef1ee2bd3b895ab1295065f7c43f07fceac8e7d8c076a0058325c7
b31cd448810f1526683422701edfda3fda04e49df1dd22cbc6718867eef7b1c5
baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1
ca2992d354532013b78f5db40ac0f65a9f6fb83343b43a7cbb066cc52c9b24c1
cb619e48590bc0fbbbf1a395d27b74a7669f5c814d0ea4fe1afceebba0c2e630
d13b8f3d3c776c32e06c92aa5974e213eceecd46aaa76cc1a704100b24ec980f
d1cc76a2ebad3324904785be3e4585b00f59a8b4c7b54b38736c64df07ee816b
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e625fdbf85a87c609a27792b0a399c27242d09303f9626ec75535e80b6e7e779
e64b0a3cc7e978d8c8aa4446ced6206f7d89608c71ca671f90d5b5292fa7bb74
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949
f082045e8c9e79cde0bdd8f50065baf1ff6c7bf50626f2800517f05c208d78b1
f5691463091f8b672bb19a3001ad5d5f107097874d6010f8b8dce81ecfd63c91
fc714cd9a5c42c32767304fae88486c755bb74fe192365bf3ba90f75e8754a4b
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e