www.plurk.com Open in urlscan Pro
2606:4700::6811:4503 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.plurk.com/p/o8mvnb
Submission: On February 28 via manual (February 28th 2021, 1:39:59 am UTC) from VN

Summary HTTP 104 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 18 domains to perform 104 HTTP transactions. The main IP is 2606:4700::6811:4503, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.plurk.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 17th 2020. Valid for: 2 years.

This is the only time www.plurk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700::68... 2606:4700::6811:4503	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	65.9.58.8 65.9.58.8	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2 5	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4603	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 6	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	210.59.219.34 210.59.219.34	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 1	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.108.50.124 104.108.50.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
104	33

18 2606:4700::6811:4503 (United States)

ASN13335 (CLOUDFLARENET, US)

www.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatars.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgs.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 65.9.58.8 (United States)

ASN16509 (AMAZON-02, US)

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4603 (United States)

ASN13335 (CLOUDFLARENET, US)

s.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.210.196.208 (Hyattsville, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.34 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.180 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.175 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.96.200.41 (United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	156 KB
19	plurk.com www.plurk.com s.plurk.com avatars.plurk.com imgs.plurk.com assets.plurk.com	297 KB
16	scupio.com img.scupio.com prebid.scupio.com bw.scupio.com rec.scupio.com	300 KB
12	criteo.com 2 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	3 KB
8	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	133 KB
5	aralego.com 1 redirects hb.aralego.com sync.aralego.com	1 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	criteo.net static.criteo.net	103 KB
4	google.com 1 redirects adservice.google.com www.google.com	659 B
4	cloudflare.com cdnjs.cloudflare.com	54 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	64 KB
3	googletagservices.com www.googletagservices.com	80 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	creativecdn.com prebid-asia.creativecdn.com	352 B
2	google.de adservice.google.de www.google.de	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	facebook.com www.facebook.com	411 B
0	appier.net Failed ad2.apx.appier.net Failed
104	18

	Domain	Requested by
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.plurk.com 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com tpc.googlesyndication.com
12	s.plurk.com	www.plurk.com s.plurk.com
10	img.scupio.com	www.plurk.com img.scupio.com
6	gum.criteo.com	2 redirects static.criteo.net
4	static.criteo.net	img.scupio.com static.criteo.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	mug.criteo.com
4	cdnjs.cloudflare.com	www.plurk.com
3	sync.aralego.com	1 redirects img.scupio.com
3	www.google.com	1 redirects www.plurk.com 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.plurk.com
3	assets.plurk.com	cdnjs.cloudflare.com
3	www.googletagservices.com	www.plurk.com securepubads.g.doubleclick.net 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
2	eus.rubiconproject.com	www.plurk.com eus.rubiconproject.com
2	rec.scupio.com	img.scupio.com
2	cm.g.doubleclick.net	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	googleads.g.doubleclick.net	013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
2	bw.scupio.com	ajax.googleapis.com
2	prebid-asia.creativecdn.com	img.scupio.com
2	prebid.scupio.com	img.scupio.com
2	hb.aralego.com	img.scupio.com
2	bidder.criteo.com	img.scupio.com
2	ajax.googleapis.com	img.scupio.com
2	013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.plurk.com www.google-analytics.com
2	www.plurk.com	cdnjs.cloudflare.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	www.facebook.com	img.scupio.com
1	secure-assets.rubiconproject.com	1 redirects
1	fonts.googleapis.com	tpc.googlesyndication.com
1	www.google.de	www.plurk.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	imgs.plurk.com	www.plurk.com
1	avatars.plurk.com	www.plurk.com
0	ad2.apx.appier.net Failed	img.scupio.com
104	38

This site contains links to these domains. Also see Links.

Domain
www.bandatnendongnai.vn

Subject Issuer	Validity	Valid
*.plurk.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-17` - `2022-07-16`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2019-10-15` - `2021-10-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.plurk.com/p/o8mvnb
Frame ID: 7E9010142AB4979F41B9A6C65F08B4ED
Requests: 42 HTTP requests in this frame

Frame: https://img.scupio.com/html/mv.html?v=1.0.76
Frame ID: 37678E46162B22F33B2164895EB06E72
Requests: 13 HTTP requests in this frame

Frame: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 6660374948C475F5FA0497CF3C427A90
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html
Frame ID: 7C63FBC4300AC27EA82BC2F8330FA284
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2224EF482F0016A81FD9AA1B633898D2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: C53EF382C60ED2F02197AA41D2D9B4C2
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.49
Frame ID: 9B2D447E2121B150F7AB594EF9191203
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.plurk.com
Frame ID: 49B770EEE50B1C4BD5369D02FA9E794A
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.1
Frame ID: 732178AD02A18C9D46E678DA8D50D6AB
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: F066C89C8DC034FFB7A8C1A663DEE913
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEMhqdaO58J7YN-saPppgWU&google_cver=1&google_ula=3918219,0
Frame ID: 9D1CDC08D76FA5921BE3714C852D630F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: C6B48B3B39624E886F5504084AFD9CA6
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.plurk.com
Frame ID: E7F4DC161BDE997976B1FBBB6E78DB42
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

104
Requests

99 %
HTTPS

61 %
IPv6

18
Domains

38
Subdomains

33
IPs

6
Countries

1248 kB
Transfer

3227 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bandatnendongnai.vn/cho-thue-lai-lao-dong/
Title: Cho thuê lao động (Cung ứng lao động)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=26L4tHxuSDMybHVjd3dDTFI2Z21BTG5oaGJXQ3VrKzFlRm5CdzhUdnBFc2R3ZXZ3aWtqMjhKUll6MFhxVExrSHFSWjhGNHg1QmJkMUhvNkZwYVRmNi91TUtBRDVkSjZqSzZMRlF5elRZdHV2dEZxZGFaaFhRZ0lnaUN3U3o4dVZVZm5wbU5ycnVIYVpVTkFDaWV6d0psNjF6WW9FcWx5YWNCWUZPVFE4VWNVMkdDWDB0a2kvRU1TOGcxMU5oWHZhOE01UXI2NFdyTU50cm5Sckc3L0c2c2hqSnVqUGF2MWQ3eTFMdisrN2ZwSXI0N1ZJPXw&cppv=2

Request Chain 67

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 80

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=V-PYtXxyVWY4U2h2RlhWRHNzNUVEZ1ZtZkVJU3NMVWZtNDVYNldDVk5JZEFmOTNUMXJ0R3BGWXBmVFhXbDdLSFVCZU13eEpxdEpOZE9YMWE5dGlBYnRJVlRxbzhQaTRNbG5sc0pDM0s1NUFzcXFjRFNWMjJIamtUazdWbEcrdU45aHVWWmU0U0wzQXpjdmJUTno3UFA4Um1mY1Q2WlZJMGY2OXlib3Eyd3dCRTlDRDhsOWlXSWdQdHZKVzZxZ2JwN2ZRTXRFZXNYa1JpWC85WmlhR0J6ZWJxSThBMXo4c2dkVHpTdTJXdmtmV0lyMHRrPXw&cppv=2

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1VBMjAyMTAyMjgwOTM5NDIyNDY4MTQ%3d&layout=js HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q1VBMjAyMTAyMjgwOTM5NDIyNDY4MTQ%3D&layout=js&google_tc= HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEMhqdaO58J7YN-saPppgWU&google_cver=1&google_ula=3918219,0

Request Chain 94

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 96

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CUA20210228093942246814 HTTP 302
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

104 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request o8mvnb Show response
www.plurk.com/p/ 17 KB
5 KB 475ms
455ms Document
text/html 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60d22e55e65ef331b71d12b20c42bde842b812d6c90b237dc474361e903b93f0

Request headers

:method: GET
:authority: www.plurk.com
:scheme: https
:path: /p/o8mvnb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d590ef1591844f32e7e7c6393645c62ea1614476380; expires=Tue, 30-Mar-21 01:39:40 GMT; path=/; domain=.plurk.com; HttpOnly; SameSite=Lax; Secure plurkcookiea="CPAHQhFGIeiDU5SjuPmjW4jdNJUOMDDcemyJjJPDXAs=?from_url=Ii9wL284bXZuYiI=&invitation_from_uid=MTQ4MDc2MzQ="; Domain=.plurk.com; Expires=Mon, 15-Mar-2021 01:39:40 GMT; Max-Age=1296000; Secure; HttpOnly; Path=/
cf-cache-status: DYNAMIC
cf-request-id: 0887e3a0890000638952bc7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 62866ee0df1b6389-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 0.a338a21b0a6a5ba1fd58.js Show response
s.plurk.com/ 101 KB
30 KB 47ms
32ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/0.a338a21b0a6a5ba1fd58.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85f044aeec44b3497674ca623764de3775e6d91b0c5a507417df5441b831237e

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 222723
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 048F68E483E9B72E
x-amz-id-2: 3jbmYQ2cZqJ9IM3V1yfBdN03ly6biIRiw4+21xs+fWxZWyMHYFMErjV9coGtvoM0dqng1M8IwUk=
x-amz-expiration: expiry-date="Sat, 26 Feb 2022 00:00:00 GMT", rule-id="Auto Expire Object (365days)"
last-modified: Thu, 25 Feb 2021 06:35:00 GMT
server: cloudflare
etag: W/"b1505f868f0ee3984e95193ea9b2c81d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0887e3a2670000638946af2000000001
cf-ray: 62866ee3df526389-FRA
expires: Mon, 02 Feb 2026 01:39:40 GMT

GET
H2 200 1.5b80825f58f3521f18c6.js Show response
s.plurk.com/ 249 KB
79 KB 54ms
39ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/1.5b80825f58f3521f18c6.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc714cd9a5c42c32767304fae88486c755bb74fe192365bf3ba90f75e8754a4b

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 222653
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3893736AB5D34B8E
x-amz-id-2: odIB4TT6H+pA6K/dMHAoGHRuTmwvF/ngBYl8qKmTvAZuw1Sp0wwo3mAR+mYFM8m647QhSx9hRxk=
x-amz-expiration: expiry-date="Sat, 26 Feb 2022 00:00:00 GMT", rule-id="Auto Expire Object (365days)"
last-modified: Thu, 25 Feb 2021 06:35:00 GMT
server: cloudflare
etag: W/"7fa7760d429ca133498879fd0ac41f33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0887e3a2670000638955b18000000001
cf-ray: 62866ee3df536389-FRA
expires: Mon, 02 Feb 2026 01:39:40 GMT

GET
H2 200 762c0029e136b63e92bd.js Show response
s.plurk.com/ 2 KB
1 KB 42ms
27ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/762c0029e136b63e92bd.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 322f42c84834d69d42ae6fbfd7aef8a5fea34b276c95ead7e2cf9a61be64af3a

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 222653
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AA6C87AEB49A1E60
x-amz-id-2: XHGZ+0zdzY/XX4SkfBArTW0OjbwxKPFJnyEYvzpE3ZDUf3p8CqmHwDCHFr2wfRlzY1Gf/bVvYgU=
x-amz-expiration: expiry-date="Sat, 26 Feb 2022 00:00:00 GMT", rule-id="Auto Expire Object (365days)"
last-modified: Thu, 25 Feb 2021 06:34:51 GMT
server: cloudflare
etag: W/"748293ae2981692c1f1ec21cf8647b2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0887e3a2660000638943918000000001
cf-ray: 62866ee3df4f6389-FRA
expires: Mon, 02 Feb 2026 01:39:40 GMT

GET
H2 200 0.700ba6ee539678924790.css
s.plurk.com/ 9 KB
2 KB 42ms
27ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/0.700ba6ee539678924790.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09bac6502db6900e4dd810ff11d2e2f42ab27678d4a4357571231e5c253612bb

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 500045
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7B7986F85C7F5A4B
x-amz-id-2: uiQQjW6EsrDGhMK73SpA1eCBycSdLiIsrx2qy/ewuW46hyD0cn5/V/4WxZS/xqOZvnuYwtYTzRA=
last-modified: Mon, 22 Feb 2021 04:25:42 GMT
server: cloudflare
etag: W/"1a572589e3a795fbdf3d7eabc098c11e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0887e3a265000063894e398000000001
cf-ray: 62866ee3df4c6389-FRA
expires: Mon, 02 Feb 2026 01:39:40 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
28 KB 27ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1476295
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 0887e3a26300004a6d73a65000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2uYWcb4tDe8mZROdeRpHv6om4EN0YpSKHdRdQA5bGgqHPUgJ5xHz3RK1cS7kg7NhNEMHBgoKF4NwsOgqTAxVc6%2FddHpdCVJMqtocFiGacfqELj1HYI%2BgDJXW5AOEvgZ%2F1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62866ee3dc854a6d-FRA
expires: Fri, 18 Feb 2022 01:39:40 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/ 21 KB
4 KB 34ms
21ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3296622
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4037
cf-request-id: 0887e3a26300004a6dc817b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-55e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vlkKm8ifwa7YOVIT1OjnSclo0UzbSmfZZUYflOawtfDn0i7eNCdMW66Yd%2FWp0UQ8l0ysGJLll7lh%2F6pnT5fEDk6prGNuylnUioObOM%2BY8xU4UXqPiqK22WFOcf1nyRmFxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62866ee3dc844a6d-FRA
expires: Fri, 18 Feb 2022 01:39:40 GMT

GET
H2 200 5b976a9ca7c2207798dd.js Show response
s.plurk.com/ 1 KB
885 B 32ms
17ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/5b976a9ca7c2207798dd.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 711bba755e57607afd295f3765c46a4926f5bd085f0a810b4c2b8202c1b518a1

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 222653
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5K8T2N1G1P4S7H7P
x-amz-id-2: OAN+PZS0T+930BH+N1/A+zSM3zQBVR/LIE4/EZfzc//jdHV1PaoYNjWALoPtROkynK+PW3FEeaQ=
x-amz-expiration: expiry-date="Sat, 26 Feb 2022 00:00:00 GMT", rule-id="Auto Expire Object (365days)"
last-modified: Thu, 25 Feb 2021 06:34:51 GMT
server: cloudflare
etag: W/"c858ecdaac79c1ac75211d9982320dbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0887e3a266000063895492d000000001
cf-ray: 62866ee3df506389-FRA
expires: Mon, 02 Feb 2026 01:39:40 GMT

GET
H2 200 20e98ced63608cc71d44.css
s.plurk.com/ 6 KB
1 KB 41ms
27ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/20e98ced63608cc71d44.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b31cd448810f1526683422701edfda3fda04e49df1dd22cbc6718867eef7b1c5

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 683156
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 0090BB573F2B4285
x-amz-id-2: o5ubL2EB6x+t45zt6Us/S8xqSdYs4RPGUjmdfm/PA2c3Xax20F5yLuZrX8gHGytykTNpV5IUZ54=
last-modified: Tue, 15 Dec 2020 07:16:13 GMT
server: cloudflare
etag: W/"46cce1ab85cbbb15a25283ff3cbd14ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0887e3a264000063894baa8000000001
cf-ray: 62866ee3df4a6389-FRA
expires: Mon, 02 Feb 2026 01:39:40 GMT

GET
H2 200 sweetalert.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/ 40 KB
11 KB 33ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 872054
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10494
cf-request-id: 0887e3a26400004a6d61881000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff8-9f68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qIev4J%2BDlFQIgG83z9vXCC7bf0rFxtwNlV1j3llVOwqQq6KYRLtrUoyRLar5doZYIYULG9H9TG3grJGwcp1L2%2FpdAJ2EfCifycdYN%2F6XG%2B9gEJ7yOZLFyQ9ix729Acm6lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62866ee3dc884a6d-FRA
expires: Fri, 18 Feb 2022 01:39:40 GMT

GET
H2 200 handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/ 43 KB
12 KB 32ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/handlebars.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1446695
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11830
cf-request-id: 0887e3a26400004a6d95246000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-ac34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FfhDG%2BgAaSZLtlmn32%2BmkiF9FBxz8AHgPCNiZz38XKjBz08ml9bDu2%2B4%2FeBt%2B8y%2BeQ3xa9ITaLER75k1EweLKQkdKoo1NNjjK%2F9JTe8FGZq3K%2BBdMBQdae3s3sG%2B3AHwfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62866ee3dc874a6d-FRA
expires: Fri, 18 Feb 2022 01:39:40 GMT

GET
H2 200 46e6a8fbeab1c000f956.js Show response
s.plurk.com/ 64 KB
21 KB 41ms
28ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/46e6a8fbeab1c000f956.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29f62aaef9191b0a89b4c0d23372144b12a2a9deb1decb55de811010d7173bb8

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 94000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F882CD51EAD997BC
x-amz-id-2: +L2UAKz390t2CO9kNbfWk0n4rqyo/HOJEOKfF69TDFBkkE5UBzXs+dki3MumAutzR0Jn85tv7Jo=
last-modified: Fri, 26 Feb 2021 06:59:49 GMT
server: cloudflare
etag: W/"00ec36754d78315725bd5664035cc645"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0887e3a266000063893d8da000000001
cf-ray: 62866ee3df516389-FRA
expires: Mon, 02 Feb 2026 01:39:40 GMT

GET
H2 200 2aa084d58ada32dfe6fe.css
s.plurk.com/ 34 KB
7 KB 42ms
29ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/2aa084d58ada32dfe6fe.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70883ab3472861e764e036877549309d461f0458372477c51e2c38c9174947fe

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 618521
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: E5DBD6B43A822EFE
x-amz-id-2: FzqPQHJDKlIIyQl3O3VE85yfKlO67JHtcxgIYRqn96TNNxqTodxUrgF9KNoYeNK7DfJ9FF2iE0k=
last-modified: Sat, 23 Jan 2021 21:33:09 GMT
server: cloudflare
etag: W/"67f20f8651d1b0f6923f442df1a4f24f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0887e3a265000063893d373000000001
cf-ray: 62866ee3df4b6389-FRA
expires: Mon, 02 Feb 2026 01:39:40 GMT

GET
H2 200 7b5fa6946f1a5d0e7cf5.js Show response
s.plurk.com/ 233 KB
67 KB 48ms
35ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/7b5fa6946f1a5d0e7cf5.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13b8f3d3c776c32e06c92aa5974e213eceecd46aaa76cc1a704100b24ec980f

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 220678
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 87985DC775554A79
x-amz-id-2: 8nhESkzPgc7ABenL7UJdjAgUNvu6K9/Pra1puNuJBt8m3PrQ1DGOqUFiD0QzsjVlxekgIa3TNrw=
x-amz-expiration: expiry-date="Sat, 26 Feb 2022 00:00:00 GMT", rule-id="Auto Expire Object (365days)"
last-modified: Thu, 25 Feb 2021 06:35:01 GMT
server: cloudflare
etag: W/"521e3ded7a7e44c30f8286486ad24b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0887e3a2650000638940b4d000000001
cf-ray: 62866ee3df4e6389-FRA
expires: Mon, 02 Feb 2026 01:39:40 GMT

GET
H2 200 064e6dff298ac12fca79.css
s.plurk.com/ 60 KB
12 KB 42ms
29ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/064e6dff298ac12fca79.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb619e48590bc0fbbbf1a395d27b74a7669f5c814d0ea4fe1afceebba0c2e630

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 1010884
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: D22B6B0C0C1D93AB
x-amz-id-2: qVCYcX/lFEN8uWpa0cXDOJo6CfJYCYwXZXWAGSGeQwdoVloGkcWrkmblTRLFd8mM3M0p0DwjjuA=
last-modified: Wed, 10 Feb 2021 07:19:13 GMT
server: cloudflare
etag: W/"f21d48da72b1b8bed261255df1b12597"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0887e3a2640000638959b3a000000001
cf-ray: 62866ee3df496389-FRA
expires: Mon, 02 Feb 2026 01:39:40 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 42 KB
15 KB 92ms
26ms Script
application/javascript 65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 29f5c26b42fdd38a01de8e22676ebfa67d355c2b19f5cd6f9875bfb9b66f6e03

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:38:14 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 03:43:17 GMT
server: nginx/1.12.1
age: 118
etag: W/"603479d5-a852"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: M_1vW7KsCoCoDLz7g6yKZGJpUqYKWXrxhNr5bl0mrl-qTJVRxVKDVg==
via: 1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
expires: Sun, 28 Feb 2021 01:52:42 GMT

GET
H2 200 14807634-medium15092772.gif
avatars.plurk.com/ 1 KB
2 KB 16ms
14ms Image
image/gif 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.plurk.com/14807634-medium15092772.gif
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
cf-cache-status: HIT
age: 345119
cf-polished: origSize=1287
cf-ray: 62866ee4bf5e6389-FRA
x-amz-storage-class: REDUCED_REDUNDANCY
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1279
x-amz-id-2: Pdy33bV2l0z9fohyIjdMH3XqMDcAd2oQy/gzWsQcbmZ9i7BXxbfENfG2sNb2u+xBw0+2tHte2Os=
last-modified: Wed, 24 Oct 2018 17:48:38 GMT
server: cloudflare
etag: "6c0779ae49111313047639c892eef67c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: D7C0836436369703
expires: Mon, 02 Feb 2026 01:39:40 GMT
cache-control: public, max-age=155520000
cf-request-id: 0887e3a2f70000638943919000000001
accept-ranges: bytes
content-type: image/gif
cf-bgj: imgq:100,h2pri

GET
H2 200 gI3PjDd4aD1ag7G5pPql0pA96s0_mt.jpg
imgs.plurk.com/QzI/eAh/ 11 KB
11 KB 17ms
16ms Image
image/jpeg 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgs.plurk.com/QzI/eAh/gI3PjDd4aD1ag7G5pPql0pA96s0_mt.jpg
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f027798f9ae37e02c7090a4615c4cc4adf19abd5c272c0be41e0d45f234b697

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
cf-cache-status: HIT
age: 345119
cf-polished: origSize=11598
x-amz-meta-source: https://www.bandatnendongnai.vn/wp-content/uploads/2021/02/cung-ung-lao-dong.jpg
x-amz-meta-content-type: image/jpeg
last-modified: Wed, 24 Feb 2021 01:47:16 GMT
content-length: 11193
x-amz-meta-hash: eAhgI3PjDd4aD1ag7G5pPql0pA96s0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EW7Z3JDZ0T4ZFM5J
x-amz-id-2: Tz35s2T2S9ofE+wmP7ht0mH541IXfrDIYIDzQENR0LbQKO26YrotFIPMztDrZ18EwT5FuApTO54=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "60d8a01febfc85986cac26e54e1cf9ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-request-id: 0887e3a3080000638946af3000000001
accept-ranges: bytes
cf-ray: 62866ee4df616389-FRA
expires: Mon, 28 Feb 2022 01:39:40 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
19 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213b9ca5a900159a345f090a85fc24bed8dac9ed54fb205682469fecb53f12d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "797 / 960 of 1000 / last-modified: 1614381521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19359
x-xss-protection: 0
expires: Sun, 28 Feb 2021 01:39:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 24ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5824
date: Sun, 28 Feb 2021 00:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 28 Feb 2021 02:02:36 GMT

GET
H2 200 background.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
380 B 27ms
16ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/background.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
cf-cache-status: HIT
age: 678359
cf-ray: 62866ee47f5b6389-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-amz-id-2: gDXkvkWQwKnpCkwSvcS5g0/8wjn7jALsdu8+wUqqu0sIZhwL9538dGv3kT5p+5DccgXsMUyDaWs=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 00E6999D46E58D2A
cache-control: public, max-age=31536000
cf-request-id: 0887e3a2cb000063894e399000000001
accept-ranges: bytes
content-type: text/css
expires: Mon, 28 Feb 2022 01:39:40 GMT

GET
H2 200 timeline.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
154 B 27ms
16ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/timeline.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
cf-cache-status: HIT
age: 843875
cf-ray: 62866ee47f5d6389-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-amz-id-2: L3pErnHNJgKwc3EaxRwfGMTVnBa/7Z424chQbhTghEP0jLq7JPCH6IxJzalLjL3mObgESE9Xnr0=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 403924EB832C5023
cache-control: public, max-age=31536000
cf-request-id: 0887e3a2cc0000638940b4e000000001
accept-ranges: bytes
content-type: text/css
expires: Mon, 28 Feb 2022 01:39:40 GMT

GET
H2 200 dashboard.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
176 B 36ms
24ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/dashboard.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
cf-cache-status: HIT
age: 240313
cf-ray: 62866ee47f5c6389-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-amz-id-2: UnNSxubFhCWFoHPuDf47fK3fulzUw8sBNuCxKyl+9oRlfwQar0zjMAEh6caxMnY6LKu47NiPbEo=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 1A5A5641377947DB
cache-control: public, max-age=31536000
cf-request-id: 0887e3a2cc000063895d057000000001
accept-ranges: bytes
content-type: text/css
expires: Mon, 28 Feb 2022 01:39:40 GMT

GET
H2 200 pubads_impl_2021022301.js Show response
securepubads.g.doubleclick.net/gpt/ 290 KB
102 KB 83ms
31ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 09:41:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104129
x-xss-protection: 0
expires: Sun, 28 Feb 2021 01:39:40 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
389 B 45ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=265095571&t=pageview&_s=1&dl=https%3A%2F%2Fwww.plurk.com%2Fp%2Fo8mvnb&ul=en-us&de=UTF-8&dt=datnendongnai%20-%20Cho%20thu%C3%AA%20l%E1%BA%A1i%20lao%20%C4%91%E1%BB%99ng%20(Cung%20%E1%BB%A9ng%20lao%20%C4%91%E1%BB%99ng)%20l%C3%A0%20g%C3%AC%3F%20Theo%20quy%20%C4%91%E1%BB%8Bnh%20t%E1%BA%A1i%20%C4%90i%E1%BB%81u%2053%20B%E1%BB%99%20lu%E1%BA%ADt%20Lao%20%C4%91%E1%BB%99ng%202012%2C%20cho%20thu%C3%AA%20l%E1%BA%A1i%20lao%20%C4%91%E1%BB%99ng%20l%C3%A0%20h%C3%ACnh%20th%E1%BB%A9c%20ng%C6%B0%E1%BB%9Di%20lao%20%C4%91%E1%BB%99ng%20%C4%91%C3%A3%20%C4%91%C6%B0%E1%BB%A3c%20tuy%E1%BB%83n%20d%E1%BB%A5ng%20b%E1%BB%9Fi%20doanh%20nghi%E1%BB%87p%20%C4%91%C6%B0%E1%BB%A3c%20c%E1%BA%A5p%20ph%C3%A9p%20cho%20thu%C3%AA%20l%E1%BA%A1i%20lao%20%C4%91%E1%BB%99ng%20(Cung%20%E1%BB%A9ng%20lao%20%C4%91%E1%BB%99ng)%20sau%20%C4%91%C3%B3%20l%C3%A0m%20vi%E1%BB%87c%20cho%20ng%C6%B0%E1%BB%9Di%20s%E1%BB%AD%20d%E1%BB%A5ng%20lao%20%C4%91%E1%BB%99ng%20kh%C3%A1c%20Cho%20thu%C3%AA%20lao%20%C4%91%E1%BB%99ng%20(Cung%20%E1%BB%A9ng%20lao%20%C4%91%E1%BB%99ng)%20-%20Plurk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1268974993&gjid=1583102772&cid=1144627910.1614476381&tid=UA-53436-7&_gid=42440168.1614476381&_r=1&_slc=1&z=1453610681

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 01:39:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d4c0955530a8e2c432946c6057221cab.woff
s.plurk.com/plurkiconfont/fonts/ 21 KB
22 KB 31ms
13ms Font
application/font-woff 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/plurkiconfont/fonts/d4c0955530a8e2c432946c6057221cab.woff
Requested by: Host: s.plurk.com
URL: https://s.plurk.com/20e98ced63608cc71d44.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1

Request headers

Origin: https://www.plurk.com
Referer: https://s.plurk.com/20e98ced63608cc71d44.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:41 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 681047
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EYCG5J0Q9J9ZEM0M
x-amz-id-2: aaIW2VotnvNvxQB/6FrtmU7rzJOP/lLVybPqC/N2QnF0T7sfFeXLnFnxSo77BHopXaZ5esov6p8=
last-modified: Tue, 15 Dec 2020 07:16:12 GMT
server: cloudflare
etag: W/"d4c0955530a8e2c432946c6057221cab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=155520000
cf-request-id: 0887e3a37f00004e38c800c000000001
cf-ray: 62866ee59af64e38-FRA
expires: Mon, 02 Feb 2026 01:39:41 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 33ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.plurk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 01:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
243 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.plurk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 01:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 89 KB
29 KB 366ms
337ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3068002578743198&correlator=1581089378169845&output=ldjh&impl=fif&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210228&iu_parts=75142684%2Cplurk_message_300x250_SB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1614476381&dt=1614476381132&dlt=1614476380753&idt=267&frm=20&biw=1600&bih=1200&oid=3&adxs=1005&adys=102&adks=2862190043&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.plurk.com%2Fp%2Fo8mvnb&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1144627910.1614476381&ga_sid=1614476381&ga_hid=265095571&fws=4&ohw=1600&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f082045e8c9e79cde0bdd8f50065baf1ff6c7bf50626f2800517f05c208d78b1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLHPzZm5i-8CFa_uuwgdeiQFEw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10632268624349161646/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLHPzZm5i-8CFa_uuwgdeiQFEw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10632268624349161646/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 28 Feb 2021 01:39:41 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 45ms
13ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 103ms
34ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-53436-7&cid=1144627910.1614476381&jid=1268974993&gjid=1583102772&_gid=42440168.1614476381&_u=IEBAAEAAAAAAAC~&z=1197110437

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Feb 2021 01:39:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10987.json Show response
img.scupio.com/js/config/ 452 B
843 B 73ms
27ms XHR
application/json 65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/10987.json?v=1.0.3791
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 4ecea5f66a77e522a06bd4b3cfd85f062e99be44ef791cc993dc93291d0d2540

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 28 Feb 2021 01:34:51 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jan 2021 09:49:10 GMT
server: nginx/1.12.1
age: 289
etag: "60055996-1c4"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 452
x-amz-cf-id: e08frvxbYgYJ1JAdaMhcz-6FEZONwXvoxPMkR1t16l22ZTL1M0Xwtg==
expires: Sun, 28 Feb 2021 04:34:51 GMT

GET
H2 200 mv.html Show response
img.scupio.com/html/ Frame 3767 67 KB
21 KB 27ms
27ms Document
text/html 65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/mv.html?v=1.0.76
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 43117f501d26cd0d4a90b49a92cde44257b11372b953b6374d7e857f52b662fd

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/mv.html?v=1.0.76
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/p/o8mvnb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.plurk.com/p/o8mvnb

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Fri, 11 Dec 2020 01:26:18 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 28 Feb 2021 01:27:16 GMT
expires: Sun, 28 Feb 2021 01:35:49 GMT
cache-control: max-age=1500
etag: W/"5fd2caba-10ca4"
x-cache: Hit from cloudfront
via: 1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: W3p7C3X_4SGyJT18OAYtjKkmg5K3onTqJFWjzMnvuXsWw8w2oEzdnA==
age: 1732

GET
H2 200 d236fd746e000431a8e2c6bc787ee7c5.gif
s.plurk.com/ 34 KB
35 KB 16ms
16ms Image
image/gif 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.plurk.com/d236fd746e000431a8e2c6bc787ee7c5.gif
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af9c36eb65ef1ee2bd3b895ab1295065f7c43f07fceac8e7d8c076a0058325c7

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:41 GMT
cf-cache-status: HIT
age: 678359
cf-ray: 62866ee69f7d6389-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35115
x-amz-id-2: 7wM2ey66q4T1sIPDTz0QKtaAr7g18lnyaC3rYFQgNuC7MPWg6IxeHzrt27ldP4pylDjmB4wGfjk=
last-modified: Tue, 15 Dec 2020 07:16:12 GMT
server: cloudflare
etag: "d236fd746e000431a8e2c6bc787ee7c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 07A19F6709FF1831
cache-control: public, max-age=155520000
cf-request-id: 0887e3a41f000063895c853000000001
accept-ranges: bytes
content-type: image/gif
expires: Mon, 02 Feb 2026 01:39:41 GMT

POST
H2 200 get Show response
www.plurk.com/Responses/ 104 B
344 B 129ms
128ms XHR
application/json 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plurk.com/Responses/get
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949

Request headers

Accept: */*
Referer: https://www.plurk.com/p/o8mvnb
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-request-id: 0887e3a430000063895fa1e000000001
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
date: Sun, 28 Feb 2021 01:39:41 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
cf-ray: 62866ee6bf816389-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame 3767 85 KB
30 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206636
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 16:15:45 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 3767 212 KB
77 KB 27ms
27ms Script
application/javascript 65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 8e19184c4a4e60583340f58f787efe8eccd66f0fc60d1f1d83f93fee4638226b

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:38:19 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 01:52:53 GMT
server: nginx/1.12.1
age: 165
etag: W/"5fd2d0f5-3502a"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: KS6e0jtpGQCETi94qdyyopl8Rkx91KX1iZ2rYzJ9WTtQtKxWa_sqZg==
via: 1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
expires: Sun, 28 Feb 2021 07:36:55 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
344 B 16ms
15ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-53436-7&cid=1144627910.1614476381&jid=1268974993&_u=IEBAAEAAAAAAAC~&z=1420294299

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 01:39:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 36ms
18ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-53436-7&cid=1144627910.1614476381&jid=1268974993&_u=IEBAAEAAAAAAAC~&z=1420294299

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 01:39:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 65ms
22ms Other
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1668
date: Sun, 28 Feb 2021 01:39:41 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3767
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=26L4tHxuSDMybHVjd3dDTFI2Z21BTG5oaGJXQ3VrKzFlRm5CdzhUdnBFc2R3ZXZ3aWtqMjhKUll6MFhxVExrSHFSWjhGNHg1QmJkMUhvNkZwYVRmNi91TUtBRDVkSjZqSzZMRlF5elRZdHV2dEZxZGFaaFhRZ0lnaUN3U3...

352 B
633 B

94ms
32ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=26L4tHxuSDMybHVjd3dDTFI2Z21BTG5oaGJXQ3VrKzFlRm5CdzhUdnBFc2R3ZXZ3aWtqMjhKUll6MFhxVExrSHFSWjhGNHg1QmJkMUhvNkZwYVRmNi91TUtBRDVkSjZqSzZMRlF5elRZdHV2dEZxZGFaaFhRZ0lnaUN3U3o4dVZVZm5wbU5ycnVIYVpVTkFDaWV6d0psNjF6WW9FcWx5YWNCWUZPVFE4VWNVMkdDWDB0a2kvRU1TOGcxMU5oWHZhOE01UXI2NFdyTU50cm5Sckc3L0c2c2hqSnVqUGF2MWQ3eTFMdisrN2ZwSXI0N1ZJPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

13ea1dad23d6c81d414b13ef4972c6c85a69e08964df7ecceb4dad85924408fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 28 Feb 2021 01:39:41 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2334
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 28 Feb 2021 01:39:40 GMT
location: https://mug.criteo.com/sid?cpp=26L4tHxuSDMybHVjd3dDTFI2Z21BTG5oaGJXQ3VrKzFlRm5CdzhUdnBFc2R3ZXZ3aWtqMjhKUll6MFhxVExrSHFSWjhGNHg1QmJkMUhvNkZwYVRmNi91TUtBRDVkSjZqSzZMRlF5elRZdHV2dEZxZGFaaFhRZ0lnaUN3U3o4dVZVZm5wbU5ycnVIYVpVTkFDaWV6d0psNjF6WW9FcWx5YWNCWUZPVFE4VWNVMkdDWDB0a2kvRU1TOGcxMU5oWHZhOE01UXI2NFdyTU50cm5Sckc3L0c2c2hqSnVqUGF2MWQ3eTFMdisrN2ZwSXI0N1ZJPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2621
content-length: 482
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3767 0
144 B 49ms
15ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.19.0-pre&cb=970753502
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 28 Feb 2021 01:39:41 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 3767 0
323 B 479ms
156ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7844B6A6EAE2406AB34AB2A734EE&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&fp=undefined&host=img.scupio.com&u=https%3A%2F%2Fwww.plurk.com%2Fp%2Fo8mvnb&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=bf1efc6c-372a-44f1-9cd0-1ca2f72548ab&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 28 Feb 2021 01:39:41 GMT
access-control-allow-credentials: true
connection: close

POST bid
ad2.apx.appier.net/v1/prebid/ Frame 3767 0
0

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 3767 0
285 B 1414ms
287ms XHR
text/html 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.86172671142637
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.59.219.34 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Feb 2021 01:39:42 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 3767 0
176 B 499ms
167ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 28 Feb 2021 01:39:41 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK videoad.aspx Show response
bw.scupio.com/adpinline/ Frame 3767 74 B
958 B 1408ms
542ms XHR
text/xml 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/videoad.aspx?cb=0.580517565123142
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d

Request headers

Accept: */*
Referer: https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 28 Feb 2021 01:39:41 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 185

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 96ms
31ms Other
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 975
date: Sun, 28 Feb 2021 01:39:40 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3-Q050 200 container.html Show response
013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 6660 6 KB
3 KB 33ms
20ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/p/o8mvnb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.plurk.com/p/o8mvnb

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 28 Feb 2021 01:39:41 GMT
expires: Mon, 28 Feb 2022 01:39:41 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sun, 28 Feb 2021 01:39:41 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 36ms
17ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75837f87b0d5f3b1405b71701c113366be526353bba3624bcdb99117b760ed65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 01:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6393
x-xss-protection: 0

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/ Frame 7C63 104 KB
22 KB 34ms
21ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5691463091f8b672bb19a3001ad5d5f107097874d6010f8b8dce81ecfd63c91

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/10632268624349161646/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 26 Feb 2021 04:43:35 GMT
expires: Sat, 26 Feb 2022 04:43:35 GMT
last-modified: Fri, 29 Jan 2021 14:45:29 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 21111
age: 161766
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6660 0
0 58ms
58ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C36peXfQ6YPGsDa_d7_UP-siUmAHFvqLKYdOl9aOODdrZHhABIPSXgjVgkYSThfwXoAHGo4iDAsgBCakCHs_zo0dBtD7gAgCoAwHIAwiqBN0BT9AqVWwnNuMKOylnkn5qkAgSaQ5OA8H2iBF-pwREmfwYtWLPjr1QlNkIbDOWOOKZ0gERVxKP4Nlkrgx6Ff_G-umda4qW7CcxxSh6rKM69lD9JaUcPWlTrT-b71imawUAetkysI5uQ413HzGBK55tFBeQk7_lBVUQpSknI-jQbiTbHDsJsFQ-rVXeI5GsfXgk-Db51ammHTS8FdRmqnfC1mmMFWKrsgG2z1JB1yUmnxP7bKnQzGKS1dDMEwInkR4zydedFThp9on-nMQKSs5ablnbpiZVX1xq4DhI1_vABNGRjOC6A-AEAZIFBAgEGAGSBQQIBRgEoAYugAei3Pf8AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCO9QLSCAkIgOGAUBABGB2ACgPICwHYEw2yFxoKGAgAEhRwdWItNDEyNDk2OTI5MDEwOTM2MA&sigh=nowL7l8ce94&template_id=419&tpd=AGWhJmsBB9UFslEfSieG7Jgw7ntYd_773dYM6_D33P8RQCf1dQ
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 6660 18 KB
8 KB 31ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 01:17:20 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 6660 3 KB
2 KB 31ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 01:24:45 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6660 107 KB
33 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Sun, 28 Feb 2021 01:39:41 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 6660 14 KB
6 KB 35ms
25ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 01:39:34 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 6660 0
0 13ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLBja20Khg9Q4lyZqDV_3wePX5wfThRibb9KBptWegOdRPitoHbYjwmuT0Pj-zudVaefBG
Requested by: Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
32ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 28 Feb 2021 01:39:41 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2224 143 B
430 B 24ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 28 Feb 2021 00:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3497
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6660 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00b47a03581bb0bca92448936ff4894eda7dce3a072ef9265b772742a27edf49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 7C63 2 KB
573 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow+Condensed:800,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c1635a4ccff834ea77c835f6982c3f93f4bd91e04b4dc0d6d4eef1865448d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 00:39:30 GMT
server: ESF
date: Sun, 28 Feb 2021 01:39:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Feb 2021 01:39:41 GMT

GET
H3-Q050 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7C63 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 04:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 28 Feb 2021 04:25:41 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7C63 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 28 Feb 2021 12:41:54 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame C53E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/p/o8mvnb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.plurk.com/p/o8mvnb

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 28 Feb 2021 00:42:46 GMT
expires: Mon, 28 Feb 2022 00:42:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3415
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B47b1z3bWuYMBYro.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ Frame 7C63 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B47b1z3bWuYMBYro.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:800,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73f055ea6bb30904f982239d5dcb4814f72e19f58cbc1e46e50e71fe8336f97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Barlow+Condensed:800,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 05:58:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:40 GMT
server: sffe
age: 243677
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
expires: Fri, 25 Feb 2022 05:58:24 GMT

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuYMBYro.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ Frame 7C63 13 KB
13 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuYMBYro.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Condensed:800,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca2992d354532013b78f5db40ac0f65a9f6fb83343b43a7cbb066cc52c9b24c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Barlow+Condensed:800,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 08:20:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:14 GMT
server: sffe
age: 235124
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13320
x-xss-protection: 0
expires: Fri, 25 Feb 2022 08:20:57 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2224
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
496 B

40ms
27ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmwXtK0vzTZotq59wrG1dktlaeS2_QU1hyMsdK85nfxBSs7NSOMUNPNs1kMU2Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 28 Feb 2021 01:39:41 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 28-Feb-2021 02:39:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Feb 2021 01:39:41 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 28 Feb 2021 01:39:41 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js Show response
pagead2.googlesyndication.com/bg/ Frame C53E 14 KB
6 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 20:36:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 104568
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6212
x-xss-protection: 0
expires: Sat, 26 Feb 2022 20:36:53 GMT

GET
H3-Q050 200 button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/ Frame 7C63 5 KB
7 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/button.png

Requested by

Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99548e38930ef936243560c42de6b9a3916c96aab218755bad6cf07a6633f60a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 153570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5613
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 14:45:29 GMT
server: sffe
date: Fri, 26 Feb 2021 07:00:11 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 07:00:11 GMT

GET
H3-Q050 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/ Frame 7C63 14 KB
14 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/logo.png

Requested by

Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e625fdbf85a87c609a27792b0a399c27242d09303f9626ec75535e80b6e7e779

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 153570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14737
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 14:45:29 GMT
server: sffe
date: Fri, 26 Feb 2021 07:00:11 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 07:00:11 GMT

GET
H3-Q050 200 shape.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/ Frame 7C63 5 KB
6 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/shape.png

Requested by

Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36a7965b79bb7ebc1c5fa62baa58a99262dda1d30dbc4fc4d2f24d0d0ed9f4a1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 194220
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5624
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 14:45:29 GMT
server: sffe
date: Thu, 25 Feb 2021 19:42:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 19:42:41 GMT

GET
H3-Q050 200 background.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/ Frame 7C63 49 KB
49 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10632268624349161646/background.jpg

Requested by

Host: 013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
URL: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81cc04aaaef4074be8556715c80fefc74a8de57c1487a08e9a8b99a7a69f98da

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 194220
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49748
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 14:45:29 GMT
server: sffe
date: Thu, 25 Feb 2021 19:42:41 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 19:42:41 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 40ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=3068002578743198&bg=!IiGlIWLNAAXB_3NtwTsAKQB2-DxaNYbFte7A-SO7njwbmmc9E6FUP3xHkdQOuhHoS4wwK2C4619dAgAAAGRSAAAACWgBBwoAZyFNY52L3aoc3z5Z3bNq1St98T5QI5p3jzxb5qU-ypAMGwy95_MatADogA-TajbhAP0No-U5yyp368R4WQNwoU3fL2ARsKTjjIhQDQhELjWd7dLwNHvuayfDc7YHbv1GtJWAOiY1lEOZAdNiR_Dpaf05poJkm8Hpg6xtp320d4Q0s5GuiPHTPSX5CY0fYnylIOXUJmqTzEFedsNMfzjrfT0Q_DO0KKIo-uHM99Sxdm1JVst70R3vk_MkRmYgt9vDjbV1FoR0wVJLVX-tIIEeN2rD4g6PrAXxzQ2FDrjCmMz49sjwm4Fc_fu1ScfNDZlIY5uChzaIwD9mVmO_qq_dGi4V8CGaGWmcUCN04PZKdVEPbEQTRgch-klOMe3rvxdWjs2VGjk2-YoY7zH4gLCOseDcxjFenjvdIpptq23Jn2Qhdg4hOEFXa8ceYfTjhcDZlkrmpEIWMOn7fMEtb7Myc-hz377-7EfDdHfTSo8kaVKscXzEreNT2JIQDdoX1hkFiBP8ciH8r8LJc7oDvbqU3tqT1y1L27-95HsNy_4jonO7iwsLaWYNS_Y7HH2O2B1hoX5_t4N1MaUHjWvmF2eizPJYFqJwPmocZ79plg0QIgk-AVIjIskCRz0N5EOKP_V3GKDxDpzH8tPRf6yLhms5pNaGTAK4HDoHzAgqTJUlPqaJS_D97WOB3-QDTf7bO2GeDQoBX9MJPLGWwuHCPpl2mTdzZLjIertdh3GZ_M8lhF_eMabP9fF3_AKnKX2cwg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 01:39:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6660 42 B
479 B 68ms
55ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8tJhXjIVp1x1AGuosayPcVujwrRhb3hFR4wI6Q32rDPZ84elBv8mQne-cLkV3y-RLtnXIkY7HHhL-pToujR99ZrrwyfK4hzAnD77F97Pm9WjvoBzKEsRm6Vfl9A&sai=AMfl-YTwqsJlsMyawXFEILNAV6wxIrA1Wx1x7QrSmPQ4pMMK5WkEpB3udvqllBjthSMdQ7XRBtc0F5GM2hzXSAk59K_2dmQEhffJNQLTAKqxyyuIe8DtoRVpdJKk9tiFPwc&sig=Cg0ArKJSzCfWdns1pKBUEAE&cid=CAASPeRovYPhUisWO9MrgHVV6WP8pkk44fLsINdgrAhPeojjTaeWnhVK3RSDfottvHIPfp39xQqGO180IY3wWkU&id=osdim&mcvt=1006&p=102,1005,352,1305&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210226&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2862190043&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614476381531&dlt=33&rpt=133&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 01:39:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13567.json Show response
img.scupio.com/js/config/ 373 B
766 B 25ms
25ms XHR
application/json 65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/13567.json?v=1.0.3791
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: e64b0a3cc7e978d8c8aa4446ced6206f7d89608c71ca671f90d5b5292fa7bb74

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.plurk.com/p/o8mvnb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 28 Feb 2021 01:37:20 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jan 2021 09:49:11 GMT
server: nginx/1.12.1
age: 143
etag: "60055997-175"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 373
x-amz-cf-id: ix-F3VdORk3n-izldBMboHK_uhRx-KHnA1ZJ-4DLYpV2pEFMMoGMZw==
expires: Sun, 28 Feb 2021 04:37:20 GMT

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 9B2D 35 KB
13 KB 23ms
23ms Document
text/html 65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.49
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 1dd36c260f8851b86109b7aae20291cfdcd7b1abc22c3cae9837ffa76e19fc90

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ad.html?v=1.0.49
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/p/o8mvnb
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CUA20210228093942246814
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.plurk.com/p/o8mvnb

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Wed, 17 Feb 2021 01:38:02 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 28 Feb 2021 00:40:56 GMT
expires: Sun, 28 Feb 2021 06:31:05 GMT
cache-control: max-age=21600
etag: W/"602c737a-8b05"
x-cache: Hit from cloudfront
via: 1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: bTcPb3xE_DNTdMVs1a-4rWdy6R5fjixJge4PrkWDF5mF98mN3hnldg==
age: 4118

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 9B2D 95 KB
34 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 15:52:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35233
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 15:52:30 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 9B2D 212 KB
77 KB 23ms
23ms Script
application/javascript 65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 8e19184c4a4e60583340f58f787efe8eccd66f0fc60d1f1d83f93fee4638226b

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:38:19 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 01:52:53 GMT
server: nginx/1.12.1
age: 167
etag: W/"5fd2d0f5-3502a"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: JQ_sMwTTIwt_ksL5CCQ5-B4_CmtqsH2y4jYunvIjRy9-c9T3V23DFg==
via: 1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
expires: Sun, 28 Feb 2021 07:36:55 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 22ms
22ms Other
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1548
date: Sun, 28 Feb 2021 01:39:42 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9B2D
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=V-PYtXxyVWY4U2h2RlhWRHNzNUVEZ1ZtZkVJU3NMVWZtNDVYNldDVk5JZEFmOTNUMXJ0R3BGWXBmVFhXbDdLSFVCZU13eEpxdEpOZE9YMWE5dGlBYnRJVlRxbzhQaTRNbG5sc0pDM0s1NUFzcXFjRFNWMjJIamtUazdWbE...

347 B
628 B

32ms
32ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=V-PYtXxyVWY4U2h2RlhWRHNzNUVEZ1ZtZkVJU3NMVWZtNDVYNldDVk5JZEFmOTNUMXJ0R3BGWXBmVFhXbDdLSFVCZU13eEpxdEpOZE9YMWE5dGlBYnRJVlRxbzhQaTRNbG5sc0pDM0s1NUFzcXFjRFNWMjJIamtUazdWbEcrdU45aHVWWmU0U0wzQXpjdmJUTno3UFA4Um1mY1Q2WlZJMGY2OXlib3Eyd3dCRTlDRDhsOWlXSWdQdHZKVzZxZ2JwN2ZRTXRFZXNYa1JpWC85WmlhR0J6ZWJxSThBMXo4c2dkVHpTdTJXdmtmV0lyMHRrPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9277fe33d0163e6647a4946802a7fef0df0cf270f496e33df3a6b74668cd4f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 28 Feb 2021 01:39:43 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2399
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 28 Feb 2021 01:39:42 GMT
location: https://mug.criteo.com/sid?cpp=V-PYtXxyVWY4U2h2RlhWRHNzNUVEZ1ZtZkVJU3NMVWZtNDVYNldDVk5JZEFmOTNUMXJ0R3BGWXBmVFhXbDdLSFVCZU13eEpxdEpOZE9YMWE5dGlBYnRJVlRxbzhQaTRNbG5sc0pDM0s1NUFzcXFjRFNWMjJIamtUazdWbEcrdU45aHVWWmU0U0wzQXpjdmJUTno3UFA4Um1mY1Q2WlZJMGY2OXlib3Eyd3dCRTlDRDhsOWlXSWdQdHZKVzZxZ2JwN2ZRTXRFZXNYa1JpWC85WmlhR0J6ZWJxSThBMXo4c2dkVHpTdTJXdmtmV0lyMHRrPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3441
content-length: 482
expires: 0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 9B2D 0
323 B 362ms
152ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7BE8827732D680EA64BB3A493A78B&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&fp=undefined&host=img.scupio.com&u=https%3A%2F%2Fwww.plurk.com%2Fp%2Fo8mvnb&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=405714e3-c8c4-40ac-9d47-e8f52a2bc06b&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 28 Feb 2021 01:39:43 GMT
access-control-allow-credentials: true
connection: close

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 9B2D 0
144 B 16ms
15ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.19.0-pre&cb=7341628051
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 28 Feb 2021 01:39:42 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 9B2D 0
285 B 288ms
288ms XHR
text/html 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7119674194047221
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.59.219.34 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 28 Feb 2021 01:39:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 9B2D 0
176 B 169ms
169ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 28 Feb 2021 01:39:43 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 33ms
33ms Other
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1017
date: Sun, 28 Feb 2021 01:39:42 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 3767 80 KB
26 KB 66ms
23ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 01 Mar 2021 01:39:43 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 49B7 0
150 B 23ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.plurk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.plurk.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/html/mv.html?v=1.0.76
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://img.scupio.com/html/mv.html?v=1.0.76

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 2561
date: Sun, 28 Feb 2021 01:39:43 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 3767 80 KB
26 KB 82ms
40ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 01 Mar 2021 01:39:43 GMT

GET
H2 200 adsbyscupio.js Show response
img.scupio.com/js/ Frame 7321 4 KB
2 KB 23ms
23ms Script
application/javascript 65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/adsbyscupio.js?v=1.0.1
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 63f6cb1eb8c506a22e6b2d69d451a96962244596f3683db0035b8741544d6db9

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:38:07 GMT
content-encoding: gzip
last-modified: Fri, 13 Nov 2020 07:36:55 GMT
server: nginx/1.12.1
age: 166
etag: W/"5fae3797-1115"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: QD0O1Tmm6AOMFD187Wb_4EHgNY1j_Qn_mXoYHFfRUCTI_C8uHhx2IA==
via: 1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
expires: Sun, 28 Feb 2021 04:36:57 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 9B2D 2 KB
2 KB 286ms
286ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.3005117855605819
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 92b96b4c22a94cd0c3f2c3d0b1211cb42839cbf99a9d7815e3fbd199b4795c32

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 28 Feb 2021 01:39:42 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 1470

GET
H2 200 970x250.png
img.scupio.com/img/2011_gym/ Frame 7321 86 KB
86 KB 24ms
23ms Image
image/png 65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/img/2011_gym/970x250.png
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:11:39 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
last-modified: Fri, 13 Nov 2020 07:26:05 GMT
server: nginx/1.12.1
age: 3353
etag: "5fae350d-156c7"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 87751
x-amz-cf-id: ntTSwTTVsNUHgP-HWwU3rW13nIciSHGWv-ejwS1BN_RFgkzVwFh7tA==
expires: Mon, 28 Feb 2022 00:43:50 GMT

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame F066 1 KB
1 KB 22ms
22ms Document
text/html 65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/html/ad.html?v=1.0.49
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CUA20210228093942246814; gx=H4sIAN9kO2AA%2fxNmYGDg4uY4MnvO9B9P1loKsAqxcNgLMAEAwLhnZxcAAAA%3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://img.scupio.com/html/ad.html?v=1.0.49

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 28 Feb 2021 01:16:56 GMT
expires: Sun, 07 Mar 2021 01:03:13 GMT
cache-control: max-age=604800
etag: W/"583295c9-4dc"
x-cache: Hit from cloudfront
via: 1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: sqik0FSqUq1zwlwE3oS8sVhA6AbBijVC6v5RnNIkq9jigSASL-67Dg==
age: 2190

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 9D1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1VBMjAyMTAyMjgwOTM5NDIyNDY4MTQ%3d&layout=js
https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q1VBMjAyMTAyMjgwOTM5NDIyNDY4MTQ%3D&layout=js&google_tc=
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEMhqdaO58J7YN-saPppgWU&google_cver=1&google_ula=3918219,0

0
551 B

1152ms
286ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEMhqdaO58J7YN-saPppgWU&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 01:39:44 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 01:39:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEEMhqdaO58J7YN-saPppgWU&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C6B4
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

291 B
559 B

69ms
22ms

Document
text/html

104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o8mvnb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://img.scupio.com/html/ad.html?v=1.0.49
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://img.scupio.com/html/ad.html?v=1.0.49

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Feb 2021 01:39:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date: Sun, 28 Feb 2021 01:39:43 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
www.facebook.com/tr/ Frame 9D1C 44 B
411 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.49&rl=&if=true&ts=1614476383760&cd[SBST]=25&cd[PuID]=plurk

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 28 Feb 2021 01:39:43 GMT

GET
H/1.1

200
OK

uxid.aspx
rec.scupio.com/recweb/ Frame 9D1C
Redirect Chain

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CUA20210228093942246814
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

35 B
581 B

1069ms
286ms

Image
image/gif

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.49
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 01:39:44 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: image/gif
Content-Length: 35

Redirect headers

Location: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Date: Sun, 28 Feb 2021 01:39:44 GMT
Connection: close
Content-Length: 71
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 9B2D 80 KB
26 KB 29ms
29ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 01 Mar 2021 01:39:43 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C6B4 31 KB
10 KB 24ms
24ms Script
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d1cc76a2ebad3324904785be3e4585b00f59a8b4c7b54b38736c64df07ee816b

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 01:39:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=26340
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9308
Expires: Sun, 28 Feb 2021 08:58:43 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C6B4 284 B
536 B 90ms
22ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E7F4 0
150 B 22ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.plurk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.plurk.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/html/ad.html?v=1.0.49
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://img.scupio.com/html/ad.html?v=1.0.49

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1630
date: Sun, 28 Feb 2021 01:39:43 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 9B2D 80 KB
26 KB 23ms
23ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 01:39:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 01 Mar 2021 01:39:43 GMT

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 3767 35 B
266 B 328ms
110ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.76
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 01:39:46 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 9B2D 35 B
266 B 312ms
106ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 01:39:46 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/v1/prebid/bid

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.plurk.com/	1970-01-19 16:27:56	Name: _gat Value: 1
.plurk.com/	1970-01-19 16:29:22	Name: _gid Value: GA1.2.42440168.1614476381
.plurk.com/	1970-01-20 09:59:08	Name: _ga Value: GA1.2.1144627910.1614476381
.plurk.com/	1970-01-19 16:49:32	Name: plurkcookiea Value: "CPAHQhFGIeiDU5SjuPmjW4jdNJUOMDDcemyJjJPDXAs=?from_url=Ii9wL284bXZuYiI=&invitation_from_uid=MTQ4MDc2MzQ="
.plurk.com/	1970-01-19 17:11:08	Name: __cfduid Value: d590ef1591844f32e7e7c6393645c62ea1614476380

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

013d20cafb3d4f3ad1f5617a55ef72b9.safeframe.googlesyndication.com
ad2.apx.appier.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.plurk.com
avatars.plurk.com
bidder.criteo.com
bw.scupio.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
img.scupio.com
imgs.plurk.com
mug.criteo.com
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
rec.scupio.com
s.plurk.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync.aralego.com
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.plurk.com
ad2.apx.appier.net
103.132.192.30
104.108.50.124
142.250.186.162
162.210.196.208
178.250.0.157
178.250.2.131
192.96.200.41
210.59.219.175
210.59.219.180
210.59.219.34
23.37.42.132
2606:4700::6810:125e
2606:4700::6811:4503
2606:4700::6811:4603
2a00:1450:4001:800::200a
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c1b::9b
2a02:2638::1c
2a02:2638::3
2a03:2880:f11c:8183:face:b00c:0:25de
65.9.58.8
69.173.144.165
00b47a03581bb0bca92448936ff4894eda7dce3a072ef9265b772742a27edf49
09bac6502db6900e4dd810ff11d2e2f42ab27678d4a4357571231e5c253612bb
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13ea1dad23d6c81d414b13ef4972c6c85a69e08964df7ecceb4dad85924408fd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1dd36c260f8851b86109b7aae20291cfdcd7b1abc22c3cae9837ffa76e19fc90
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
213b9ca5a900159a345f090a85fc24bed8dac9ed54fb205682469fecb53f12d6
29f5c26b42fdd38a01de8e22676ebfa67d355c2b19f5cd6f9875bfb9b66f6e03
29f62aaef9191b0a89b4c0d23372144b12a2a9deb1decb55de811010d7173bb8
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2c1635a4ccff834ea77c835f6982c3f93f4bd91e04b4dc0d6d4eef1865448d06
2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae
322f42c84834d69d42ae6fbfd7aef8a5fea34b276c95ead7e2cf9a61be64af3a
36a7965b79bb7ebc1c5fa62baa58a99262dda1d30dbc4fc4d2f24d0d0ed9f4a1
43117f501d26cd0d4a90b49a92cde44257b11372b953b6374d7e857f52b662fd
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4ecea5f66a77e522a06bd4b3cfd85f062e99be44ef791cc993dc93291d0d2540
4f027798f9ae37e02c7090a4615c4cc4adf19abd5c272c0be41e0d45f234b697
4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60d22e55e65ef331b71d12b20c42bde842b812d6c90b237dc474361e903b93f0
63f6cb1eb8c506a22e6b2d69d451a96962244596f3683db0035b8741544d6db9
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
70883ab3472861e764e036877549309d461f0458372477c51e2c38c9174947fe
711bba755e57607afd295f3765c46a4926f5bd085f0a810b4c2b8202c1b518a1
73f055ea6bb30904f982239d5dcb4814f72e19f58cbc1e46e50e71fe8336f97c
75837f87b0d5f3b1405b71701c113366be526353bba3624bcdb99117b760ed65
81cc04aaaef4074be8556715c80fefc74a8de57c1487a08e9a8b99a7a69f98da
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f044aeec44b3497674ca623764de3775e6d91b0c5a507417df5441b831237e
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8e19184c4a4e60583340f58f787efe8eccd66f0fc60d1f1d83f93fee4638226b
9277fe33d0163e6647a4946802a7fef0df0cf270f496e33df3a6b74668cd4f9a
92b96b4c22a94cd0c3f2c3d0b1211cb42839cbf99a9d7815e3fbd199b4795c32
938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
99548e38930ef936243560c42de6b9a3916c96aab218755bad6cf07a6633f60a
9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af9c36eb65ef1ee2bd3b895ab1295065f7c43f07fceac8e7d8c076a0058325c7
b31cd448810f1526683422701edfda3fda04e49df1dd22cbc6718867eef7b1c5
baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1
ca2992d354532013b78f5db40ac0f65a9f6fb83343b43a7cbb066cc52c9b24c1
cb619e48590bc0fbbbf1a395d27b74a7669f5c814d0ea4fe1afceebba0c2e630
d13b8f3d3c776c32e06c92aa5974e213eceecd46aaa76cc1a704100b24ec980f
d1cc76a2ebad3324904785be3e4585b00f59a8b4c7b54b38736c64df07ee816b
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e625fdbf85a87c609a27792b0a399c27242d09303f9626ec75535e80b6e7e779
e64b0a3cc7e978d8c8aa4446ced6206f7d89608c71ca671f90d5b5292fa7bb74
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949
f082045e8c9e79cde0bdd8f50065baf1ff6c7bf50626f2800517f05c208d78b1
f5691463091f8b672bb19a3001ad5d5f107097874d6010f8b8dce81ecfd63c91
fc714cd9a5c42c32767304fae88486c755bb74fe192365bf3ba90f75e8754a4b
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

www.plurk.com Open in urlscan Pro 2606:4700::6811:4503 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

104 Requests

99 %HTTPS

61 %IPv6

18 Domains

38 Subdomains

33 IPs

6 Countries

1248 kBTransfer

3227 kBSize

5 Cookies

1 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.plurk.com Open in urlscan Pro
2606:4700::6811:4503 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

99 %
HTTPS

61 %
IPv6

18
Domains

38
Subdomains

33
IPs

6
Countries

1248 kB
Transfer

3227 kB
Size

5
Cookies

104 HTTP transactions
1 data transactions