www.plurk.com Open in urlscan Pro
2606:4700::6811:4603 Public Scan

URL:
https://www.plurk.com/p/of9v6o
Submission: On June 20 via manual (June 20th 2021, 3:45:35 am UTC) from VN

Summary HTTP 112 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 44 IPs in 9 countries across 28 domains to perform 112 HTTP transactions. The main IP is 2606:4700::6811:4603, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.plurk.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 17th 2020. Valid for: 2 years.

This is the only time www.plurk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700::68... 2606:4700::6811:4603	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	65.9.77.82 65.9.77.82	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:4503	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2 6	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.178.71.123 54.178.71.123	16509 (AMAZON-02) (AMAZON-02)
2	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
5 6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1	138.201.84.244 138.201.84.244	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1 6	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
1 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	88.99.70.21 88.99.70.21	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 6	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 2	18.184.169.195 18.184.169.195	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:47fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
112	44

15 2606:4700::6811:4603 (United States)

ASN13335 (CLOUDFLARENET, US)

www.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatars.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgs.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 65.9.77.82 (United States)

ASN16509 (AMAZON-02, US)

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4503 (United States)

ASN13335 (CLOUDFLARENET, US)

s.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.181 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.210.196.208 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.178.71.123 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-71-123.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.180 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.241 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 144.76.238.55 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.70.21 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.21.70.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.59.219.175 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.96.200.41 (United States) 6 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (Dublin, Ireland) 2 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.242.197 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.169.195 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-169-195.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.76.93 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	plurk.com www.plurk.com s.plurk.com avatars.plurk.com imgs.plurk.com assets.plurk.com	267 KB
16	googlesyndication.com 6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	74 KB
15	scupio.com img.scupio.com prebid.scupio.com bw.scupio.com rec.scupio.com	228 KB
13	doubleclick.net 6 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net 5994599.fls.doubleclick.net	137 KB
12	criteo.com 2 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	6 KB
8	aralego.com 6 redirects hb.aralego.com sync.aralego.com	2 KB
7	redintelligence.net 1 redirects hal9000.redintelligence.net hal900021.redintelligence.net	10 KB
4	criteo.net static.criteo.net	107 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	google.com adservice.google.com www.google.com	1 KB
4	cloudflare.com cdnjs.cloudflare.com	54 KB
3	holmesmind.com 1 redirects ad.holmesmind.com c.holmesmind.com	980 B
3	googletagservices.com www.googletagservices.com	88 KB
2	bidswitch.net 2 redirects x.bidswitch.net	363 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com	158 B
2	creativecdn.com prebid-asia.creativecdn.com	352 B
2	google.de adservice.google.de www.google.de	960 B
2	google-analytics.com www.google-analytics.com	19 KB
1	mookie1.com odr.mookie1.com	324 B
1	aralego.net cdn.aralego.net	657 B
1	adsrvr.org match.adsrvr.org Failed	503 B
1	facebook.com www.facebook.com	147 B
1	googleapis.com ajax.googleapis.com	33 KB
1	contentspread.net cdn.contentspread.net	52 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
0	appier.net Failed ad2.apx.appier.net Failed
112	28

	Domain	Requested by
11	s.plurk.com	www.plurk.com s.plurk.com
10	img.scupio.com	www.plurk.com img.scupio.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	sync.aralego.com	6 redirects
6	hal900021.redintelligence.net	1 redirects 6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com hal900021.redintelligence.net
6	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
6	tpc.googlesyndication.com	6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com
6	gum.criteo.com	2 redirects static.criteo.net
4	static.criteo.net	img.scupio.com static.criteo.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	mug.criteo.com
4	cdnjs.cloudflare.com	www.plurk.com
3	assets.plurk.com	cdnjs.cloudflare.com
3	www.googletagservices.com	www.plurk.com securepubads.g.doubleclick.net 6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com
3	www.plurk.com	cdnjs.cloudflare.com static.cloudflareinsights.com
2	c.holmesmind.com	1 redirects
2	x.bidswitch.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	eus.rubiconproject.com	www.plurk.com eus.rubiconproject.com
2	5994599.fls.doubleclick.net	1 redirects www.plurk.com
2	googleads.g.doubleclick.net	6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com www.plurk.com
2	bw.scupio.com	img.scupio.com ajax.googleapis.com
2	bidder.criteo.com	img.scupio.com
2	hb.aralego.com	img.scupio.com
2	prebid.scupio.com	img.scupio.com
2	prebid-asia.creativecdn.com	img.scupio.com
2	www.google.com	www.plurk.com tpc.googlesyndication.com
2	6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.plurk.com www.google-analytics.com
1	odr.mookie1.com
1	cdn.aralego.net
1	token.rubiconproject.com	eus.rubiconproject.com
1	match.adsrvr.org	img.scupio.com
1	www.facebook.com	img.scupio.com
1	secure-assets.rubiconproject.com	1 redirects
1	rec.scupio.com	img.scupio.com
1	ajax.googleapis.com	img.scupio.com
1	cdn.contentspread.net	hal900021.redintelligence.net
1	hal9000.redintelligence.net	6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com
1	ad.holmesmind.com	img.scupio.com
1	www.google.de	www.plurk.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	static.cloudflareinsights.com	www.plurk.com
1	imgs.plurk.com	www.plurk.com
1	avatars.plurk.com	www.plurk.com
0	ad2.apx.appier.net Failed	img.scupio.com
112	50

This site contains links to these domains. Also see Links.

Domain
vlam.vn

Subject Issuer	Validity	Valid
*.plurk.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-17` - `2022-07-16`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2019-10-15` - `2021-10-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
contentspread.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.plurk.com/p/of9v6o
Frame ID: C1CD064A65C15E3BD55C333C01AF8014
Requests: 42 HTTP requests in this frame

Frame: https://img.scupio.com/html/mv.html?v=1.0.91
Frame ID: 1B460E14F6F4B869D2ED6B63BFD897E5
Requests: 15 HTTP requests in this frame

Frame: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7DF8122CB04F362C0656394C3F9AFFA1
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUyWS5DsBGa66sq0Gx1Hvj5LH58VBbPm8Wxz7BOmzAvUHNX0s8qmFWapw4UWKrG2kADyfxQdijzgorJH6sBRhGJcZ_mHXaF-wZ5XDo9Evu9njEpem0RiMYTJwtoj3A6kmY6nPfUHHvU-M38RfbvJGCbIdeiPrD4M_MZ6Mp5LQHcGOknFqg
Frame ID: D270CC5B203BBFF595F133678FB1B274
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 304E8EF10BD7FAF65DFB8D20D0378F54
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: CF2EFF82EA8C47916D80F16AD4761D71
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A02632CC5AB6A3FF3AC5EAF18B5FE3A
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPaT7Y2mpfECFaSK_QcdpjcLUA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7700490991509.656
Frame ID: 9F53F2C79E784B1A4774627D2227AF4B
Requests: 2 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=76138000010686200710616011631021&a=9a920ba2
Frame ID: 471DA7445ED2C5F14654A9AD0B116D8F
Requests: 6 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.56
Frame ID: ECCA59C4D4E3D25EE52AAB4AB4AC1766
Requests: 13 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: D3B9BA29344B2586091FFA7328AAA01A
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHln7I8PakmEpfCaAs4-DMs&google_cver=1&google_ula=3918219,0
Frame ID: 08E02CC30FA8BB2437D33A7ABB47C115
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 32660C3FA1C42BDB51DA763D9048DA5B
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com
Frame ID: 62B004105DB69B5BBFCC703CF194E696
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com
Frame ID: 188F5DBBA0584AEB6505E5F1323607F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

112
Requests

98 %
HTTPS

48 %
IPv6

28
Domains

50
Subdomains

44
IPs

9
Countries

1095 kB
Transfer

2983 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vlam.vn/viec-lam-dong-nai/viec-lam-dong-nai-kcn-nhon-trach-san-xuat-gach-men-cv71
Title: Việc làm Đồng Nai - KCN Nhơn Trạch sản xuất gạch men

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=ZMUFQ3xoV245RkZ0OHdXWjRnbFM0cUUzRG9iS2pNYnJHM0Y2dmVYU1d0bllPZThPVmljcDJHL0JxbWUvOVZSc0dTTnFhaVhWdW9lTUtIZDlBN2NrUHR4TU5pN0pCaVRhWjNxVVNOdU4vU1cyUVFPUzFkSkZrWjlJa2pYSEJ2ZVBLd05KVlg0TEYxc0xYdWt1YXZhZ0FWQTMrWFMvMlFWeWc2Z2hsUGlRdmxBZlFyL3FJMzNaVS8zRmYvQVJ6UG5PNUdUVURzWG9zeUloYzlqUkU0cStXVE4xaWR5TWlNWjNqM2FnejBWMm4wZEZBZUs0PXw&cppv=2

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3MNJJTLHt7jXwJeb-NKn0&google_cver=1

Request Chain 60

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YM65vtXhR5aGs.BIuhlOcgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBZcpxkvCO_Pth-va8c236I&google_cver=1&google_hm=2

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOVcUAlHzlhrCffqy6tuQ_c&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOVcUAlHzlhrCffqy6tuQ_c%26google_cver%3D1

Request Chain 62

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk2OTkxMDQ4Mjk0MTM1OTAw

Request Chain 71

https://hal900021.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=9cd0b84f12&subid=&uid=f1bbb2b8959271cc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEsBNvbnOYJmuMvbM7_UPvNix0Au1zfmDV8zeuavlDPAuEAEg9JeCNWCVgoCAsAfIAQmpAuIHYv5257M-qAMBqgTbAU_QPgN_JRZ5AmNn8JHZRSBxifIJZJQdKZK6J_bgndB49Fa8tFVnaQRukVmrA1H01hlGPtoOx_aqdj4WzKGdGdwDjDGHlRyBent7-GpJohLgJobI1JrXhz3_OCSx0-KESQvJ3zpWPGoXoYsfztq8O1iFwR8EsVfN1WnP7abJ8G76DfG4cEiYQs25WysB9JYmd1XHdKThefa1uS_sblrvJlUxmk4AA1-IkhiQwi1jBE3nZy_iURHUHqqQPh51P3o9Q-xhdfL9g3IFXvvbHk-h9bcfXv9Q7UiuFQUT1cAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRof0_3jDj8fe-bHU4rSEQ5LxHrxA%26sig%3DAOD64_1u5MmFcHjwZ1b47VIgd1JZYtheJA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-AX6ZmABtVcLjNflDnbnGDl6ODPq1KIzg9k3eQapeX6dMCdPN_ULMGirrgaIpz0zUWC6lAa5HoUHN7vuUewRSw_dwe2XNgSkW7iMPTWrWVZPS_zCHGDgzUEh02-EpXCvHd2hon4I5ehKeDYSk-uC3pUMGoxsg%26cry%3D1%26dbm_d%3DAKAmf-C8Sq_BMbkOWgj3n88gz3wHsz63-h0lY4vxYoc7dyKdswZXuito3h_ePVF0ZG6dZc1qTEpMj4m90fBdEZ5eG81J0MDrApIN41ngos6PQnfssjk2ZZJGGz0TcHlXTmsM62pBP0XULCxa_coppVG0V-IkiUlqyMh6vPGxB2CTtZfg2t9b11EBroTrfpZDoLkBGb-RUAaio6c71PFhYylGG5TUKnNSul6ky8zbK7yz4B1vk8BJjEoXVwI2NCtMMdkXka6cqSqXaezRNIlHd1RA98P7HLpmNANEcW42LeiFUTRawpe4rfMfk8UMprFjqr3bye4yDL4pWWjNDu3fKe-h10mrwolxPYLi3qJfBoB8zmO9N1LMqc4GCvPUOiQK4GN6NURLyHdizPBAxKysLZSQgkf2T9eJxC-LhO6qSrj_vW_nMwG11j0a1zK1lb-zf5xina7EEuFAomz_RLStEKOQtwZMnVV_ig%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=7574860821046&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal900021.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=9cd0b84f12&subid=&uid=f1bbb2b8959271cc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEsBNvbnOYJmuMvbM7_UPvNix0Au1zfmDV8zeuavlDPAuEAEg9JeCNWCVgoCAsAfIAQmpAuIHYv5257M-qAMBqgTbAU_QPgN_JRZ5AmNn8JHZRSBxifIJZJQdKZK6J_bgndB49Fa8tFVnaQRukVmrA1H01hlGPtoOx_aqdj4WzKGdGdwDjDGHlRyBent7-GpJohLgJobI1JrXhz3_OCSx0-KESQvJ3zpWPGoXoYsfztq8O1iFwR8EsVfN1WnP7abJ8G76DfG4cEiYQs25WysB9JYmd1XHdKThefa1uS_sblrvJlUxmk4AA1-IkhiQwi1jBE3nZy_iURHUHqqQPh51P3o9Q-xhdfL9g3IFXvvbHk-h9bcfXv9Q7UiuFQUT1cAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRof0_3jDj8fe-bHU4rSEQ5LxHrxA%26sig%3DAOD64_1u5MmFcHjwZ1b47VIgd1JZYtheJA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-AX6ZmABtVcLjNflDnbnGDl6ODPq1KIzg9k3eQapeX6dMCdPN_ULMGirrgaIpz0zUWC6lAa5HoUHN7vuUewRSw_dwe2XNgSkW7iMPTWrWVZPS_zCHGDgzUEh02-EpXCvHd2hon4I5ehKeDYSk-uC3pUMGoxsg%26cry%3D1%26dbm_d%3DAKAmf-C8Sq_BMbkOWgj3n88gz3wHsz63-h0lY4vxYoc7dyKdswZXuito3h_ePVF0ZG6dZc1qTEpMj4m90fBdEZ5eG81J0MDrApIN41ngos6PQnfssjk2ZZJGGz0TcHlXTmsM62pBP0XULCxa_coppVG0V-IkiUlqyMh6vPGxB2CTtZfg2t9b11EBroTrfpZDoLkBGb-RUAaio6c71PFhYylGG5TUKnNSul6ky8zbK7yz4B1vk8BJjEoXVwI2NCtMMdkXka6cqSqXaezRNIlHd1RA98P7HLpmNANEcW42LeiFUTRawpe4rfMfk8UMprFjqr3bye4yDL4pWWjNDu3fKe-h10mrwolxPYLi3qJfBoB8zmO9N1LMqc4GCvPUOiQK4GN6NURLyHdizPBAxKysLZSQgkf2T9eJxC-LhO6qSrj_vW_nMwG11j0a1zK1lb-zf5xina7EEuFAomz_RLStEKOQtwZMnVV_ig%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=7574860821046&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 72

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7700490991509.656 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPaT7Y2mpfECFaSK_QcdpjcLUA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7700490991509.656

Request Chain 87

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=bZiyy3xwa3ZCRWJTZ21PZDRTcE8wZ3VSdnMzMm1OV1ZCTFhzQWdWWGRSS1BQQk1KdnRrOVdGR3dZZFVxMm4wZUF3OHA0aVBjUWxVUUUyaEtIY1Zrd3Jqc0krOFZzbGZvN1A3cVNqS0FPVjlhQmc2dUtrQktNd2Z5ZXJJbDFqQmNkbWJVQkRxcm02M3RSaEtOb2VQazlGTDVqcUM5TlRJVlZqNExtTlZDL2F3ZzVsVHF4QnBTK2hJazZQUHVrVFVFZkppd3lHWEZBcWpZNGQvS0RGUE5PNFNSaGlCNW0vNTFodGFWU3daZXE5Y0tibmlvPXw&cppv=2

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q05BMjAyMTA2MjAxMTQ1MDI4NDYyNjk%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHln7I8PakmEpfCaAs4-DMs&google_cver=1&google_ula=3918219,0

Request Chain 98

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 100

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CNA20210620114502846269 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/048ec115-40fd-4d55-af25-e09a83965930?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xgmkY8NE2oXQpGnP2cpmd6WYJL_WNXMOfIT6VA0-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=0d8b1095-b153-4231-b5e5-697854a11451 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/7c15eed3-bd32-33a5-aeff-86a52f3a1b90?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xgmkY8NE2oXQpGnP2cpmd6WYJL_WNXMOfIT6VA0-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=0d8b1095-b153-4231-b5e5-697854a11451 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/7c15eed3-bd32-33a5-aeff-86a52f3a1b90?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xgmkY8NE2oXQpGnP2cpmd6WYJL_WNXMOfIT6VA0-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=0d8b1095-b153-4231-b5e5-697854a11451 HTTP 302
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=7c15eed3-bd32-33a5-aeff-86a52f3a1b90&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=7c15eed3-bd32-33a5-aeff-86a52f3a1b90&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=dc4f303e-f949-46a3-9808-28d7793883b7&google_hm=ZGM0ZjMwM2UtZjk0OS00NmEzLTk4MDgtMjhkNzc5Mzg4M2I3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=ucfunnel&bsw_param=dc4f303e-f949-46a3-9808-28d7793883b7&google_hm=ZGM0ZjMwM2UtZjk0OS00NmEzLTk4MDgtMjhkNzc5Mzg4M2I3&google_tc= HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFY-P2N9D4dfggze8CY9qxE&google_cver=1&ssp=ucfunnel&bsw_param=dc4f303e-f949-46a3-9808-28d7793883b7 HTTP 302
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=dc4f303e-f949-46a3-9808-28d7793883b7 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 109

https://sync.aralego.com/idSync HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/7c15eed3-bd32-33a5-aeff-86a52f3a1b90?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xgmkY8NE2oXQpGnP2cpmd6WYJL_WNXMOfIT6VA0-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=0d8b1095-b153-4231-b5e5-697854a11451 HTTP 302
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=7c15eed3-bd32-33a5-aeff-86a52f3a1b90&gdpr=0&gdpr_consent= HTTP 302
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=dc4f303e-f949-46a3-9808-28d7793883b7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=N2MxNWVlZDMtYmQzMi0zM2E1LWFlZmYtODZhNTJmM2ExYjkw&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
https://cdn.aralego.net/img/1x1.png

Request Chain 110

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 111

https://sync.aralego.com/idSync HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/7c15eed3-bd32-33a5-aeff-86a52f3a1b90?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xgmkY8NE2oXQpGnP2cpmd6WYJL_WNXMOfIT6VA0-~A&redirect= HTTP 302
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=7c15eed3-bd32-33a5-aeff-86a52f3a1b90&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dc4f303e-f949-46a3-9808-28d7793883b7&ssp=ucfunnel&gdpr=0&gdpr_consent=

112 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request of9v6o Show response
www.plurk.com/p/ 16 KB
5 KB 423ms
405ms Document
text/html 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b05193e3a707a5d2451e50561c90f9ba0a907a16d635e057aafe10da9fcd1d54

Request headers

:method: GET
:authority: www.plurk.com
:scheme: https
:path: /p/of9v6o
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-type: text/html; charset=utf-8
set-cookie: plurkcookiea="uuWi4REXbIoARxnAMmRPFxqbZV+ngPDgSHiAsn56d2I=?from_url=Ii9wL29mOXY2byI=&invitation_from_uid=MTQ4MDc2MzQ="; Domain=.plurk.com; Expires=Mon, 05-Jul-2021 03:45:01 GMT; Max-Age=1296000; Secure; HttpOnly; Path=/
cf-cache-status: DYNAMIC
cf-request-id: 0ac91ea2820000c2f974967000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6622007d9b5dc2f9-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 b857d9cf56d6f856e2b9.js Show response
s.plurk.com/ 64 KB
22 KB 33ms
30ms Script
application/javascript 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/b857d9cf56d6f856e2b9.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b90a40bb183f1f7036a6aad2fe03e57e5cf350a6c76779915cca7c1e37e1427f

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 234311
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: GXQH9FQAKVTTKVMG
x-amz-id-2: SNn2yGGKEcUwxtapf6a0mEy+36lybINDnjOConzJHzE1D7cZ2AuuYJUoP6A9gWS4k9h/HkF6vGk=
last-modified: Thu, 17 Jun 2021 10:36:27 GMT
server: cloudflare
etag: W/"08e20746126cfac6c1e1fd1fb365fcef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91ea4200000c2f90e3d7000000001
cf-ray: 662200803e3cc2f9-FRA
expires: Mon, 25 May 2026 03:45:01 GMT

GET
H2 200 e5c9c0eaa191278ef039.js Show response
s.plurk.com/ 172 KB
57 KB 34ms
31ms Script
application/javascript 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/e5c9c0eaa191278ef039.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7644af38eab82d36c7e546d9bdac3b27fb22641927eb9368bc5c33c777c6d676

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 857156
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: KS35M2Y4MW0BKDMZ
x-amz-id-2: uV0OrMTBFuJ0hmPkAdpylqcEt7/YXkLx5jFMmox3AonIiyZSL9MxiPnAuwLOvsSDDS9bbruDSLM=
last-modified: Thu, 13 May 2021 05:30:35 GMT
server: cloudflare
etag: W/"79bfcb8b641331b5972ed4136ab1301b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91ea41f0000c2f940026000000001
cf-ray: 662200803e3bc2f9-FRA
expires: Mon, 25 May 2026 03:45:01 GMT

GET
H2 200 f98462c57caf3129dd20.js Show response
s.plurk.com/ 2 KB
1 KB 27ms
24ms Script
application/javascript 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/f98462c57caf3129dd20.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49832bd9d6e23a7771e130b7a8c75e669a56e10f6ec88afd6872b9e27218f231

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 309727
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 6N0V29DX0WS3FRC2
x-amz-id-2: /P8UkZ9L7QJtv1Vl+pL4RIWJpS4+qc184cL66G+AlujKY8kqqV7+0te2EBc8zsZLXMDrrMg0Skg=
last-modified: Wed, 21 Apr 2021 05:52:35 GMT
server: cloudflare
etag: W/"4d81cd1413f0de03828bf6ec967af7bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91ea41f0000c2f91b8c3000000001
cf-ray: 662200803e39c2f9-FRA
expires: Mon, 25 May 2026 03:45:01 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 15ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7713162
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27433
cf-request-id: 0ac91ea41e00004a9e9d038000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wy1wmIISceCBJMaemsJzMWzkdv8GnJxah9EIoEeLU%2BRJZzGJBSoDjpHoEr1FpDQ6vJK%2FkrXLBJPIuCQUF0UvubWayCZjrBmmR6CbCpqtG6UNcFWg0rVW2mFrEvTEzbj84EyXIF1mONvuP8stkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 662200802c8a4a9e-FRA
expires: Fri, 10 Jun 2022 03:45:01 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/ 21 KB
4 KB 14ms
12ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2693179
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4037
cf-request-id: 0ac91ea41d00004a9eb524d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-55e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=p5XsCys5pgriSP8UqPhNBP8J1DgSyWjUYQ59euODYdjGR0zDcnbpMFXD12k4ju9ujt%2BG5U%2FWJ9Qg3yc%2FdUf1d6zwOUdvHJOelBKiwvdgszz%2FyGp7u0DT0p7AjpnCohBREqBfreoVaNqp%2BmPgqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 662200802c884a9e-FRA
expires: Fri, 10 Jun 2022 03:45:01 GMT

GET
H2 200 be6490d423cd4fe35add.css
s.plurk.com/ 5 KB
1 KB 26ms
24ms Stylesheet
text/css 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/be6490d423cd4fe35add.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d706fc3e4dbf7484d9143806e2fe9bde08e4089b678a919019771e7a5c2f4f

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 1622523
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PF4YGW9DS96VJM18
x-amz-id-2: t15Nrb9MVMpwrpnjO565mREXQ/fCwu70FkdyXCy7JhHbc4J7EWktPDSIBaZsIXbAXBU7FWl4U/A=
last-modified: Tue, 01 Jun 2021 08:58:28 GMT
server: cloudflare
etag: W/"0f7fc8f1ded4854c178b7b313e9a05c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0ac91ea41e0000c2f9523e8000000001
cf-ray: 662200803e33c2f9-FRA
expires: Mon, 25 May 2026 03:45:01 GMT

GET
H2 200 sweetalert.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/ 40 KB
11 KB 20ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1413567
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10494
cf-request-id: 0ac91ea41e00004a9e973ca000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff8-9f68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R6F92FxrD69LcqhZYFBWzwCypn9dBRnT34Yjj%2BcLiAmilC98AKhjGZDSamJnKWhYWSVVSm13ndyXXdxia1iuDCUeXxm9OW%2FZ%2FllMzXFW0PPJ37VYDFgFs1mGdXNQW7DF9nIDyKJJOttj5Sysbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 662200802c8c4a9e-FRA
expires: Fri, 10 Jun 2022 03:45:01 GMT

GET
H2 200 handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/ 43 KB
12 KB 20ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/handlebars.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 193395
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11830
cf-request-id: 0ac91ea41e00004a9e46906000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-ac34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wLJwGskaSRsetMSU1JA%2BIxdC%2FV1k6oqmbRhyZ7NaX%2BrRUsn7tKf7wLuKREsgW7UDES8TlZYV%2Bfu2Fq9s1vi3jrGEhyRrZygGEvZMmG1IwwA94%2BDMQu060FZtKZuOqHIdGMmC0IB4%2FEV%2BdsOTKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 662200803c8d4a9e-FRA
expires: Fri, 10 Jun 2022 03:45:01 GMT

GET
H2 200 a7e6ae6ad276b216026d.js Show response
s.plurk.com/ 48 KB
13 KB 28ms
26ms Script
application/javascript 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/a7e6ae6ad276b216026d.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b52207f42e563d3a8bb56e7203515812c47ba7d8f31573300f06d323ad540f6

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 845867
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: STE62TXP513QB540
x-amz-id-2: lLFNZyZ+mYjANe4YLwKw5LRxh7fIxYueHVU/IdOYDQQVOFqDLsHVT7oTsqAjxvd3pawowkNQmCA=
last-modified: Thu, 10 Jun 2021 08:32:42 GMT
server: cloudflare
etag: W/"8c7550f23efa76de8ea43f661e206763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91ea4200000c2f96f9f5000000001
cf-ray: 662200803e3dc2f9-FRA
expires: Mon, 25 May 2026 03:45:01 GMT

GET
H2 200 88da4e6060770e741c9a.js Show response
s.plurk.com/ 62 KB
20 KB 27ms
25ms Script
application/javascript 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/88da4e6060770e741c9a.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 673cb57b8bcbb6394a6b47f190d86077949725e7c9e4445d2366cbd43b242224

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 234291
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WBBM8CYFC2EWY520
x-amz-id-2: Epd4lEWT4nqgvIRz5OTT1AuwsRRYs7VYLReFy+9b0ABtFonmkyv0lSPJPX0y2lyOLyJYEhDHaBY=
last-modified: Thu, 17 Jun 2021 10:36:25 GMT
server: cloudflare
etag: W/"0df4f1bfaf87bd2c07a425b29ca4071d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91ea4200000c2f96d377000000001
cf-ray: 662200803e3fc2f9-FRA
expires: Mon, 25 May 2026 03:45:01 GMT

GET
H2 200 31b312ff2cc0494dbf23.css
s.plurk.com/ 39 KB
7 KB 26ms
25ms Stylesheet
text/css 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/31b312ff2cc0494dbf23.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e652bca51f3d99e146d9b1d9b59b275412dc949d345c0a4566dbfb881f46a40b

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 234291
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WBBQKNM9SHW92KB0
x-amz-id-2: 808Jo/jtERi3SqTZCF9kmcbO2LrqQMrfL0jk7BRv0vbKmpSMtLXs2R43awTbPinYz4AKTQQEyqI=
last-modified: Thu, 17 Jun 2021 10:36:25 GMT
server: cloudflare
etag: W/"5586b0ed01f06b4fc36fbf63b6d21e3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0ac91ea41e0000c2f947a2f000000001
cf-ray: 662200802e31c2f9-FRA
expires: Mon, 25 May 2026 03:45:01 GMT

GET
H2 200 c7613002a6ba4a98b549.js Show response
s.plurk.com/ 242 KB
66 KB 33ms
31ms Script
application/javascript 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/c7613002a6ba4a98b549.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6645e2c0a595a3c171a6a0eb57bbdf2abab1e9f813676ac75b2916de4778c45

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 814703
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PWWE8KVN10B49EKE
x-amz-id-2: w0GU086a0INiGF1y7G7DLGv3hzkR7e20B1vHY9pLqHnHxpvYbwkd9gCYT4dR4pHDZwhTb0U90yE=
last-modified: Thu, 10 Jun 2021 17:20:28 GMT
server: cloudflare
etag: W/"18b0b09a12beb11af3e0fc0ab6d29964"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91ea4210000c2f966b78000000001
cf-ray: 662200803e41c2f9-FRA
expires: Mon, 25 May 2026 03:45:01 GMT

GET
H2 200 d1d3f8efc01fbbcbabfb.css
s.plurk.com/ 69 KB
13 KB 32ms
31ms Stylesheet
text/css 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/d1d3f8efc01fbbcbabfb.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1ba74945c36d1928d02079f476ac27d123ffa19c6fccfb2a3d14b35614b9218

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 844971
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: YV0KM68RM3MFXFTZ
x-amz-id-2: 3Kd24YF8wt+y4e76QrE9gJfXJ5cZ4IRSg4QKD0WE2Xc8euGtdmXuwEvlTLPHEQ9qA1YA+ZNvFUk=
last-modified: Thu, 10 Jun 2021 08:32:43 GMT
server: cloudflare
etag: W/"3270d2100d8dd64a6c68e5101ef8346b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0ac91ea41f0000c2f918995000000001
cf-ray: 662200803e35c2f9-FRA
expires: Mon, 25 May 2026 03:45:01 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 41 KB
15 KB 45ms
15ms Script
application/javascript 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: bc7a9223874861c2b9fa970476f94a0013644fcc8c8b26a428549a2f2d050840

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:30 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 08:12:42 GMT
server: nginx/1.12.1
age: 182
etag: W/"60c860fa-a4d5"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: DD2oX_PBtLoVEtVZIvo4Ok8qVie7CkPpFyPxUU4zZ5jSshmTXJMNzg==
via: 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
expires: Sun, 20 Jun 2021 03:56:59 GMT

GET
H2 200 14807634-medium15092772.gif
avatars.plurk.com/ 1 KB
2 KB 33ms
32ms Image
image/gif 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.plurk.com/14807634-medium15092772.gif
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
cf-cache-status: HIT
age: 778204
cf-polished: origSize=1287
cf-ray: 66220080eeeec2f9-FRA
x-amz-storage-class: REDUCED_REDUNDANCY
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1279
x-amz-id-2: OfMGZl2eVQE55TpfKLf0RTliwwlXTzpaE41uVtR8bojYT1eCAJBHf1sl2IQHL6TCLvcb9MC86oc=
last-modified: Wed, 24 Oct 2018 17:48:38 GMT
server: cloudflare
etag: "6c0779ae49111313047639c892eef67c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: Y80ZYR5C82Z7NXNB
expires: Mon, 25 May 2026 03:45:01 GMT
cache-control: public, max-age=155520000
cf-request-id: 0ac91ea4910000c2f90b316000000001
accept-ranges: bytes
content-type: image/gif
cf-bgj: imgq:100,h2pri

GET
H2 200 nyrjH1gbiLmgHWEumGgaNO4kjOQ_mt.jpg
imgs.plurk.com/QzM/Eal/ 4 KB
5 KB 80ms
80ms Image
image/jpeg 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgs.plurk.com/QzM/Eal/nyrjH1gbiLmgHWEumGgaNO4kjOQ_mt.jpg
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb18058302f67c3f2c45a9b273a9536bcd4e3589c07d041d68d999740f778790

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
cf-cache-status: HIT
age: 216990
cf-polished: origSize=4442
x-amz-meta-source: https://vlam.vn/storage/image/vlam-tuyen-dung.jpg
x-amz-meta-content-type: image/jpeg
last-modified: Thu, 17 Jun 2021 14:30:45 GMT
content-length: 4372
x-amz-meta-hash: EalnyrjH1gbiLmgHWEumGgaNO4kjOQ
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 4DC1VHNZQERXSBVH
x-amz-id-2: rBO/Jd6LZ1mStnJDWNRf530rYvN0y/TGS1ViWqfYjh+m12gR/YMHY6/W/PYEoxkbcJ9IpRuBl14=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "18c836627a7e26aef3becfb5919b52c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-request-id: 0ac91ea4b20000c2f9109e4000000001
accept-ranges: bytes
cf-ray: 662200811f27c2f9-FRA
expires: Mon, 20 Jun 2022 03:45:01 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 68 KB
24 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8d1829492eca60f8cb152ec66a56c67a4ab2e1d334c08d881ca48174a3dc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "907 / 659 of 1000 / last-modified: 1624054181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23721
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:45:01 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 36ms
20ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 662200817c97145a-FRA
cf-request-id: 0ac91ea4e90000145a1aa4d000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2784
date: Sun, 20 Jun 2021 02:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 20 Jun 2021 04:58:37 GMT

GET
H2 200 background.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
155 B 21ms
20ms Stylesheet
text/css 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/background.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
cf-cache-status: HIT
age: 160646
cf-ray: 66220080bec1c2f9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-amz-id-2: c5HicxTBhNDI7lbeAC43cDlSGOJY4hEwMWjmjPtP8ZJq7Z5CZd0PtSm5CrT2mpbhd+z7s9XuuIs=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4FMF7CRZFAW4FKCT
cache-control: public, max-age=31536000
cf-request-id: 0ac91ea4750000c2f91b0db000000001
accept-ranges: bytes
content-type: text/css
expires: Mon, 20 Jun 2022 03:45:01 GMT

GET
H2 200 timeline.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
379 B 17ms
16ms Stylesheet
text/css 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/timeline.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
cf-cache-status: HIT
age: 160647
cf-ray: 66220080bec5c2f9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-amz-id-2: kankFk58IvG9qoQixb0RoQo/+VKBJ+Yzo5hd7oDdR6pIsZ/u6hCyPJqroCJ7ntx9bIAUp3dFxLI=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4FM4V2VA7M8KP4ND
cache-control: public, max-age=31536000
cf-request-id: 0ac91ea4760000c2f9549bd000000001
accept-ranges: bytes
content-type: text/css
expires: Mon, 20 Jun 2022 03:45:01 GMT

GET
H2 200 dashboard.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
154 B 19ms
18ms Stylesheet
text/css 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/dashboard.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
cf-cache-status: HIT
age: 232292
cf-ray: 66220080bec2c2f9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-amz-id-2: ZVkaaFPyV2PiMjrku1SCeY+cKxsmOLcipMBi4QXoPvOPT8e6BFSZgTcc9Gea7XqPC7P7u5HPXMk=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 9QH19QCD2MYX33PQ
cache-control: public, max-age=31536000
cf-request-id: 0ac91ea4760000c2f96d37a000000001
accept-ranges: bytes
content-type: text/css
expires: Mon, 20 Jun 2022 03:45:01 GMT

GET
H2 200 pubads_impl_2021061705.js Show response
securepubads.g.doubleclick.net/gpt/ 326 KB
114 KB 37ms
15ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061705.js?31061514

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

908f720bdb60273e3783b2f9fac9087858eac0b47043e90d7259faace23b9462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 Jun 2021 18:10:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116178
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:45:01 GMT

GET
H3-29 200 b903137cf2afd470223d.woff
s.plurk.com/plurkiconfont/fonts/ 21 KB
22 KB 33ms
16ms Font
application/font-woff 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/plurkiconfont/fonts/b903137cf2afd470223d.woff
Requested by: Host: s.plurk.com
URL: https://s.plurk.com/be6490d423cd4fe35add.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1

Request headers

Origin: https://www.plurk.com
Referer: https://s.plurk.com/be6490d423cd4fe35add.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1622521
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: BN69J9BZKRM6SXJG
x-amz-id-2: DIpgxBiRwdGDK4mEuMz07AqInHJ4dcsTMNpsQH1xNTw77Ss2iLlZO3RgdmBkp8I0+573OkwMRZc=
last-modified: Tue, 01 Jun 2021 08:58:27 GMT
server: cloudflare
etag: W/"d4c0955530a8e2c432946c6057221cab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=155520000
cf-request-id: 0ac91ea50300004e318d197000000001
cf-ray: 6622008199a34e31-FRA
expires: Mon, 25 May 2026 03:45:01 GMT

GET
H2 200 10987.json Show response
img.scupio.com/js/config/ 557 B
947 B 42ms
13ms XHR
application/json 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/10987.json?v=1.0.3813
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 4e17a8b1a3f28afdc3e192a553e862b827e8c23688433711fd60ccea0539fd56

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 20 Jun 2021 03:42:01 GMT
via: 1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
last-modified: Wed, 19 May 2021 02:16:46 GMT
server: nginx/1.12.1
age: 179
etag: "60a4750e-22d"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 557
x-amz-cf-id: gcQtxMmRtJGUi5c1sjvWj63j3OtiT8BFNSN7i2SndtL5jZFvmVZPPw==
expires: Sun, 20 Jun 2021 06:42:01 GMT

GET
H2 200 mv.html Show response
img.scupio.com/html/ Frame 1B46 68 KB
21 KB 15ms
15ms Document
text/html 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/mv.html?v=1.0.91
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 67a06e09f719fde5bf65b689bcbb8284296bd18227b94e8f525a17b334c8c09a

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/mv.html?v=1.0.91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 03 May 2021 06:15:43 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 20 Jun 2021 03:30:54 GMT
expires: Sun, 20 Jun 2021 03:34:53 GMT
cache-control: max-age=1500
etag: W/"608f950f-111cd"
x-cache: Hit from cloudfront
via: 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: hPvaPa1h1RKmSvEsjrbQ3ZojJ2SqKesELcS7JzVRbluVEtos7-vEcQ==
age: 2108

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 34ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.plurk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061705.js?31061514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.plurk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061705.js?31061514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 379ms
364ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1021501311867660&correlator=3504850200354049&output=ldjh&impl=fif&eid=31061460%2C31061464%2C31061514%2C31060412%2C31061004%2C31061149&vrg=2021061705&ptt=17&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=75142684%2Cplurk_message_300x250_SB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1624160701&dt=1624160701775&dlt=1624160701464&idt=198&frm=20&biw=1600&bih=1200&oid=3&adxs=1005&adys=102&adks=2862190043&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.plurk.com%2Fp%2Fof9v6o&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1489593506.1624160702&ga_sid=1624160702&ga_hid=340808495&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061705.js?31061514

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

49a5cb413f7382c31fe325aabb3f6817e83bc88a9ee9fa2ee87c9b54d34fcffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8036
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 47ms
13ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061705.js?31061514
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 33ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=340808495&t=pageview&_s=1&dl=https%3A%2F%2Fwww.plurk.com%2Fp%2Fof9v6o&ul=en-us&de=UTF-8&dt=datnendongnai%20-%20%5BT%C3%ACm%20vi%E1%BB%87c%20l%C3%A0m%20%C4%90%E1%BB%93ng%20Nai%20t%E1%BA%A1i%20khu%20c%C3%B4ng%20nghi%E1%BB%87p%20Nh%C6%A1n%20Tr%E1%BA%A1ch%202%5D%20C%C3%B4ng%20ty%20G%E1%BA%A1ch%20Men%20c%E1%BA%A7n%20tuy%E1%BB%83n%20200%20lao%20%C4%91%E1%BB%99ng%20Nam%20s%E1%BA%A3n%20xu%E1%BA%A5t%20l%C3%A0m%20vi%E1%BB%87c%20ch%C3%ADnh%20th%E1%BB%A9c%20chuy%C3%AAn%20s%E1%BA%A3n%20xu%E1%BA%A5t%20g%E1%BA%A1ch%20men%20t%E1%BA%A1i%20KCN%20Nh%C6%A1n%20Tr%E1%BA%A1ch%202%2C%20%C4%90%E1%BB%93ng%20Nai%20Vi%E1%BB%87c%20l%C3%A0m%20%C4%90%E1%BB%93ng%20Nai%20-%20KCN%20Nh%C6%A1n%20Tr%E1%BA%A1ch%20s%E1%BA%A3n%20xu%E1%BA%A5t%20g%E1%BA%A1ch%20men%20-%20Plurk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1254031916&gjid=1896851521&cid=1489593506.1624160702&tid=UA-53436-7&_gid=391677073.1624160702&_r=1&_slc=1&z=1584209865

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 0cd0435740e740eece09.gif
s.plurk.com/ 31 KB
31 KB 37ms
21ms Image
image/gif 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.plurk.com/0cd0435740e740eece09.gif
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e7d43630a261b51e2a419b892c4fa8aed22dcbc1cfc7e5f8a575771d5fbe67c

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
cf-cache-status: HIT
age: 1622521
cf-polished: origSize=35115
cf-ray: 66220082ac98c2e0-FRA
last-modified: Tue, 01 Jun 2021 08:58:27 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31308
x-amz-id-2: bXssO0abYWh/cAydFARa3uN4NJKyGo6Zt83ksdGbOn5nIX368PTf6FmBYpySCYSsOCRgfTQwrKk=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "d236fd746e000431a8e2c6bc787ee7c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BN64HSRJRJYKBXHS
cache-control: public, max-age=155520000
cf-request-id: 0ac91ea5a50000c2e09128f000000001
accept-ranges: bytes
content-type: image/gif
expires: Mon, 25 May 2026 03:45:01 GMT

POST
H3-29 200 get Show response
www.plurk.com/Responses/ 104 B
508 B 118ms
118ms XHR
application/json 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plurk.com/Responses/get
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949

Request headers

sec-fetch-mode: cors
origin: https://www.plurk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: plurkcookiea="uuWi4REXbIoARxnAMmRPFxqbZV+ngPDgSHiAsn56d2I=?from_url=Ii9wL29mOXY2byI=&invitation_from_uid=MTQ4MDc2MzQ="; _ga=GA1.2.1489593506.1624160702; _gid=GA1.2.391677073.1624160702; _gat=1
content-length: 38
:path: /Responses/get
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.plurk.com
referer: https://www.plurk.com/p/of9v6o
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://www.plurk.com/p/of9v6o
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
set-cookie: plurkcookiea="uuWi4REXbIoARxnAMmRPFxqbZV+ngPDgSHiAsn56d2I=?from_url=Ii9wL29mOXY2byI=&invitation_from_uid=MTQ4MDc2MzQ="; Domain=.plurk.com; Expires=Mon, 05-Jul-2021 03:45:01 GMT; Max-Age=1296000; Secure; HttpOnly; Path=/
cf-ray: 66220082ac9ec2e0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac91ea5a70000c2e0a522c000000001

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 1B46 235 KB
85 KB 15ms
15ms Script
application/javascript 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:40:08 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 07:57:27 GMT
server: nginx/1.12.1
age: 470
etag: W/"60af50e7-3ac4b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: c9ADh4IqJ8wSyH0J-fLzLOVtJ-C9yJVCFCfZfDLBxGFa5Rqfh-3PiQ==
via: 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
expires: Sun, 20 Jun 2021 09:37:11 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-53436-7&cid=1489593506.1624160702&jid=1254031916&gjid=1896851521&_gid=391677073.1624160702&_u=IAhAAEAAAAAAAC~&z=1250149858

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 20 Jun 2021 03:45:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-53436-7&cid=1489593506.1624160702&jid=1254031916&_u=IAhAAEAAAAAAAC~&z=1189953018

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-53436-7&cid=1489593506.1624160702&jid=1254031916&_u=IAhAAEAAAAAAAC~&z=1189953018

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 41ms
14ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 3209
date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 1B46 108 B
486 B 14ms
14ms XHR
application/json 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 754f6a663422e4ab9d3b26427d2ff42e941d9a7d7c1fa02181a17f6768d425aa

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Jun 2021 03:40:34 GMT
via: 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
last-modified: Sat, 19 Jun 2021 19:15:54 GMT
server: nginx/1.12.1
age: 312
etag: "60ce426a-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: 9T5olNxpA0Tt15cORTGvfJu0tTWTn7oaZHsRMTb1mUB_acFN1DuZTg==
expires: Sun, 20 Jun 2021 06:39:48 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1B46
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=ZMUFQ3xoV245RkZ0OHdXWjRnbFM0cUUzRG9iS2pNYnJHM0Y2dmVYU1d0bllPZThPVmljcDJHL0JxbWUvOVZSc0dTTnFhaVhWdW9lTUtIZDlBN2NrUHR4TU5pN0pCaVRhWjNxVVNOdU4vU1cyUVFPUzFkSkZrWjlJa2pYSE...

347 B
629 B

45ms
16ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ZMUFQ3xoV245RkZ0OHdXWjRnbFM0cUUzRG9iS2pNYnJHM0Y2dmVYU1d0bllPZThPVmljcDJHL0JxbWUvOVZSc0dTTnFhaVhWdW9lTUtIZDlBN2NrUHR4TU5pN0pCaVRhWjNxVVNOdU4vU1cyUVFPUzFkSkZrWjlJa2pYSEJ2ZVBLd05KVlg0TEYxc0xYdWt1YXZhZ0FWQTMrWFMvMlFWeWc2Z2hsUGlRdmxBZlFyL3FJMzNaVS8zRmYvQVJ6UG5PNUdUVURzWG9zeUloYzlqUkU0cStXVE4xaWR5TWlNWjNqM2FnejBWMm4wZEZBZUs0PXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f646e93fa8d45e13ffb68a5fb2ac3db2239f2b59662e56612eaa86f88ab9dee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 20 Jun 2021 03:45:01 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2646
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 20 Jun 2021 03:45:01 GMT
location: https://mug.criteo.com/sid?cpp=ZMUFQ3xoV245RkZ0OHdXWjRnbFM0cUUzRG9iS2pNYnJHM0Y2dmVYU1d0bllPZThPVmljcDJHL0JxbWUvOVZSc0dTTnFhaVhWdW9lTUtIZDlBN2NrUHR4TU5pN0pCaVRhWjNxVVNOdU4vU1cyUVFPUzFkSkZrWjlJa2pYSEJ2ZVBLd05KVlg0TEYxc0xYdWt1YXZhZ0FWQTMrWFMvMlFWeWc2Z2hsUGlRdmxBZlFyL3FJMzNaVS8zRmYvQVJ6UG5PNUdUVURzWG9zeUloYzlqUkU0cStXVE4xaWR5TWlNWjNqM2FnejBWMm4wZEZBZUs0PXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1789
content-length: 482
expires: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 1B46 0
176 B 455ms
151ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:45:02 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 1B46 0
285 B 1031ms
262ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.4806818677007543
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Jun 2021 03:45:02 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 1B46 0
323 B 431ms
147ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7844B6A6EAE2406AB34AB2A734EE&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&fp=undefined&eids=&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=048ec115-40fd-4d55-af25-e09a83965930&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:45:02 GMT
access-control-allow-credentials: true
connection: close

POST bid
ad2.apx.appier.net/v1/prebid/ Frame 1B46 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 1B46 0
187 B 48ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0-pre&cb=67751139599
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:45:01 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 1B46 0
219 B 850ms
311ms XHR
text/html 54.178.71.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1624160701917&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-71-123.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:45:02 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK videoad.aspx Show response
bw.scupio.com/adpinline/ Frame 1B46 74 B
958 B 1249ms
503ms XHR
text/xml 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/videoad.aspx?cb=0.20822130292255525
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.91
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d

Request headers

Accept: application/json, text/javascript, */*
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 20 Jun 2021 03:45:02 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 185

POST
H3-29 200 rum Show response
www.plurk.com/cdn-cgi/ 0
164 B 11ms
10ms XHR
text/plain 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.plurk.com/cdn-cgi/rum?req_id=6622007d9b5dc2f9

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.plurk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: plurkcookiea="uuWi4REXbIoARxnAMmRPFxqbZV+ngPDgSHiAsn56d2I=?from_url=Ii9wL29mOXY2byI=&invitation_from_uid=MTQ4MDc2MzQ="; _ga=GA1.2.1489593506.1624160702; _gid=GA1.2.391677073.1624160702; _gat=1
content-length: 10446
:path: /cdn-cgi/rum?req_id=6622007d9b5dc2f9
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.plurk.com
referer: https://www.plurk.com/p/of9v6o
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.plurk.com/p/of9v6o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 662200832d1dc2e0-FRA
vary: Origin

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 46ms
15ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1019
date: Sun, 20 Jun 2021 03:45:01 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3-29 200 container.html Show response
6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7DF8 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061705.js?31061514

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 20 Jun 2021 03:45:01 GMT
expires: Mon, 20 Jun 2022 03:45:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061705.js?31061514

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:02 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:45:02 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 44ms
25ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061705&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061705.js?31061514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9810f6dc4a15c8dca9fe20441d8b3b2e18e77b45f0718bffcc27c09bbe380434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 03:45:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8042
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D270 624 B
591 B 15ms
15ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUyWS5DsBGa66sq0Gx1Hvj5LH58VBbPm8Wxz7BOmzAvUHNX0s8qmFWapw4UWKrG2kADyfxQdijzgorJH6sBRhGJcZ_mHXaF-wZ5XDo9Evu9njEpem0RiMYTJwtoj3A6kmY6nPfUHHvU-M38RfbvJGCbIdeiPrD4M_MZ6Mp5LQHcGOknFqg

Requested by

Host: 6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com
URL: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUyWS5DsBGa66sq0Gx1Hvj5LH58VBbPm8Wxz7BOmzAvUHNX0s8qmFWapw4UWKrG2kADyfxQdijzgorJH6sBRhGJcZ_mHXaF-wZ5XDo9Evu9njEpem0RiMYTJwtoj3A6kmY6nPfUHHvU-M38RfbvJGCbIdeiPrD4M_MZ6Mp5LQHcGOknFqg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 20 Jun 2021 03:45:02 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUna8aT08X58XNJvAy33qx0-RT5Hhn4bCvbGf2_eSoKwdkn3haBBCf8Gse2U; expires=Fri, 15-Jul-2022 03:45:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 20 Jun 2021 03:45:02 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7DF8 24 KB
13 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-pLRS4aLPw4KZ-jJWVER1KkskLNO13yD4bskbOwNt-kLWJ_Y9KdjeS2vOS21Ns3Sh-sWkILaB2-Mg3itSQbk_lAHz9QnAkwD9lKmFxODafgICbT6dWZTOdk-sAsVFPPyx-nTyB3AQDLwQDFv8VuyVN4NMQg&cry=1&dbm_d=AKAmf-C_kel9p73lPQPgjQzg0Onigvray8etarsP2Fa2hF5OADbgPVK_C1HcIAXJlY1X23IBYkkS-000GJG-0gzieLQjwx9UP866JDNodc3W59pJb70jeqc052vJrOA1k1-oFDfsxLuRRy79SbFrbwwFZkWqv23PMnY4u1zJrfVLtIT2u0Kr8fWZfuyj3cJ_NBhaLZFF0kpMe21VpQ7U1A0mmVRY2Oq657fbwkkX6Dj0Uklrms563xkzQimAmYDlBzE21RQLmj4z5LcMXwvwnYzPU0dTKSuIeV618kv6GT3-ZeKPSSYPDBkZPPhf38JRHOKvsCeLDC7VkuLjwBK98ZW7A2sMJmznGDYBx5TiVCOl6LsjV1Sqvfuw2uTaYIuVgt0CP91R_Iutmp5CFxhzyKLvftljTi8u0cfvJiT9Qu6gPddj5dZNE1x-G4HWY2w5qVAhwIxN7S5oNoBwvC0_-cBOATh9n7xpHSmJfboSNR7qd41-O9D0e5JCphq4ehAiOCQbpeCfEZobpAmeOO_TlBtWZSLpHjuNmatBzPf1I5XIdsH9O4C-a9J6_22p7s1SVkwWkutN7VOP4O-SRbXYUiYbeH3D0ROPMlGS7Ljtb8wdtOs2JixpNPMFmoyWQYEviZqUSEY78zmEfb-_oDBRJEYQ7g4SjHE2Q0u4vjQ90HUxp-cyxG0D8viaBDnt0HeWOPV8gDbOzfRJP6liHCkAzSJPSgbVaRdAY8T8idQBaP4KGM9Qirj6y0kKvUmUSoIr_u8aGE9IG-es8EcwH-PdWnkeqs3UYRjHyx4h0djWFqdRw8eycALfMjzgw-8AnP2Lk-SHR4efp9QGTB2_y-npllP4XsQO6R8XtePRyFbxXrmrFZBA_9D66ABGVprKmi50XB6z-mzLOPpw-SHNPqVBhOHCO4tXVn0ueTg5eCwa6R6WiWhw0V-upnX9qeEfd0mpYhoPN8skI8bG3DC76OECdmE-zYkDQ5SIi-yIuMF-w2Jn0pVm2Z1pCezGXN03kYo4LQkgcXCv0wip2QJAvOjIWOs3_3s5qWGrwkDhj4hwPVIAMJFA_lE2jM_GnEIQ-T9LZM2ggzSMVgLJTYfGpa8VWypas4aKTxQvW64XQpC0HsoPOYaoJmbF1H623MM-YUt3RlcJk3n0wXwB5iQwX2RsEbA86PyQS1yRVulRkV6davGHz9Ob20sawkg25kX20UZ5bKryxGG7qC3i7t_BDBSPVUZXTgUQL94aJqEhz0tBTZfkX_N2YOnMrZq2HBvc4sIyqwwoxg2Z8LNQ8AANGWu-vGvpjRQL0gqJvojTUnMmOb66JezwfqvmlUs4W8uZ3YExwrGsaPj0Bdryy4fRuvq32i5F6b_ShyChYY9nZcWqQBOTKH_MztODh0OZGmjHmMvxWDASis6mXD3PzM6uRNN4QijxGqKDHCtXD3KFJFi6XbOH-AJ-Ajaf59KvwGjmZ0OBNz2jcXdElm3ra06rDUGYHRDkUYBqkOVk3Ip2pIVReuJbJL1hUwAKOqiPvF7BBxeFDlW6ngfxEWM5GfEasQ1Z5HkDRor_ijWsMxqzeN9TZFgHxhh5L6cZTVlzp5C5puMQ_9X3lkGN8n7XBfEtP8Rnrdwg1c0kb6J4p1G54ef7zU7eGon5G3tcpfWwwvFatdRYv2UfY2IVacW0JyYHttWKCuZa73rbwOLCL8-JgS62AKNUNWsPouolR_4t899wkO7TOqi7nwFiPWrpD_xgqVAOwn_T-vUYhwufkIFG4rmPYNONgCstV8Wehb15rbL0SX5Kh_YklZwzQWOJSHlOg5LdO_SWgYxtKSrgsmYoVGR8qpMn1qq2wgzuX0gkQ7GR5dUdwJudLWzzPM_L4f0a1rykY2RiIyUtz_HrUDa4KfeQfeFqm1d0thiEg_x2nRDGJvRzCRgq5vJIs-lFVtOqTMpcJLOZEO5QdDsSAS33sl8W_-wjOhPCorKCqapuwwKTF0YjQBL_-QbTZ-tquQ3OwyRsPF_a1mgQA44Daa4Mt51_G2hcO0XCZEvkUNyLuIC8Nc_OjS8Aaxr99oF8SmqJo6Kx0B0NtIraYTalcp6E9OLjNyDoOngoBqbsZ9LNO5AEiSXhtQYU0Q8b_xCSoVEf8eoQCtgxXL2pQ4ihENSmTlp7oWEMphA-qgAZa1MlPLPeI87XiLcTvxC0hd1fSSfCRhUbJgHDlzW9NFPpJPsIcXbf3Ed139dNVAnPL8M7FoodQ4vLITwD0BFxYpuNiVmH4nONH2GkVyLJgE6uaG4JJkVJP8tJ7YhvElujmbP-vU_sNfrjLxwsgIHaLnsThZmHK0SAXB4m5M8x0p03S9m9SBByS62CbhkyclkCw1-7nOlC9ccIEPGayhRskKB4xEYZNUHlqvVHHl55nnp3OEYaqO208ROXueAxDtMtjCvHButz3PtCS9OHk_Kxs-BeDThNHsmX3MOwSRCRFFPM1xzW4ub-ALmxe_aW1N3RYn4rq6TzlIDQZprz01WMX9ZskRn_ZYFPAutC8ba5rWQr3uuybJRulf3JnMAOCNa9R3Gv5WkELejf3QzZ3ZzqXKLzSEwPm_c1e73eweU0FzOs2LrGZ_pvahc2wkWC_Ga-xqq0CkYtEHwiDjJgYP93unJENhG1Sih3Ay0etxmUgA_w-gdYhu0q6rR3xHzAQQ_b3o7HWhnySfvNTgJffE4oKfoMzY1jEs7dWTsNfMnHX1FthC1Zwwq9wxxfAWFS3Y85nlSjt3DiHK0ziEKLZtwAQ2KyJGMSN-pqyM6TKzfg4YrHXmhAWQv3rbijTJ-SF-AncmwK1_uzDd0hSwYjbLNPX1bKxVTXd1ULv8zdFLDH_YUnYiDL7H-vhHOFbS9Zf_DMp1rC6jG3OomoDP3_qXceD69IYEWRG_Do6f17RDDA2OKLIx_2HHorCatwi3tjFUu0QSQSiazUdCMdNurTHztv84Tah4zQjbgKstPjLSFHtM5aeUUjNga33KuRJrU7T7FfbgCmlEQYYlWmKHMDyQ1gVZm9iOLnTyBE2Gx1godb_pt1liaz6dZ9lSoaLN0uxVdjs5BOxR2yKlYBL3qur1bLjfW4&cid=CAASFeRof0_3jDj8fe-bHU4rSEQ5LxHrxA&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3aafdab5c7897d38df78f1023597b85e3a2829bdb55fa87e219b5a51ebe70bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12908
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DF8 42 B
515 B 32ms
13ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DMNVKAXEmHz-YGwMwSj9l-DUQcI5KBtGHmKFHom7HMnpiftHcU6FU6HOO5IENKFD_IgvY9DeHSeihrKFHQcTxPLk0Kl788WntRLv5eLIN1l9t4MW4

Requested by

Host: 6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com
URL: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 7DF8 3 KB
1 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com
URL: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 03:28:32 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DF8 122 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com
URL: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:02 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:45:02 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 7DF8 13 KB
6 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com
URL: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 03:00:26 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061705.js?31061514

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:45:02 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D270
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3MNJJTLHt7jXwJeb-NKn0&google_cver=1

43 B
1014 B

19ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3MNJJTLHt7jXwJeb-NKn0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUyWS5DsBGa66sq0Gx1Hvj5LH58VBbPm8Wxz7BOmzAvUHNX0s8qmFWapw4UWKrG2kADyfxQdijzgorJH6sBRhGJcZ_mHXaF-wZ5XDo9Evu9njEpem0RiMYTJwtoj3A6kmY6nPfUHHvU-M38RfbvJGCbIdeiPrD4M_MZ6Mp5LQHcGOknFqg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:45:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 20 Jun 2021 03:45:02 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3MNJJTLHt7jXwJeb-NKn0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D270
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YM65vtXhR5aGs.BIuhlOcgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBZcpxkvCO_Pth-va8c236I&google_cver=1&google_hm=2

43 B
894 B

11ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBZcpxkvCO_Pth-va8c236I&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUyWS5DsBGa66sq0Gx1Hvj5LH58VBbPm8Wxz7BOmzAvUHNX0s8qmFWapw4UWKrG2kADyfxQdijzgorJH6sBRhGJcZ_mHXaF-wZ5XDo9Evu9njEpem0RiMYTJwtoj3A6kmY6nPfUHHvU-M38RfbvJGCbIdeiPrD4M_MZ6Mp5LQHcGOknFqg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:45:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 20 Jun 2021 03:45:02 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBZcpxkvCO_Pth-va8c236I&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame D270
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOVcUAlHzlhrCffqy6tuQ_c&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOVcUAlHzlhrCffqy6tuQ_c%26google_cver%3D1

43 B
1 KB

13ms
13ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOVcUAlHzlhrCffqy6tuQ_c%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUyWS5DsBGa66sq0Gx1Hvj5LH58VBbPm8Wxz7BOmzAvUHNX0s8qmFWapw4UWKrG2kADyfxQdijzgorJH6sBRhGJcZ_mHXaF-wZ5XDo9Evu9njEpem0RiMYTJwtoj3A6kmY6nPfUHHvU-M38RfbvJGCbIdeiPrD4M_MZ6Mp5LQHcGOknFqg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:45:02 GMT
X-Proxy-Origin: 5.180.62.154; 5.180.62.154; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.82:80
AN-X-Request-Uuid: cb713ba0-e883-4745-98c5-7f4bffa86b0c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:45:02 GMT
X-Proxy-Origin: 5.180.62.154; 5.180.62.154; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid: 8549f772-ca29-40fe-822a-a58fffc439ac
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOVcUAlHzlhrCffqy6tuQ_c%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D270
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk2OTkxMDQ4Mjk0MTM1OTAw

170 B
188 B

15ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk2OTkxMDQ4Mjk0MTM1OTAw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:45:02 GMT
X-Proxy-Origin: 5.180.62.154; 5.180.62.154; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.142:80
AN-X-Request-Uuid: 10996901-2ae4-478b-abdf-86bbb7368ec3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk2OTkxMDQ4Mjk0MTM1OTAw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame 7DF8 22 KB
8 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-pLRS4aLPw4KZ-jJWVER1KkskLNO13yD4bskbOwNt-kLWJ_Y9KdjeS2vOS21Ns3Sh-sWkILaB2-Mg3itSQbk_lAHz9QnAkwD9lKmFxODafgICbT6dWZTOdk-sAsVFPPyx-nTyB3AQDLwQDFv8VuyVN4NMQg&cry=1&dbm_d=AKAmf-C_kel9p73lPQPgjQzg0Onigvray8etarsP2Fa2hF5OADbgPVK_C1HcIAXJlY1X23IBYkkS-000GJG-0gzieLQjwx9UP866JDNodc3W59pJb70jeqc052vJrOA1k1-oFDfsxLuRRy79SbFrbwwFZkWqv23PMnY4u1zJrfVLtIT2u0Kr8fWZfuyj3cJ_NBhaLZFF0kpMe21VpQ7U1A0mmVRY2Oq657fbwkkX6Dj0Uklrms563xkzQimAmYDlBzE21RQLmj4z5LcMXwvwnYzPU0dTKSuIeV618kv6GT3-ZeKPSSYPDBkZPPhf38JRHOKvsCeLDC7VkuLjwBK98ZW7A2sMJmznGDYBx5TiVCOl6LsjV1Sqvfuw2uTaYIuVgt0CP91R_Iutmp5CFxhzyKLvftljTi8u0cfvJiT9Qu6gPddj5dZNE1x-G4HWY2w5qVAhwIxN7S5oNoBwvC0_-cBOATh9n7xpHSmJfboSNR7qd41-O9D0e5JCphq4ehAiOCQbpeCfEZobpAmeOO_TlBtWZSLpHjuNmatBzPf1I5XIdsH9O4C-a9J6_22p7s1SVkwWkutN7VOP4O-SRbXYUiYbeH3D0ROPMlGS7Ljtb8wdtOs2JixpNPMFmoyWQYEviZqUSEY78zmEfb-_oDBRJEYQ7g4SjHE2Q0u4vjQ90HUxp-cyxG0D8viaBDnt0HeWOPV8gDbOzfRJP6liHCkAzSJPSgbVaRdAY8T8idQBaP4KGM9Qirj6y0kKvUmUSoIr_u8aGE9IG-es8EcwH-PdWnkeqs3UYRjHyx4h0djWFqdRw8eycALfMjzgw-8AnP2Lk-SHR4efp9QGTB2_y-npllP4XsQO6R8XtePRyFbxXrmrFZBA_9D66ABGVprKmi50XB6z-mzLOPpw-SHNPqVBhOHCO4tXVn0ueTg5eCwa6R6WiWhw0V-upnX9qeEfd0mpYhoPN8skI8bG3DC76OECdmE-zYkDQ5SIi-yIuMF-w2Jn0pVm2Z1pCezGXN03kYo4LQkgcXCv0wip2QJAvOjIWOs3_3s5qWGrwkDhj4hwPVIAMJFA_lE2jM_GnEIQ-T9LZM2ggzSMVgLJTYfGpa8VWypas4aKTxQvW64XQpC0HsoPOYaoJmbF1H623MM-YUt3RlcJk3n0wXwB5iQwX2RsEbA86PyQS1yRVulRkV6davGHz9Ob20sawkg25kX20UZ5bKryxGG7qC3i7t_BDBSPVUZXTgUQL94aJqEhz0tBTZfkX_N2YOnMrZq2HBvc4sIyqwwoxg2Z8LNQ8AANGWu-vGvpjRQL0gqJvojTUnMmOb66JezwfqvmlUs4W8uZ3YExwrGsaPj0Bdryy4fRuvq32i5F6b_ShyChYY9nZcWqQBOTKH_MztODh0OZGmjHmMvxWDASis6mXD3PzM6uRNN4QijxGqKDHCtXD3KFJFi6XbOH-AJ-Ajaf59KvwGjmZ0OBNz2jcXdElm3ra06rDUGYHRDkUYBqkOVk3Ip2pIVReuJbJL1hUwAKOqiPvF7BBxeFDlW6ngfxEWM5GfEasQ1Z5HkDRor_ijWsMxqzeN9TZFgHxhh5L6cZTVlzp5C5puMQ_9X3lkGN8n7XBfEtP8Rnrdwg1c0kb6J4p1G54ef7zU7eGon5G3tcpfWwwvFatdRYv2UfY2IVacW0JyYHttWKCuZa73rbwOLCL8-JgS62AKNUNWsPouolR_4t899wkO7TOqi7nwFiPWrpD_xgqVAOwn_T-vUYhwufkIFG4rmPYNONgCstV8Wehb15rbL0SX5Kh_YklZwzQWOJSHlOg5LdO_SWgYxtKSrgsmYoVGR8qpMn1qq2wgzuX0gkQ7GR5dUdwJudLWzzPM_L4f0a1rykY2RiIyUtz_HrUDa4KfeQfeFqm1d0thiEg_x2nRDGJvRzCRgq5vJIs-lFVtOqTMpcJLOZEO5QdDsSAS33sl8W_-wjOhPCorKCqapuwwKTF0YjQBL_-QbTZ-tquQ3OwyRsPF_a1mgQA44Daa4Mt51_G2hcO0XCZEvkUNyLuIC8Nc_OjS8Aaxr99oF8SmqJo6Kx0B0NtIraYTalcp6E9OLjNyDoOngoBqbsZ9LNO5AEiSXhtQYU0Q8b_xCSoVEf8eoQCtgxXL2pQ4ihENSmTlp7oWEMphA-qgAZa1MlPLPeI87XiLcTvxC0hd1fSSfCRhUbJgHDlzW9NFPpJPsIcXbf3Ed139dNVAnPL8M7FoodQ4vLITwD0BFxYpuNiVmH4nONH2GkVyLJgE6uaG4JJkVJP8tJ7YhvElujmbP-vU_sNfrjLxwsgIHaLnsThZmHK0SAXB4m5M8x0p03S9m9SBByS62CbhkyclkCw1-7nOlC9ccIEPGayhRskKB4xEYZNUHlqvVHHl55nnp3OEYaqO208ROXueAxDtMtjCvHButz3PtCS9OHk_Kxs-BeDThNHsmX3MOwSRCRFFPM1xzW4ub-ALmxe_aW1N3RYn4rq6TzlIDQZprz01WMX9ZskRn_ZYFPAutC8ba5rWQr3uuybJRulf3JnMAOCNa9R3Gv5WkELejf3QzZ3ZzqXKLzSEwPm_c1e73eweU0FzOs2LrGZ_pvahc2wkWC_Ga-xqq0CkYtEHwiDjJgYP93unJENhG1Sih3Ay0etxmUgA_w-gdYhu0q6rR3xHzAQQ_b3o7HWhnySfvNTgJffE4oKfoMzY1jEs7dWTsNfMnHX1FthC1Zwwq9wxxfAWFS3Y85nlSjt3DiHK0ziEKLZtwAQ2KyJGMSN-pqyM6TKzfg4YrHXmhAWQv3rbijTJ-SF-AncmwK1_uzDd0hSwYjbLNPX1bKxVTXd1ULv8zdFLDH_YUnYiDL7H-vhHOFbS9Zf_DMp1rC6jG3OomoDP3_qXceD69IYEWRG_Do6f17RDDA2OKLIx_2HHorCatwi3tjFUu0QSQSiazUdCMdNurTHztv84Tah4zQjbgKstPjLSFHtM5aeUUjNga33KuRJrU7T7FfbgCmlEQYYlWmKHMDyQ1gVZm9iOLnTyBE2Gx1godb_pt1liaz6dZ9lSoaLN0uxVdjs5BOxR2yKlYBL3qur1bLjfW4&cid=CAASFeRof0_3jDj8fe-bHU4rSEQ5LxHrxA&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8638
x-xss-protection: 0
server: cafe
etag: 15675381762197352129
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 03:34:13 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7DF8 41 KB
15 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:57:31 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 304E 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 18 Jun 2021 11:17:20 GMT
expires: Sat, 18 Jun 2022 11:17:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 145662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK npoee1nv94vs Show response
hal9000.redintelligence.net/zone/ Frame 7DF8 11 KB
4 KB 37ms
13ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEsBNvbnOYJmuMvbM7_UPvNix0Au1zfmDV8zeuavlDPAuEAEg9JeCNWCVgoCAsAfIAQmpAuIHYv5257M-qAMBqgTbAU_QPgN_JRZ5AmNn8JHZRSBxifIJZJQdKZK6J_bgndB49Fa8tFVnaQRukVmrA1H01hlGPtoOx_aqdj4WzKGdGdwDjDGHlRyBent7-GpJohLgJobI1JrXhz3_OCSx0-KESQvJ3zpWPGoXoYsfztq8O1iFwR8EsVfN1WnP7abJ8G76DfG4cEiYQs25WysB9JYmd1XHdKThefa1uS_sblrvJlUxmk4AA1-IkhiQwi1jBE3nZy_iURHUHqqQPh51P3o9Q-xhdfL9g3IFXvvbHk-h9bcfXv9Q7UiuFQUT1cAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRof0_3jDj8fe-bHU4rSEQ5LxHrxA%26sig%3DAOD64_1u5MmFcHjwZ1b47VIgd1JZYtheJA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-AX6ZmABtVcLjNflDnbnGDl6ODPq1KIzg9k3eQapeX6dMCdPN_ULMGirrgaIpz0zUWC6lAa5HoUHN7vuUewRSw_dwe2XNgSkW7iMPTWrWVZPS_zCHGDgzUEh02-EpXCvHd2hon4I5ehKeDYSk-uC3pUMGoxsg%26cry%3D1%26dbm_d%3DAKAmf-C8Sq_BMbkOWgj3n88gz3wHsz63-h0lY4vxYoc7dyKdswZXuito3h_ePVF0ZG6dZc1qTEpMj4m90fBdEZ5eG81J0MDrApIN41ngos6PQnfssjk2ZZJGGz0TcHlXTmsM62pBP0XULCxa_coppVG0V-IkiUlqyMh6vPGxB2CTtZfg2t9b11EBroTrfpZDoLkBGb-RUAaio6c71PFhYylGG5TUKnNSul6ky8zbK7yz4B1vk8BJjEoXVwI2NCtMMdkXka6cqSqXaezRNIlHd1RA98P7HLpmNANEcW42LeiFUTRawpe4rfMfk8UMprFjqr3bye4yDL4pWWjNDu3fKe-h10mrwolxPYLi3qJfBoB8zmO9N1LMqc4GCvPUOiQK4GN6NURLyHdizPBAxKysLZSQgkf2T9eJxC-LhO6qSrj_vW_nMwG11j0a1zK1lb-zf5xina7EEuFAomz_RLStEKOQtwZMnVV_ig%26adurl%3D
Requested by: Host: 6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com
URL: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3c0863f34d261e2474de3cbc0d3b09f83fc2a76a7873fc218059397981f68209

Request headers

Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:45:02 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3906
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame CF2E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 20 Jun 2021 02:55:39 GMT
expires: Mon, 20 Jun 2022 02:55:39 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2963
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1A02 783 B
530 B 25ms
23ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ec49f950f73857645ac52f39d50f35119d97fe614d39182b54bd097f07c045a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HkBravT1qnuDdXUktEXnrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

expires: Sun, 20 Jun 2021 03:45:02 GMT
date: Sun, 20 Jun 2021 03:45:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-HkBravT1qnuDdXUktEXnrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 304E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 21:30:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 21:30:39 GMT

GET
H3-29 200 euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js Show response
pagead2.googlesyndication.com/bg/ Frame CF2E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 21:30:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 21:30:39 GMT

GET
H/1.1

200
OK

request.php Show response
hal900021.redintelligence.net/ Frame 7DF8
Redirect Chain

https://hal900021.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=9cd0b84f12&subid=&uid=f1bbb2b8959271cc&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900021.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=9cd0b84f12&subid=&uid=f1bbb2b8959271cc&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

99ms
78ms

Script
application/x-javascript

144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=9cd0b84f12&subid=&uid=f1bbb2b8959271cc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEsBNvbnOYJmuMvbM7_UPvNix0Au1zfmDV8zeuavlDPAuEAEg9JeCNWCVgoCAsAfIAQmpAuIHYv5257M-qAMBqgTbAU_QPgN_JRZ5AmNn8JHZRSBxifIJZJQdKZK6J_bgndB49Fa8tFVnaQRukVmrA1H01hlGPtoOx_aqdj4WzKGdGdwDjDGHlRyBent7-GpJohLgJobI1JrXhz3_OCSx0-KESQvJ3zpWPGoXoYsfztq8O1iFwR8EsVfN1WnP7abJ8G76DfG4cEiYQs25WysB9JYmd1XHdKThefa1uS_sblrvJlUxmk4AA1-IkhiQwi1jBE3nZy_iURHUHqqQPh51P3o9Q-xhdfL9g3IFXvvbHk-h9bcfXv9Q7UiuFQUT1cAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRof0_3jDj8fe-bHU4rSEQ5LxHrxA%26sig%3DAOD64_1u5MmFcHjwZ1b47VIgd1JZYtheJA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-AX6ZmABtVcLjNflDnbnGDl6ODPq1KIzg9k3eQapeX6dMCdPN_ULMGirrgaIpz0zUWC6lAa5HoUHN7vuUewRSw_dwe2XNgSkW7iMPTWrWVZPS_zCHGDgzUEh02-EpXCvHd2hon4I5ehKeDYSk-uC3pUMGoxsg%26cry%3D1%26dbm_d%3DAKAmf-C8Sq_BMbkOWgj3n88gz3wHsz63-h0lY4vxYoc7dyKdswZXuito3h_ePVF0ZG6dZc1qTEpMj4m90fBdEZ5eG81J0MDrApIN41ngos6PQnfssjk2ZZJGGz0TcHlXTmsM62pBP0XULCxa_coppVG0V-IkiUlqyMh6vPGxB2CTtZfg2t9b11EBroTrfpZDoLkBGb-RUAaio6c71PFhYylGG5TUKnNSul6ky8zbK7yz4B1vk8BJjEoXVwI2NCtMMdkXka6cqSqXaezRNIlHd1RA98P7HLpmNANEcW42LeiFUTRawpe4rfMfk8UMprFjqr3bye4yDL4pWWjNDu3fKe-h10mrwolxPYLi3qJfBoB8zmO9N1LMqc4GCvPUOiQK4GN6NURLyHdizPBAxKysLZSQgkf2T9eJxC-LhO6qSrj_vW_nMwG11j0a1zK1lb-zf5xina7EEuFAomz_RLStEKOQtwZMnVV_ig%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=7574860821046&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: 6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com
URL: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 59bd5f98c5dfe96b7ad8fdef0a529efadd9aa9571de05d6781bc2ee0da305f23

Request headers

Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:45:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 76138000010686200710616011631021
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 894
Expires: Sun, 20 Jun 2021 04:45:02 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:45:02 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=9cd0b84f12&subid=&uid=f1bbb2b8959271cc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEsBNvbnOYJmuMvbM7_UPvNix0Au1zfmDV8zeuavlDPAuEAEg9JeCNWCVgoCAsAfIAQmpAuIHYv5257M-qAMBqgTbAU_QPgN_JRZ5AmNn8JHZRSBxifIJZJQdKZK6J_bgndB49Fa8tFVnaQRukVmrA1H01hlGPtoOx_aqdj4WzKGdGdwDjDGHlRyBent7-GpJohLgJobI1JrXhz3_OCSx0-KESQvJ3zpWPGoXoYsfztq8O1iFwR8EsVfN1WnP7abJ8G76DfG4cEiYQs25WysB9JYmd1XHdKThefa1uS_sblrvJlUxmk4AA1-IkhiQwi1jBE3nZy_iURHUHqqQPh51P3o9Q-xhdfL9g3IFXvvbHk-h9bcfXv9Q7UiuFQUT1cAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRof0_3jDj8fe-bHU4rSEQ5LxHrxA%26sig%3DAOD64_1u5MmFcHjwZ1b47VIgd1JZYtheJA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-AX6ZmABtVcLjNflDnbnGDl6ODPq1KIzg9k3eQapeX6dMCdPN_ULMGirrgaIpz0zUWC6lAa5HoUHN7vuUewRSw_dwe2XNgSkW7iMPTWrWVZPS_zCHGDgzUEh02-EpXCvHd2hon4I5ehKeDYSk-uC3pUMGoxsg%26cry%3D1%26dbm_d%3DAKAmf-C8Sq_BMbkOWgj3n88gz3wHsz63-h0lY4vxYoc7dyKdswZXuito3h_ePVF0ZG6dZc1qTEpMj4m90fBdEZ5eG81J0MDrApIN41ngos6PQnfssjk2ZZJGGz0TcHlXTmsM62pBP0XULCxa_coppVG0V-IkiUlqyMh6vPGxB2CTtZfg2t9b11EBroTrfpZDoLkBGb-RUAaio6c71PFhYylGG5TUKnNSul6ky8zbK7yz4B1vk8BJjEoXVwI2NCtMMdkXka6cqSqXaezRNIlHd1RA98P7HLpmNANEcW42LeiFUTRawpe4rfMfk8UMprFjqr3bye4yDL4pWWjNDu3fKe-h10mrwolxPYLi3qJfBoB8zmO9N1LMqc4GCvPUOiQK4GN6NURLyHdizPBAxKysLZSQgkf2T9eJxC-LhO6qSrj_vW_nMwG11j0a1zK1lb-zf5xina7EEuFAomz_RLStEKOQtwZMnVV_ig%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=7574860821046&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 20 Jun 2021 04:45:02 +0200

GET
H3-29

200

activityi;dc_pre=CPaT7Y2mpfECFaSK_QcdpjcLUA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7700490991509.656 Show response
5994599.fls.doubleclick.net/ Frame 9F53
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7700490991509.656?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPaT7Y2mpfECFaSK_QcdpjcLUA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7700490991509.656?

391 B
344 B

34ms
20ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CPaT7Y2mpfECFaSK_QcdpjcLUA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7700490991509.656?

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

63e4eef3faee17511209e577a77e285d5c59e8fc2c26804bb31ab23ac116f789

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPaT7Y2mpfECFaSK_QcdpjcLUA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7700490991509.656?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlOjZpQ6qT1hv4yDYEUfWpy2Hdi4qXa8nuLfXhG8u3MM5RdmleMG_qqjWQb-Jc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Jun 2021 03:45:02 GMT
expires: Sun, 20 Jun 2021 03:45:02 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 20 Jun 2021 03:45:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPaT7Y2mpfECFaSK_QcdpjcLUA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7700490991509.656?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame 471D 4 KB
2 KB 34ms
12ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=76138000010686200710616011631021&a=9a920ba2
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=9cd0b84f12&subid=&uid=f1bbb2b8959271cc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEsBNvbnOYJmuMvbM7_UPvNix0Au1zfmDV8zeuavlDPAuEAEg9JeCNWCVgoCAsAfIAQmpAuIHYv5257M-qAMBqgTbAU_QPgN_JRZ5AmNn8JHZRSBxifIJZJQdKZK6J_bgndB49Fa8tFVnaQRukVmrA1H01hlGPtoOx_aqdj4WzKGdGdwDjDGHlRyBent7-GpJohLgJobI1JrXhz3_OCSx0-KESQvJ3zpWPGoXoYsfztq8O1iFwR8EsVfN1WnP7abJ8G76DfG4cEiYQs25WysB9JYmd1XHdKThefa1uS_sblrvJlUxmk4AA1-IkhiQwi1jBE3nZy_iURHUHqqQPh51P3o9Q-xhdfL9g3IFXvvbHk-h9bcfXv9Q7UiuFQUT1cAEqp38vs8B4AQDkAYBoAZNgAfr5-heqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRof0_3jDj8fe-bHU4rSEQ5LxHrxA%26sig%3DAOD64_1u5MmFcHjwZ1b47VIgd1JZYtheJA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-AX6ZmABtVcLjNflDnbnGDl6ODPq1KIzg9k3eQapeX6dMCdPN_ULMGirrgaIpz0zUWC6lAa5HoUHN7vuUewRSw_dwe2XNgSkW7iMPTWrWVZPS_zCHGDgzUEh02-EpXCvHd2hon4I5ehKeDYSk-uC3pUMGoxsg%26cry%3D1%26dbm_d%3DAKAmf-C8Sq_BMbkOWgj3n88gz3wHsz63-h0lY4vxYoc7dyKdswZXuito3h_ePVF0ZG6dZc1qTEpMj4m90fBdEZ5eG81J0MDrApIN41ngos6PQnfssjk2ZZJGGz0TcHlXTmsM62pBP0XULCxa_coppVG0V-IkiUlqyMh6vPGxB2CTtZfg2t9b11EBroTrfpZDoLkBGb-RUAaio6c71PFhYylGG5TUKnNSul6ky8zbK7yz4B1vk8BJjEoXVwI2NCtMMdkXka6cqSqXaezRNIlHd1RA98P7HLpmNANEcW42LeiFUTRawpe4rfMfk8UMprFjqr3bye4yDL4pWWjNDu3fKe-h10mrwolxPYLi3qJfBoB8zmO9N1LMqc4GCvPUOiQK4GN6NURLyHdizPBAxKysLZSQgkf2T9eJxC-LhO6qSrj_vW_nMwG11j0a1zK1lb-zf5xina7EEuFAomz_RLStEKOQtwZMnVV_ig%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=7574860821046&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: db9e3f8efc78f64f2d7834491ee1b0ac3fd404074a7a070a282ee7b593592396

Request headers

Host: hal900021.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=eebc6e8eef118c4f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/

Response headers

Date: Sun, 20 Jun 2021 03:45:02 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 20 Jun 2021 04:45:02 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1511
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7DF8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a021d10b2574932f955cc9786c7d133b50750db0cc5d7713bb15e72105caaa70

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 300x250_OMAC_2016_Launch%20(3).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 471D 52 KB
52 KB 53ms
16ms Image
image/jpeg 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/300x250_OMAC_2016_Launch%20(3).jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=76138000010686200710616011631021&a=9a920ba2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614

Request headers

Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:45:02 GMT
Last-Modified: Mon, 20 Jun 2016 09:16:21 GMT
Server: nginx
ETag: "5767b465-ce63"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 52835

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 471D 0
150 B 35ms
13ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=76138000010686200710616011631021&a=5d175e04&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=76138000010686200710616011631021&a=9a920ba2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900021.redintelligence.net/request_content.php?s=76138000010686200710616011631021&a=9a920ba2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:45:02 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 471D 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061705&jk=1021501311867660&bg=!jY6ljsrNAAZktE7iZLQ7ACkAdvg8Wm4miIMrghECGXu3cgP564xUA6rAdnil1zpppbstE6fIAZzc7wIAAACAUgAAAD1oAQeZAmWYZp2JE_vfGtG3hrHCOYDPWhg8mCfy9Kftt91HUBqO8RzVmNDrRjJgLHKCh7OH6pK3H48mj9RBJAmbzd1aa9yfp5xWUV8zsbZWdhDzvdUrrHoey7qHvdfvMUjlbEgS4dLtZBWJqWlFo9rF53gtTgFvPLj5Os33MKH-gxOzkywwxI1cdjmBFmA1bSSv3Wb11V7Ly2adcWBOGKmr9fW5T8HoFlvirk6GbJEq1cWTi4qil7aw9p8eYSJBtEY0UFzqTkGGKLLOpu2eqmcWl8Jlpu31COQ5NQydz6uS3NI6YZnpwDdNlKCq4g6QBL6BZNHzr0o3tlK0bXyE7L2fVldDnA3ozFdX1ArVG161F3O3QvfQVebaSGhiN0-rOxQxbCwCtvhOf-mL_hzJyrQpaIgP-wYG0p1b_zMDBDPnKyguJbmpkV4VP5Z8BoYSyVWSSm6filDqu_epG3LEmQ2NLyRI-MfMYnUzQomSLYiqdJQVp0_BMft7qlU1nNm67hVcWaCOorrXvCRKPeOkEy5NKg_EhSOTDFlGzPhgddDu69M-4cxbJwhVoVtDzpKShWhgGfW_V8ny4hAa_uZh34QLQLE7V74SagFjIFwNgI-qVDldsKbhrNbAW53Ob33HJ_e0-Ki5Lv3S5Meye_InqsHU0B4UYlJSwECplb-Pb98nqAwFWFCj0pN3K9zSrSk3bu5Turhh5ZSYoQZ7C0T_Kj0ctyqkY8Q5SVO4WUlaw3IiRq1EtE13dKSli6gOaT_hj8N6CoTMy6NIwKb07tWbftnWHN-bzBZd4CsHVp5t9VKq1v2nMmS2A3_3W_nd

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 304E 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVPc4vrnOYLm_DaKm3gOfioaACwAAAAA4AeAEAg&bg=!SEulSw_NAAZktE7iZLQ7ACkAdvg8WkGVyppCPETleJB49bF6XbWxjROpuMLcCQW6qzUvBX8A9to_QQIAAACtUgAAAEJoAQeZAruWNjJ7VUmX4SI76MX4EnXRwhhc2iM_b8-1fPaPOt0PsN3v_O-soLeevQNYjacUCkvhpFErjLgQ2f24jNCC1RfGKtCH1zav9gpPeTdiyV3g_cC1BSIJ85w1VmPjwq866-FpIYGvn9uB98l76kDE02NKuOikV0Ip_w6sJnLHv2xEZ8h7yTGyDeHuyZLsB0mnX0S4AzXnzt47Q1EwlXH51TT6HxElfGOvyvx0-5NRoEGt4G2ttf_Xs9BAwu9kMMagzSYzDjdJaTtFMDkn2rnSL1WmYKqHUTnZEtSPr1b9K_Qu8RyaGVLqNduidRGFk2B4dF3Ljp68HC13IOMaOLS3fgpTSZyetdRZGAFntCoKaIygmePcHYWjaLRXU0q3YNASMemBxgfiuSKzP7vw__J4oVe43fRgD9paBQr5yX-s3Qwj3uSFnOZsQlvRm5HttOJCCFkaQzJbujeZ7n2Kgs6M1-v6PBUzOQJ5cNB0mAWDJHgJqSs3mBpZ9nKJx7w3VR0PDAP6XA7-UMc7y499P-rB-EC8W4VBM8fIc62z2dt-IhAPzAKtyt5iyjXGH4q8frcnfttQKvi4Ab8h0SEYyNxpYHnjOu17wzIPetZexx4axvzHQVQhhdV_FzI4qM2OiKIUKY1NL4cRJJtr0i_O2o9oPr1P1qYGOsJbT0AsGX_0fhLxvw0n3bLlk_Z_J6bUM_F-N63AHFTKMMcWPYKzoexmiFqupazqenYRiUEflQQ0V-efxnUjNLz9QMkBTSfB46TjHhiZm2H6qB1yhlCI3ylr6ZVRIt3EwVCmzdFVwc5Y8JWS7jbERHYGv20o-uYSN8eMgEdz-Ae0te02BpzGp8TQNyB3tKu_I_8AdMSROOhbyKH4bmpI58Wcu4d9S_G-ZajMfw9lpOxEapFp6YzqaXW30z2h7d2VdBxt4cnTT8o

Requested by

Host: 6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com
URL: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_pre=CPaT7Y2mpfECFaSK_QcdpjcLUA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7700490991509.656
adservice.google.com/ddm/fls/z/ Frame 9F53 42 B
63 B 30ms
16ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPaT7Y2mpfECFaSK_QcdpjcLUA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7700490991509.656

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPaT7Y2mpfECFaSK_QcdpjcLUA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7700490991509.656?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13567.json Show response
img.scupio.com/js/config/ 374 B
763 B 14ms
13ms XHR
application/json 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/13567.json?v=1.0.3813
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 01db7866b8ed97fd6bb8bb535f5785b404153cc7a7d6ce37d586da98d3593ce4

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 20 Jun 2021 03:42:04 GMT
via: 1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
last-modified: Wed, 19 May 2021 02:16:47 GMT
server: nginx/1.12.1
age: 179
etag: "60a4750f-176"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 374
x-amz-cf-id: KSoGMNsw9RZ0YfLdrRoK12-kNs5Cq0Q0W9yokgPGp_lfZftaU_uFgA==
expires: Sun, 20 Jun 2021 06:42:04 GMT

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame ECCA 35 KB
14 KB 13ms
13ms Document
text/html 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.56
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 3dd06f5770208f248296cdb0ed209a423046889337177f4c0394b220f42c5504

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ad.html?v=1.0.56
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CNA20210620114502846269
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 03 May 2021 06:16:34 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 20 Jun 2021 03:17:29 GMT
expires: Sun, 20 Jun 2021 09:17:29 GMT
cache-control: max-age=21600
etag: W/"608f9542-8d2b"
x-cache: Hit from cloudfront
via: 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: miv5QEYkmHtYGIruShP8RtfaEbhPjR6ab6NxCa_tvULPGh4yOLvRVA==
age: 1654

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame ECCA 95 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 01:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Jun 2022 01:08:46 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame ECCA 235 KB
85 KB 13ms
13ms Script
application/javascript 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:40:08 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 07:57:27 GMT
server: nginx/1.12.1
age: 472
etag: W/"60af50e7-3ac4b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: H1Otszjx7fXVF59Gj7wETOqHQV7GyCQRc4xA7Jxnq3oo4yUnZDptAw==
via: 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
expires: Sun, 20 Jun 2021 09:37:11 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 13ms
13ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1378
date: Sun, 20 Jun 2021 03:45:02 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame ECCA 108 B
490 B 13ms
13ms XHR
application/json 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 754f6a663422e4ab9d3b26427d2ff42e941d9a7d7c1fa02181a17f6768d425aa

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Jun 2021 03:40:34 GMT
via: 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
last-modified: Sat, 19 Jun 2021 19:15:54 GMT
server: nginx/1.12.1
age: 314
etag: "60ce426a-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: 0y6PcgFKy3Zvp6CYBDF5qPLVM8Io8EYQYkODXNQE4FNKHWr_DPWv5Q==
expires: Sun, 20 Jun 2021 06:39:48 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame ECCA
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=bZiyy3xwa3ZCRWJTZ21PZDRTcE8wZ3VSdnMzMm1OV1ZCTFhzQWdWWGRSS1BQQk1KdnRrOVdGR3dZZFVxMm4wZUF3OHA0aVBjUWxVUUUyaEtIY1Zrd3Jqc0krOFZzbGZvN1A3cVNqS0FPVjlhQmc2dUtrQktNd2Z5ZXJJbD...

334 B
615 B

16ms
16ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=bZiyy3xwa3ZCRWJTZ21PZDRTcE8wZ3VSdnMzMm1OV1ZCTFhzQWdWWGRSS1BQQk1KdnRrOVdGR3dZZFVxMm4wZUF3OHA0aVBjUWxVUUUyaEtIY1Zrd3Jqc0krOFZzbGZvN1A3cVNqS0FPVjlhQmc2dUtrQktNd2Z5ZXJJbDFqQmNkbWJVQkRxcm02M3RSaEtOb2VQazlGTDVqcUM5TlRJVlZqNExtTlZDL2F3ZzVsVHF4QnBTK2hJazZQUHVrVFVFZkppd3lHWEZBcWpZNGQvS0RGUE5PNFNSaGlCNW0vNTFodGFWU3daZXE5Y0tibmlvPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6d2192f0d1d00e5ce2faca67913a0ab19625b90e4292e615da81a5e124abafa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 20 Jun 2021 03:45:03 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2282
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 20 Jun 2021 03:45:02 GMT
location: https://mug.criteo.com/sid?cpp=bZiyy3xwa3ZCRWJTZ21PZDRTcE8wZ3VSdnMzMm1OV1ZCTFhzQWdWWGRSS1BQQk1KdnRrOVdGR3dZZFVxMm4wZUF3OHA0aVBjUWxVUUUyaEtIY1Zrd3Jqc0krOFZzbGZvN1A3cVNqS0FPVjlhQmc2dUtrQktNd2Z5ZXJJbDFqQmNkbWJVQkRxcm02M3RSaEtOb2VQazlGTDVqcUM5TlRJVlZqNExtTlZDL2F3ZzVsVHF4QnBTK2hJazZQUHVrVFVFZkppd3lHWEZBcWpZNGQvS0RGUE5PNFNSaGlCNW0vNTFodGFWU3daZXE5Y0tibmlvPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3100
content-length: 482
expires: 0

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame ECCA 0
285 B 281ms
281ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8165130840547656
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Jun 2021 03:45:03 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame ECCA 0
176 B 152ms
152ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:45:03 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame ECCA 0
323 B 327ms
140ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7BE8827732D680EA64BB3A493A78B&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&fp=undefined&eids=&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=7e45f43a-50c5-48a7-af75-7cd95c1e33b7&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:45:03 GMT
access-control-allow-credentials: true
connection: close

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame ECCA 0
187 B 15ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0-pre&cb=93553120444
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:45:02 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 16ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1751
date: Sun, 20 Jun 2021 03:45:02 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7DF8 42 B
64 B 29ms
16ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXVd5M9-rTG6SMhQTufx6NucDo6HrQNVyb8jBsv4pUzbGHki90GXQiKFWDagmtVWr8j0AbSgKO9Mf-lg7aHvdPXPWuJ2wsWlMsBEkvrv0kHN1c&sai=AMfl-YS9z81du2W6c-Zw9uBh8R6LJMJOo_YL6CE08bzWDBFlhZ8Qz_amREHANC_OVk5X8YMcX5sst4PhyVtbSLxcKnCr1keeJKXwF278h-FWeL8clfXCGsvjgKJ5d9lP3g8&sig=Cg0ArKJSzO22FdJ-Y4HiEAE&cid=CAASFeRof0_3jDj8fe-bHU4rSEQ5LxHrxA&id=lidar2&mcvt=1000&p=102,1005,356,1305&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2862190043&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624160702179&dlt=20&rpt=353&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame ECCA 2 KB
2 KB 250ms
250ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.10363750147775042
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9006b26ff76ff43b84d6a866022dd5e40535b13db0109f1427d44b5e3bc6134b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 20 Jun 2021 03:45:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 1468

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 471D 0
150 B 33ms
12ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=76138000010686200710616011631021&a=5d175e04&vb=v
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=76138000010686200710616011631021&a=9a920ba2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900021.redintelligence.net/request_content.php?s=76138000010686200710616011631021&a=9a920ba2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:45:03 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame D3B9 1 KB
1 KB 13ms
13ms Document
text/html 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/html/ad.html?v=1.0.56
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CNA20210620114502846269; gx=H4sIAD8qz2AA%2fxNmYGDg4ub4dvD9%2fF8vb1oKsAqxcNgLMAEA7fJJ7BcAAAA%3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/html/ad.html?v=1.0.56

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 20 Jun 2021 03:36:37 GMT
expires: Sun, 27 Jun 2021 03:26:37 GMT
cache-control: max-age=604800
etag: W/"583295c9-4dc"
x-cache: Hit from cloudfront
via: 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: NC-FL3nEQwH9Lj-RKLfLwagNDPbJvAVQRYRk7f8yBP3KtoGGpI95Mg==
age: 1106

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 08E0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q05BMjAyMTA2MjAxMTQ1MDI4NDYyNjk%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHln7I8PakmEpfCaAs4-DMs&google_cver=1&google_ula=3918219,0

0
551 B

957ms
239ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHln7I8PakmEpfCaAs4-DMs&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:45:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEHln7I8PakmEpfCaAs4-DMs&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3266
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

21ms
6ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v6o
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://img.scupio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Jun 2021 03:45:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date: Sun, 20 Jun 2021 03:45:03 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
www.facebook.com/tr/ Frame 08E0 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.56&rl=&if=true&ts=1624160703844&cd[SBST]=25&cd[PuID]=plurk

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 20 Jun 2021 03:45:03 GMT

GET

generic
match.adsrvr.org/track/cmf/ Frame 08E0
Redirect Chain

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CNA20210620114502846269
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/048ec115-40fd-4d55-af25-e09a83965930?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xgmkY8NE2oXQpGnP2cpmd6WYJL_WNXMOfIT6VA0-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=0d8b1095-b153-4231-b5e5-697854a11451
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/7c15eed3-bd32-33a5-aeff-86a52f3a1b90?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xgmkY8NE2oXQpGnP2cpmd6WYJL_WNXMOfIT6VA0-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=0d8b1095-b153-4231-b5e5-697854a11451
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/7c15eed3-bd32-33a5-aeff-86a52f3a1b90?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xgmkY8NE2oXQpGnP2cpmd6WYJL_WNXMOfIT6VA0-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=0d8b1095-b153-4231-b5e5-697854a11451
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=7c15eed3-bd32-33a5-aeff-86a52f3a1b90&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=7c15eed3-bd32-33a5-aeff-86a52f3a1b90&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=dc4f303e-f949-46a3-9808-28d7793883b7&google_hm=ZGM0ZjMwM2UtZjk0OS00NmEzLTk4MDgtMjhkNzc5Mzg4M2I3
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=ucfunnel&bsw_param=dc4f303e-f949-46a3-9808-28d7793883b7&google_hm=ZGM0ZjMwM2UtZjk0OS00NmEzLTk4MDgtMjhkNzc5Mzg4M...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFY-P2N9D4dfggze8CY9qxE&google_cver=1&ssp=ucfunnel&bsw_param=dc4f303e-f949-46a3-9808-28d7793883b7
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=dc4f303e-f949-46a3-9808-28d7793883b7
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3266 31 KB
9 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 66ee8e6733643be8fafde425e589adc6e00a0bbca3fe20bc3529c2e6e504fffd

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:45:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 16:13:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=20897
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9272
Expires: Sun, 20 Jun 2021 09:33:20 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3266 284 B
536 B 30ms
9ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 1B46 83 KB
27 KB 40ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:03 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Jun 2021 03:45:03 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 62B0 2 KB
2 KB 14ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.plurk.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1573
set-cookie: uid=64ca1172-d7f6-44c4-8d3d-fbdbd7bd7204; expires=Mon, 20 Jun 2022 03:45:03 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sun, 20 Jun 2021 03:45:03 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 1B46 83 KB
27 KB 43ms
15ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:04 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Jun 2021 03:45:04 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame ECCA 83 KB
27 KB 16ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:04 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Jun 2021 03:45:04 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 188F 2 KB
2 KB 16ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.plurk.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=64ca1172-d7f6-44c4-8d3d-fbdbd7bd7204
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 4631
set-cookie: uid=64ca1172-d7f6-44c4-8d3d-fbdbd7bd7204; expires=Mon, 20 Jun 2022 03:45:03 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sun, 20 Jun 2021 03:45:03 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame ECCA 83 KB
27 KB 18ms
18ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:04 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Jun 2021 03:45:04 GMT

GET
H2

200

1x1.png
cdn.aralego.net/img/ Frame 1B46
Redirect Chain

https://sync.aralego.com/idSync
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/7c15eed3-bd32-33a5-aeff-86a52f3a1b90?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xgmkY8NE2oXQpGnP2cpmd6WYJL_WNXMOfIT6VA0-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=0d8b1095-b153-4231-b5e5-697854a11451
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=7c15eed3-bd32-33a5-aeff-86a52f3a1b90&gdpr=0&gdpr_consent=
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=dc4f303e-f949-46a3-9808-28d7793883b7
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=N2MxNWVlZDMtYmQzMi0zM2E1LWFlZmYtODZhNTJmM2ExYjkw&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
https://cdn.aralego.net/img/1x1.png

68 B
657 B

42ms
18ms

Image
image/png

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/img/1x1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5108
content-length: 68
cf-request-id: 0ac91eba9b00002bdd143ed000000001
last-modified: Wed, 12 Jun 2019 06:09:43 GMT
server: cloudflare
etag: "5d009727-44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vFTEIi6e44p4SpT2EixHMrUXWSlxeWHZ%2BC8rVIqYlqHpG9ExfIgNqOXQE1VIvmoJ7dGoipHSZZIme6eVNp98ulVqYRTezQrplj3IU5V19Kv7aruN435gzsMR24Sb4OLglo%2FjuGawnUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 662200a42acf2bdd-FRA

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cdn.aralego.net/img/1x1.png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 1B46
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
506 B

113ms
113ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:45:06 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Sun, 20 Jun 2021 03:45:06 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame ECCA
Redirect Chain

https://sync.aralego.com/idSync
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/7c15eed3-bd32-33a5-aeff-86a52f3a1b90?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-xgmkY8NE2oXQpGnP2cpmd6WYJL_WNXMOfIT6VA0-~A&redirect=
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=7c15eed3-bd32-33a5-aeff-86a52f3a1b90&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dc4f303e-f949-46a3-9808-28d7793883b7&ssp=ucfunnel&gdpr=0&gdpr_consent=

43 B
324 B

30ms
15ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dc4f303e-f949-46a3-9808-28d7793883b7&ssp=ucfunnel&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:45:07 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dc4f303e-f949-46a3-9808-28d7793883b7&ssp=ucfunnel&gdpr=0&gdpr_consent=
date: Sun, 20 Jun 2021 03:45:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 471D 0
150 B 34ms
12ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=76138000010686200710616011631021&a=5d175e04&vb=v20
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=76138000010686200710616011631021&a=9a920ba2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900021.redintelligence.net/request_content.php?s=76138000010686200710616011631021&a=9a920ba2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:45:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/v1/prebid/bid

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.plurk.com/	1970-01-19 19:09:20	Name: _gat Value: 1
.plurk.com/	1970-01-19 19:10:47	Name: _gid Value: GA1.2.391677073.1624160702
.plurk.com/	1970-01-20 12:40:32	Name: _ga Value: GA1.2.1489593506.1624160702
.plurk.com/	1970-01-19 19:30:56	Name: plurkcookiea Value: "uuWi4REXbIoARxnAMmRPFxqbZV+ngPDgSHiAsn56d2I=?from_url=Ii9wL29mOXY2byI=&invitation_from_uid=MTQ4MDc2MzQ="

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061705.js?31061514(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
6016ce2a8513afe6f56efa4a186fd267.safeframe.googlesyndication.com
ad.holmesmind.com
ad2.apx.appier.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.plurk.com
avatars.plurk.com
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
cdn.aralego.net
cdn.contentspread.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900021.redintelligence.net
hb.aralego.com
ib.adnxs.com
img.scupio.com
imgs.plurk.com
match.adsrvr.org
mug.criteo.com
odr.mookie1.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
rec.scupio.com
s.plurk.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.aralego.com
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.plurk.com
x.bidswitch.net
ad2.apx.appier.net
match.adsrvr.org
103.132.192.30
104.109.78.125
13.248.242.197
138.201.84.244
142.250.185.226
142.250.185.230
142.250.186.162
144.76.238.55
162.210.196.208
178.250.0.157
178.250.0.165
18.184.169.195
185.33.220.241
192.96.200.41
2.18.234.21
2.19.35.65
210.59.219.175
210.59.219.180
210.59.219.181
2606:4700:20::ac43:47fe
2606:4700::6810:125e
2606:4700::6810:5f41
2606:4700::6811:4503
2606:4700::6811:4603
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:802::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c04::9a
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f11c:8183:face:b00c:0:25de
34.98.67.61
35.201.76.93
54.178.71.123
65.9.77.82
69.173.144.139
88.99.70.21
01db7866b8ed97fd6bb8bb535f5785b404153cc7a7d6ce37d586da98d3593ce4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1e7d43630a261b51e2a419b892c4fa8aed22dcbc1cfc7e5f8a575771d5fbe67c
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae
3c0863f34d261e2474de3cbc0d3b09f83fc2a76a7873fc218059397981f68209
3dd06f5770208f248296cdb0ed209a423046889337177f4c0394b220f42c5504
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49832bd9d6e23a7771e130b7a8c75e669a56e10f6ec88afd6872b9e27218f231
49a5cb413f7382c31fe325aabb3f6817e83bc88a9ee9fa2ee87c9b54d34fcffa
49d706fc3e4dbf7484d9143806e2fe9bde08e4089b678a919019771e7a5c2f4f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e17a8b1a3f28afdc3e192a553e862b827e8c23688433711fd60ccea0539fd56
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0
59bd5f98c5dfe96b7ad8fdef0a529efadd9aa9571de05d6781bc2ee0da305f23
63e4eef3faee17511209e577a77e285d5c59e8fc2c26804bb31ab23ac116f789
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66ee8e6733643be8fafde425e589adc6e00a0bbca3fe20bc3529c2e6e504fffd
673cb57b8bcbb6394a6b47f190d86077949725e7c9e4445d2366cbd43b242224
67a06e09f719fde5bf65b689bcbb8284296bd18227b94e8f525a17b334c8c09a
6d2192f0d1d00e5ce2faca67913a0ab19625b90e4292e615da81a5e124abafa1
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
754f6a663422e4ab9d3b26427d2ff42e941d9a7d7c1fa02181a17f6768d425aa
7644af38eab82d36c7e546d9bdac3b27fb22641927eb9368bc5c33c777c6d676
7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e
7ec49f950f73857645ac52f39d50f35119d97fe614d39182b54bd097f07c045a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b52207f42e563d3a8bb56e7203515812c47ba7d8f31573300f06d323ad540f6
9006b26ff76ff43b84d6a866022dd5e40535b13db0109f1427d44b5e3bc6134b
908f720bdb60273e3783b2f9fac9087858eac0b47043e90d7259faace23b9462
938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d
9810f6dc4a15c8dca9fe20441d8b3b2e18e77b45f0718bffcc27c09bbe380434
9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a021d10b2574932f955cc9786c7d133b50750db0cc5d7713bb15e72105caaa70
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b05193e3a707a5d2451e50561c90f9ba0a907a16d635e057aafe10da9fcd1d54
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b90a40bb183f1f7036a6aad2fe03e57e5cf350a6c76779915cca7c1e37e1427f
ba8d1829492eca60f8cb152ec66a56c67a4ab2e1d334c08d881ca48174a3dc9b
baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1
bc7a9223874861c2b9fa970476f94a0013644fcc8c8b26a428549a2f2d050840
cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d3aafdab5c7897d38df78f1023597b85e3a2829bdb55fa87e219b5a51ebe70bc
d6645e2c0a595a3c171a6a0eb57bbdf2abab1e9f813676ac75b2916de4778c45
db9e3f8efc78f64f2d7834491ee1b0ac3fd404074a7a070a282ee7b593592396
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e1ba74945c36d1928d02079f476ac27d123ffa19c6fccfb2a3d14b35614b9218
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e652bca51f3d99e146d9b1d9b59b275412dc949d345c0a4566dbfb881f46a40b
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949
f646e93fa8d45e13ffb68a5fb2ac3db2239f2b59662e56612eaa86f88ab9dee4
fb18058302f67c3f2c45a9b273a9536bcd4e3589c07d041d68d999740f778790

www.plurk.com Open in urlscan Pro 2606:4700::6811:4603 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

112 Requests

98 %HTTPS

48 %IPv6

28 Domains

50 Subdomains

44 IPs

9 Countries

1095 kBTransfer

2983 kBSize

4 Cookies

1 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.plurk.com Open in urlscan Pro
2606:4700::6811:4603 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

98 %
HTTPS

48 %
IPv6

28
Domains

50
Subdomains

44
IPs

9
Countries

1095 kB
Transfer

2983 kB
Size

4
Cookies

112 HTTP transactions
2 data transactions