www.plurk.com Open in urlscan Pro
2606:4700::6811:4503  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

• https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
• https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
• https://ad2.apx.appier.net/v1/prebid/bid?acid=DkTjYdkiBAumXiAZ4gIKYg

Request Chain 65

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVECAa_2a8PEFSnMr_QRSI&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVECAa_2a8PEFSnMr_QRSI&google_cver=1&C=1

Request Chain 66

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgoC4TaNtzzy1ZmG7zBEWAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVECAa_2a8PEFSnMr_QRSI&google_cver=1

Request Chain 67

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEKnmnhlrdyJ_51ce-IlLBI0&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKnmnhlrdyJ_51ce-IlLBI0%26google_cver%3D1

Request Chain 68

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0MTU0NzE1NTY0ODY4NzI2OQ%3D%3D

Request Chain 75

• https://hal900020.redintelligence.net/request.php?zone=74omlawhsoy3&nw=20&renderingType=javascript&namespace=8fbbea82c2&subid=&uid=8d4ba1957a505ab7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmNlD4AIKYqy0Of-w7_UPrYKI8AGC35mQYdCCtt2tCvAuEAEg9JeCNWD9gpGE6BHIAQmpAsAI0yyNCrM-qAMBqgTaAU_QRC1OQXRYXb2r1IVMDIciIobV1lk34w_BBc8ZxemN_SxdOvLnuUGd_DHJxJT-tC8piD9G7LRPN0NECj6cXHB9EXpSlV-FsKnMbvXAtdWwEkqEbV5DBCZ8wxsyNj-lgoTZXt0Y4LbdaBMqKS-kJzki5agp_IjLfnM8mOOzS7Scmt3EU_8BOHowLKERGCq397TJmJTlAQEo_juJ9nrOlP5dqV6tVBTEVTQTJG0VygU-eBTaRcYTLQXei2-Kz4NAjL_OCJzS3XCizQVGPjb5SXyZf86g1YfsqwtEwATW6ZiNxwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5TH5A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokeIWmIF249z1vXF32Odh50nqlg%26sig%3DAOD64_1fvNrn9UBHjORae-GpuQVF644Rfw%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-DLmXy5ZCdUghtfQJgqF1QHkIKN3TSGZ7fbEo0bKp_NxWL1KPnymM4-17w34-Q7je3KCDjZ8b-NtkQZEJpv03lfzJISY3MUmEW1eedKKUjNNJENp2NqeVlDTHbCS9i6R81E0yEsrcXbdwc_hWVAT12l-iSTAA%26cry%3D1%26dbm_d%3DAKAmf-CbVGm6QEKG6ItAavtwyAz_6QtD1LPjYkfbC9PONvuAI7XQ6Y5DCWeFdh9WAj34YTe1DeUwZMlCR_qSamAqTdYrf8KjJ5esKrTsxKqiMasHnyqzMelkCvdSJH8DydcoZMye5oEbRGGFBEyY_KmO5z7_ubek8MOI1TM61PX_OFWrfW1nybrbHrbo25QEyIrZOAXtnQHn6Yc9TPQLG0Lk1qa5H1eghoj8wET1rMPzdjdpTbswQxoNpnWSInk1ylgUA1cjx-nRQIvf8Poq5kvw0UsEgeqQh_xzUyAgR_Nk_FqH-eyYZOxZIC1ZIi1XW9Bys9D01lPN4y8isfEPGsnHdEoH72dWaWhOdjFMQ4dg5WWtfQJsTCCbDLZ_SW1ZN0bIYvk6lH9gK4eVmTEiV6eONKIq2TrI0NrgXzZBUi59g3TKqPqFsfbKJCmAOY10ZnrzZ7tsUPoE%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=2889811465023&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900020.redintelligence.net/request.php?zone=74omlawhsoy3&nw=20&renderingType=javascript&namespace=8fbbea82c2&subid=&uid=8d4ba1957a505ab7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmNlD4AIKYqy0Of-w7_UPrYKI8AGC35mQYdCCtt2tCvAuEAEg9JeCNWD9gpGE6BHIAQmpAsAI0yyNCrM-qAMBqgTaAU_QRC1OQXRYXb2r1IVMDIciIobV1lk34w_BBc8ZxemN_SxdOvLnuUGd_DHJxJT-tC8piD9G7LRPN0NECj6cXHB9EXpSlV-FsKnMbvXAtdWwEkqEbV5DBCZ8wxsyNj-lgoTZXt0Y4LbdaBMqKS-kJzki5agp_IjLfnM8mOOzS7Scmt3EU_8BOHowLKERGCq397TJmJTlAQEo_juJ9nrOlP5dqV6tVBTEVTQTJG0VygU-eBTaRcYTLQXei2-Kz4NAjL_OCJzS3XCizQVGPjb5SXyZf86g1YfsqwtEwATW6ZiNxwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5TH5A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokeIWmIF249z1vXF32Odh50nqlg%26sig%3DAOD64_1fvNrn9UBHjORae-GpuQVF644Rfw%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-DLmXy5ZCdUghtfQJgqF1QHkIKN3TSGZ7fbEo0bKp_NxWL1KPnymM4-17w34-Q7je3KCDjZ8b-NtkQZEJpv03lfzJISY3MUmEW1eedKKUjNNJENp2NqeVlDTHbCS9i6R81E0yEsrcXbdwc_hWVAT12l-iSTAA%26cry%3D1%26dbm_d%3DAKAmf-CbVGm6QEKG6ItAavtwyAz_6QtD1LPjYkfbC9PONvuAI7XQ6Y5DCWeFdh9WAj34YTe1DeUwZMlCR_qSamAqTdYrf8KjJ5esKrTsxKqiMasHnyqzMelkCvdSJH8DydcoZMye5oEbRGGFBEyY_KmO5z7_ubek8MOI1TM61PX_OFWrfW1nybrbHrbo25QEyIrZOAXtnQHn6Yc9TPQLG0Lk1qa5H1eghoj8wET1rMPzdjdpTbswQxoNpnWSInk1ylgUA1cjx-nRQIvf8Poq5kvw0UsEgeqQh_xzUyAgR_Nk_FqH-eyYZOxZIC1ZIi1XW9Bys9D01lPN4y8isfEPGsnHdEoH72dWaWhOdjFMQ4dg5WWtfQJsTCCbDLZ_SW1ZN0bIYvk6lH9gK4eVmTEiV6eONKIq2TrI0NrgXzZBUi59g3TKqPqFsfbKJCmAOY10ZnrzZ7tsUPoE%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=2889811465023&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 88

• https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=www.plurk.com&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=K0PTtnx5UmVNc29XOEQ5OWY5OU5VeXFQTWlCb3RUYmdWNk9qMklDWFU2aG9OZ1NqYm9rN0wzZ1dQdFJvcnd3R1dlTzVSOGNvWU5JSXNFb1V2WTVHSGhCMmRjMnFpc25DMWxVMC9Zb25ieHJvbTQrQ2lBNnpCb0Y1V1FPeGpvaWEzdTJxd0FQQTJGL0VnclpjMEdwK0NwcVdXanRCTGIwanBNVTZ4WUh3czF0R2tTbkRSRnFSUTNUeTlXZzVWc2wxZFdzSTRtVE0yenRMSmkxdnFGd0N0SlVucy8rTVZrL2djTXkwclZqajdmODNLajhYQUNjaWtHNU1JcjJqaC9UZHpwaFRqeExnSnZTT1ZBY3lDZmNvVUprL2F2QT09fA&cppv=2

Request Chain 103

• https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=2&topUrl=www.plurk.com&bundle=oNgmVV9NczNaM2hSY1RZeWlEcEclMkJHJTJGZ2E5dGhOSDNqd3dKVyUyRmh5YVkyNllxQnF3WmlORUVvcWQzOG5pd1VLdnVYNUhiOXdFdTBzaGc0JTJCa2pQbTR5TFhwVmVvZkU2MThqYW4yRzZwJTJGUTFLYmRBUExYTSUyQklIQmJITldRTjN6eXZ6cyUyQjN3UHVPTWpXMWlFUkVzTTBlU1dIeEt0dyUzRCUzRA&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=oGembXxlcFI3RGFURFVDNzdKSG54U1hobnJSU2IxUzEzRHFwUG02Z25NcW5rY2xiazcyVWRVUWEySnVHY2QrWlY5MFliY1F5QkYyS2wxaHlOempIOENzUURKYkVDdHcrYUFnaWZxZTB2MkJuU3Nkd3p4bXJ2QTRJU1ExeGZadC93ejh1b3p0UHFjRGNzQjllbFNpZ3ltakJZRkF0S3UwNEgwUlhZRk8vcGFmY0dKNyt6OVZqbnN5QVlXZTdwUUM0UnRIQ09IeVg0SzFhTGp3ejhNcTViakZoY3ZNVi8yalgwdVhUNVd3RG5WUGx5Y1VsZ2U0TlVpY3liWDJDZmhXZk5uaXFYSTBPZG1SZFJGQTh5TG9GNml5WW5TVWxIb096OHdWdVVCTG9BOG9PYTVkMD18&cppv=2

Request Chain 107

• https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1BBMjAyMjAyMTQxNTIxMDY0MTg4OTc%3d&layout=js HTTP 302
• https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEAqemsJHefR7o5jsYNJwgec&google_cver=1&google_ula=3918219,0

Request Chain 108

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
• https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 110

• https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CPA20220214152106418897 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/ucfunnel/41bccf51-84bb-45c5-9728-e8bc23aea49c?gdpr=0&euconsent= HTTP 302
• https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-epY.IWtE2oXvIaZL_oCoCKtQ0skfpUWO7DrajYk-~A&redirect=

Request Chain 113

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=GiEmM3wyc01nU1dtK3hvVmN5dlRyUVQ5SnBiR2V6L05KMTQrV1g1TWl3Z3VyUkJTQXpNaDJrSjF5TkxjSTQrck1vSXNWR0ZNTjQxbkhGNzRCRDhNRkk5V3BLUGJMVGZpVUhvUnp3R0h1ZDl0YTlVV0JXR092aU9nb1RBWEFKMVQ3UGVWZEhObjRCcnZSNDZYK2Q1VHNnMEdueWcycnNXZGVjNWtuTlZTVTdrdStCQ2dlTklHNmlEMmd1b0lkLzNZVFVKTTUzeWFpd0hBaWxOc0xKeXI1QkM2aWhWa3dPSWhaTmpGRGVmdXAwTVlFRU5TaTBaZjgyU1VrK0swSThhODRraEJVS1BId25NNEI1YUF2RzdWVTUzWWFGQklYTGw4MzdmOXZjbER3K1hjbk1ZRT18&cppv=2

Request Chain 114

• https://sync.aralego.com/idSync HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/ucfunnel/41bccf51-84bb-45c5-9728-e8bc23aea49c?gdpr=0&euconsent= HTTP 302
• https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-epY.IWtE2oXvIaZL_oCoCKtQ0skfpUWO7DrajYk-~A&redirect=

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request o3cx30 Show response www.plurk.com/p/	15 KB 6 KB	560ms 520ms	Document text/html	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0cb76d1a2efa9e1d49ad533054d9645abe28f8da28c4be8a1100e4dd646a477e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-type text/html; charset=utf-8 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6dd489968ebe0f6e-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	edf4b21dcdf3501e2f3f.js Show response s.plurk.com/	66 KB 24 KB	52ms 51ms	Script application/javascript	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.plurk.com/edf4b21dcdf3501e2f3f.js Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7717e8aac788320fba2bd09a938d2c50163d91a621848f5ff666a2994d324aa Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br cf-cache-status HIT age 1653438 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id BTHTR03G3JYFHRSM x-amz-id-2 /tst0vEoAGuppssfnOoFMHkNmHI9C+se3bWzfGTc/RnQs8XwTzZ6jxnyv3VbnjsBJ/0psbyPYfM= last-modified Wed, 26 Jan 2022 02:31:22 GMT server cloudflare etag W/"7af8f806f3aa60fcfd9f6ca09dc2c0c3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=155520000 cf-ray 6dd4899a2bbf0f6e-MXP expires Tue, 19 Jan 2027 07:21:04 GMT
GET H2	200	379d0a88f64f078d2de4.js Show response s.plurk.com/	149 KB 50 KB	53ms 52ms	Script application/javascript	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.plurk.com/379d0a88f64f078d2de4.js Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7f8dcf6328e94e8304b4330252551b90af1cb90e0cc7cac822c29038b9edee8 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br cf-cache-status HIT age 506659 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 171ECV3KAQWSC714 x-amz-id-2 ZqcpbrOkLwSL1srdzYqLiiRwy6Y+zKRopbe2+cMpyzwD+6mFwJQKkxBa4Gxs43O7wNvCUpgGNDE= last-modified Tue, 08 Feb 2022 08:49:14 GMT server cloudflare etag W/"09556202c5562eb00250fc5b30d7fa3d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=155520000 cf-ray 6dd4899a2bbc0f6e-MXP expires Tue, 19 Jan 2027 07:21:04 GMT
GET H2	200	52a6dcb136aec73cccc4.js Show response s.plurk.com/	2 KB 1 KB	34ms 33ms	Script application/javascript	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.plurk.com/52a6dcb136aec73cccc4.js Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 515f03b83012cf44fe7f8a9ca4a79961a29859c4be9c4e7df24181177008df7d Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br cf-cache-status HIT age 85712 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 5R8BHM36E6EJZ16H x-amz-id-2 TSRFAGGFr8VdzOnnP9quQ7o97ZlsezX/QCvcBNgUPHXAtGn1s60hx9K/HmdoWbUJW2W62cDxReA= last-modified Thu, 10 Feb 2022 13:49:27 GMT server cloudflare etag W/"218d26f2821c8f9e0178e31d7d455c36" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=155520000 cf-ray 6dd4899a2bba0f6e-MXP expires Tue, 19 Jan 2027 07:21:04 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/	85 KB 27 KB	86ms 34ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://www.plurk.com/ Origin https://www.plurk.com Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1578732 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27433 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1538f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXxbI0ONKyUHM6bXLb7TBeTbwzBTWWeNaPVO1a1xrxxayAi0nhe%2FEhTwGZDFTVucKh24wjacTS4umM5%2FMWYKJkaxIwKeXa6g1xFeYQLjbJy0R6lo10jTqxowWSwxz2AQ4TyIV3QSMxGN03uvlQEKhB%2FE"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6dd4899a7d66f93b-MXP expires Sat, 04 Feb 2023 07:21:04 GMT
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/	21 KB 5 KB	77ms 26ms	Stylesheet text/css	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://www.plurk.com/ Origin https://www.plurk.com Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1579401 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4037 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-55e3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FxRrkwpGIyF4SqYlxpLVc5r4QCOTgpR9kvQWZjaT7573Mr2D0VWJ5gVPGSYT%2BUHxWKK2btNHDXd1qT%2FmTKpKK1TKZjaEPLD1AqQwSStlmAuNrMIHgqUr1cZ5g46kM5YzarSzeNbCLn%2BZagJEoy95omp"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6dd4899a7d64f93b-MXP expires Sat, 04 Feb 2023 07:21:04 GMT
GET H2	200	46d3bef67382eb7440b7.css s.plurk.com/	6 KB 1 KB	33ms 33ms	Stylesheet text/css	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.plurk.com/46d3bef67382eb7440b7.css Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47a20e81ebd7dbf6e6b87e350b031dfbaaa06b15e4137b6e2aa1dba7ae2b2b34 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br cf-cache-status HIT age 2095727 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id PYFX7AJCF71QYNV7 x-amz-id-2 H9caAVZf8yHeACWO3Spoi6vq5ifypoIzmw+zdcUzp+Cp4PjO4SDvlRFfHlyxiWqJ2JxZX7M9l2Y= last-modified Thu, 20 Jan 2022 15:47:39 GMT server cloudflare etag W/"5bce36e7cb61f44056ef622de385bb86" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=155520000 cf-ray 6dd4899a2bc40f6e-MXP expires Tue, 19 Jan 2027 07:21:04 GMT
GET H2	200	sweetalert.min.js Show response cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/	40 KB 11 KB	81ms 30ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://www.plurk.com/ Origin https://www.plurk.com Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2371589 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10494 timing-allow-origin * last-modified Mon, 04 May 2020 16:16:56 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ff8-9f68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiLq7VkSWo%2BSuSLzo04Y2Ns22zSV4RlVvTR78yglGVQ3JMs4Q8alKWWOyLBNpIq%2FaKbAUX0fB7RX4rGCH4c%2Fe2bZneGAQpM%2FBthkTXoDHBQDKKU%2FpYWto7cJBMTqP1e8gZFecIVazdt1BvykkVo%2BquK7"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6dd4899a7d69f93b-MXP expires Sat, 04 Feb 2023 07:21:04 GMT
GET H2	200	handlebars.min.js Show response cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/	43 KB 12 KB	82ms 31ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/handlebars.min.js Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://www.plurk.com/ Origin https://www.plurk.com Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 8845910 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 11830 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:26 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e72-ac34" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTSIRYrxOFmleFLNs2g%2FFZOrMzKRZNLzW6lMR%2Bd7KUUbPc6IY7kDrKXVKU%2BWXWLTxVSRnUxM4QN2b2P4R%2Bmu21SmbfTcSrykTfNn6ug5CwBBYwNWHZBGq%2BlLneygQUYqthl2mR%2FRLEVqjopm%2BmhJxqYx"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6dd4899a7d6bf93b-MXP expires Sat, 04 Feb 2023 07:21:04 GMT
GET H2	200	621a5cbd66c1ad116e38.js Show response s.plurk.com/	62 KB 26 KB	87ms 35ms	Script application/javascript	2606:4700::6811:4603 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.plurk.com/621a5cbd66c1ad116e38.js Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e51a7e6710418fa43758820b5791171303d7e460a69ba4b5b849119aff4e1054 Request headers Referer https://www.plurk.com/ Origin https://www.plurk.com Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 2239769 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 42DZJ08WFD05SWSK x-amz-id-2 uOokcopLNexFA0ijQ12bvTAqj0izTCH4u4du5nfgrUTGyOC5AUZ/3swQ0HnbWVxdDHSm7a5xU6g= last-modified Wed, 07 Jul 2021 09:09:37 GMT server cloudflare etag W/"acf7002c465032291acb81fe622bfa78" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=155520000 cf-ray 6dd4899a8f75839d-MXP expires Tue, 19 Jan 2027 07:21:04 GMT
GET H2	200	b3ea64fba9c9d21dec7e.js Show response s.plurk.com/	106 KB 28 KB	34ms 33ms	Script application/javascript	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.plurk.com/b3ea64fba9c9d21dec7e.js Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6fd9a6d94cfe2fb18fde93679990e94458d2b12240ec6338b82f1c29977899d9 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br cf-cache-status HIT age 1539312 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id D8MBV31XRVAKE941 x-amz-id-2 Vg1qTlCwkZbESP+1PS5/tKkWUAwREQOt0RndYRyKs5L4lQZ8zOlkljrenX8dFXDBaMdSNk3Qn5Y= last-modified Thu, 27 Jan 2022 11:41:58 GMT server cloudflare etag W/"6ea1d9bc4767a737d6ad32480a3e97f1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=155520000 cf-ray 6dd4899a2bc60f6e-MXP expires Tue, 19 Jan 2027 07:21:04 GMT
GET H2	200	b5eed6f5fd04fbb8dbeb.js Show response s.plurk.com/	62 KB 22 KB	36ms 35ms	Script application/javascript	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.plurk.com/b5eed6f5fd04fbb8dbeb.js Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3a1e25a485f3d73adad1e688492fe6cdd9894c70a5121be3aeec9e37daae308 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br cf-cache-status HIT age 1639022 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 26XBQEF367D6XF00 x-amz-id-2 r/i5XBNtkXCPWzfsHc76wZAaUp1BO0liJ7lUMQlBIgc0jXiWhbrzoJAUjpGGcrGWlk+5DmQiNRY= last-modified Wed, 26 Jan 2022 07:19:20 GMT server cloudflare etag W/"48a8b8e123ca08089dcf992fa8bdda20" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=155520000 cf-ray 6dd4899a2bc80f6e-MXP expires Tue, 19 Jan 2027 07:21:04 GMT
GET H2	200	13829b8fbbd7ed4a71cc.css s.plurk.com/	28 KB 5 KB	33ms 33ms	Stylesheet text/css	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.plurk.com/13829b8fbbd7ed4a71cc.css Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f51d5a26f08b3538d0c01d40e10d7a9063a9637c6bddcbf67717fde45b66dffb Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br cf-cache-status HIT age 1651919 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id HXVJYD0S1HF1J1B4 x-amz-id-2 dsbC7iXIudFBb4HZ1SzLKImSXwVOWELKgVO0DnZ4eAfJi7+sSahCuanRmaC6MA2+B7cvo0aurvw= last-modified Wed, 26 Jan 2022 02:31:11 GMT server cloudflare etag W/"bff1dfc3ff72256dcbec1feee0acd1d4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=155520000 cf-ray 6dd4899a2bc70f6e-MXP expires Tue, 19 Jan 2027 07:21:04 GMT
GET H2	200	8f3f296ef6d156fcd66e.css s.plurk.com/	39 KB 8 KB	51ms 50ms	Stylesheet text/css	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.plurk.com/8f3f296ef6d156fcd66e.css Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87898b32df33ed6ab96c2f20fd6a2d2c5a203d8068e854767f2ec8f3002d1cb4 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br cf-cache-status HIT age 1639022 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 26X3CYZM5SHJMDF1 x-amz-id-2 P9Gz085x803KzZu2aPqbQyLD4lFWu8mKUJuOpTUq+OnYsdvR/cuhAvm9dd/VlqWgiRBmri+pnJs= last-modified Wed, 26 Jan 2022 07:19:20 GMT server cloudflare etag W/"4eb291b0891dc1a4d054efe67ef7b42b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=155520000 cf-ray 6dd4899a2bcd0f6e-MXP expires Tue, 19 Jan 2027 07:21:04 GMT
GET H2	200	e655607377f7b17f2a05.js Show response s.plurk.com/	243 KB 72 KB	50ms 50ms	Script application/javascript	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.plurk.com/e655607377f7b17f2a05.js Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 98d35ec039b30908a74c085373d3bebbad98af6e9b33683d3d16abc1d2931caf Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br cf-cache-status HIT age 204586 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id VBCKMT2VPAMADW53 x-amz-id-2 8YXBSKdrI32dlmFAil+GngXKgB+WQWG2Fihu7FhZ/7Mz9rLVyxHwM4HmVE6jRkCk4za6ATguzD0= last-modified Thu, 10 Feb 2022 13:49:28 GMT server cloudflare etag W/"eff0464a4c378ad34eccfdfda4a0dc02" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=155520000 cf-ray 6dd4899a2bce0f6e-MXP expires Tue, 19 Jan 2027 07:21:04 GMT
GET H2	200	393e919f2ff94f64e743.css s.plurk.com/	63 KB 13 KB	32ms 32ms	Stylesheet text/css	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.plurk.com/393e919f2ff94f64e743.css Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c89a0488a06e7be22d16e2a1200e0a06aa20a46cd276a59f7dd4deabefefbdfc Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding br cf-cache-status HIT age 204586 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id VBCQ22T1ZS9BP4Y2 x-amz-id-2 LyiqwFcnSqa2i41RL//ykzDgG2dhIjSVV6zTxsKBZ0r/y0jnzCruVkAGtH3TeJ1d7ytrGI+RYZM= last-modified Thu, 10 Feb 2022 13:49:27 GMT server cloudflare etag W/"040dd30ced845c12212d016c3c39bdc8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=155520000 cf-ray 6dd4899a2bd00f6e-MXP expires Tue, 19 Jan 2027 07:21:04 GMT
GET H2	200	ad.js Show response img.scupio.com/js/	72 KB 22 KB	92ms 33ms	Script application/javascript	13.32.99.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/ad.js Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-7.fra60.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 1e7bdf52eadea30acf902248591382393f39789465b7849f501d488523552121 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:19:50 GMT content-encoding gzip last-modified Mon, 07 Feb 2022 07:24:18 GMT server nginx/1.12.1 age 74 etag W/"6200c922-11e2f" x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=900 x-amz-cf-pop FRA60-P3 x-amz-cf-id _5rtIxwpsq5TheIC49g9fy-ztsTXxqPSAtRTTaoO2lKc0InPIgzSwg== via 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront) expires Mon, 14 Feb 2022 07:34:50 GMT
GET H2	200	15038438-medium19342803.gif avatars.plurk.com/	803 B 1015 B	304ms 302ms	Image application/octet-stream	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://avatars.plurk.com/15038438-medium19342803.gif Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9deaff1a3a7ae376b1455c674ae3443bfe6b8b44186a2c5de90fc1f07c59903 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:05 GMT cf-cache-status MISS x-amz-request-id X1FQ5EERBJEJPG0N alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 803 x-amz-id-2 NZ6bbQqx7Gqa2/EizqtxD6duqBCJph5w8XBrwlVGyItrP/6PZJNLRNneOyb7esoIQvWR890fp4Y= last-modified Thu, 21 Mar 2019 07:30:10 GMT server cloudflare etag "65864da805a72588b4c78786a2453b2e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/octet-stream cache-control public, max-age=155520000 accept-ranges bytes cf-ray 6dd4899cef9f0f6e-MXP expires Tue, 19 Jan 2027 07:21:05 GMT
GET H2	200	lHEUyrA6W0UiUtudx3YRuddDTGs_mt.jpg imgs.plurk.com/Qyf/Ptm/	4 KB 5 KB	292ms 291ms	Image image/jpeg	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgs.plurk.com/Qyf/Ptm/lHEUyrA6W0UiUtudx3YRuddDTGs_mt.jpg Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6748843881748c7576b606c1f35a5b1893b43a4777de7a31dfd75b4bf30a0fd Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:05 GMT cf-cache-status MISS x-amz-meta-source https://i1.sndcdn.com/artworks-HGn8K0jFjOgXTomM-fvM4hA-t500x500.jpg x-amz-meta-hash PtmlHEUyrA6W0UiUtudx3YRuddDTGs alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id X1FZX1P7QMQR11BV x-amz-id-2 +lvB1FVt/eM7JWPAhPnnCxyHjm7nKQ5NbGRrrn78bcNP/v61n5W4KKrmEWX0qZjuho+vPUse3qc= accept-ranges bytes last-modified Sun, 15 Nov 2020 16:51:19 GMT server cloudflare etag "caeb358305f7e27391a7626c153b8ecf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=155520000 content-length 4315 cf-ray 6dd4899cefa00f6e-MXP expires Tue, 19 Jan 2027 07:21:05 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	80 KB 27 KB	111ms 39ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 09ac24eb62792210940ca320ba8ef84fb5671a17c9a183cd631465bf95dc7c73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27217 x-xss-protection 0 server sffe etag "1131 / 841 of 1000 / last-modified: 1644620926" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 14 Feb 2022 07:21:04 GMT
GET H2	200	v652eace1692a40cfa3763df669d7439c1639079717194 Show response static.cloudflareinsights.com/beacon.min.js/	14 KB 5 KB	100ms 63ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Request headers Referer https://www.plurk.com/ Origin https://www.plurk.com Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT content-encoding gzip last-modified Thu, 09 Dec 2021 19:55:17 GMT server cloudflare etag W/2021.12.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 6dd4899d2f92d618-MXP
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	87ms 28ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6370 date Mon, 14 Feb 2022 05:34:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 14 Feb 2022 07:34:54 GMT
GET H2	200	background.css assets.plurk.com/static/theme/v5/default2018-theme/	0 133 B	311ms 311ms	Stylesheet text/css	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.plurk.com/static/theme/v5/default2018-theme/background.css Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT cf-cache-status MISS x-amz-request-id X1FRM31GJSHE2EZ0 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-amz-id-2 Y+mkHWMJ5BZOxHN/TTovnAvtQ72jY8IQvDjzEyzZZqvRQj/QMLue7I6vrX0XRDG8NrXSnKRnrJM= last-modified Wed, 01 Aug 2018 09:38:50 GMT server cloudflare x-amz-meta-s3cmd-attrs uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980 etag "d41d8cd98f00b204e9800998ecf8427e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cf-ray 6dd4899b1cef0f6e-MXP expires Tue, 14 Feb 2023 07:21:04 GMT
GET H2	200	timeline.css assets.plurk.com/static/theme/v5/default2018-theme/	0 126 B	331ms 330ms	Stylesheet text/css	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.plurk.com/static/theme/v5/default2018-theme/timeline.css Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT cf-cache-status MISS x-amz-request-id X1FQ3H5XNBK47ZQQ alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-amz-id-2 4kYxuk+dSyN3+KJYl1vfLyCyTbB5zeYLQFrW1IX/SXt657LCXmOH4fRnJAruQpY1C37XF/cmWFM= last-modified Wed, 01 Aug 2018 09:38:50 GMT server cloudflare x-amz-meta-s3cmd-attrs uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980 etag "d41d8cd98f00b204e9800998ecf8427e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cf-ray 6dd4899b1ced0f6e-MXP expires Tue, 14 Feb 2023 07:21:04 GMT
GET H2	200	dashboard.css assets.plurk.com/static/theme/v5/default2018-theme/	0 352 B	28ms 27ms	Stylesheet text/css	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.plurk.com/static/theme/v5/default2018-theme/dashboard.css Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT cf-cache-status HIT age 120140 cf-ray 6dd4899b1cf00f6e-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 x-amz-id-2 j/Kn8EDCR9o58wkggMPlzsxJrlI0+pwAJHGP9v7t0WgewvoGeUwHDUtmTYTnVmcfik46uyiyT60= last-modified Wed, 01 Aug 2018 09:38:50 GMT server cloudflare x-amz-meta-s3cmd-attrs uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980 etag "d41d8cd98f00b204e9800998ecf8427e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id ERM0C46K5A76WRMS cache-control public, max-age=31536000 accept-ranges bytes content-type text/css expires Tue, 14 Feb 2023 07:21:04 GMT
GET H2	200	pubads_impl_2022021001.js Show response securepubads.g.doubleclick.net/gpt/	358 KB 120 KB	98ms 28ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software sffe / Resource Hash 7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.plurk.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Sun, 13 Feb 2022 17:57:03 GMT content-encoding gzip x-content-type-options nosniff age 48241 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 122668 x-xss-protection 0 last-modified Thu, 10 Feb 2022 09:35:14 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 13 Feb 2023 17:57:03 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	211 B 764 B	105ms 44ms	XHR application/json	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.plurk.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 97318aaebf98fc7d3aff5cf6b991b5b50188774341ad580272879510ee86c93e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Mon, 14 Feb 2022 07:21:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 128 x-xss-protection 0 expires Mon, 14 Feb 2022 07:21:04 GMT
GET H2	200	e67b183966200f68093e.woff2 s.plurk.com/plurkiconfont/fonts/	17 KB 17 KB	34ms 34ms	Font font/woff2	2606:4700::6811:4603 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.plurk.com/plurkiconfont/fonts/e67b183966200f68093e.woff2 Requested by Host: s.plurk.com URL: https://s.plurk.com/46d3bef67382eb7440b7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 002885d15671018d6cbea9225dc9ece35a412108c16c533924d127bcc8e8bfdf Request headers Referer https://s.plurk.com/46d3bef67382eb7440b7.css Origin https://www.plurk.com Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 1469606 cf-ray 6dd4899d0d22839d-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17324 x-amz-id-2 lRyMCrYslLSe/ojfOnLO8AZk1Bav3PWti/+qsac4l7kZXmd0jzBXwsTVpY5ume/1LMyH9shOdOE= last-modified Thu, 02 Dec 2021 05:48:31 GMT server cloudflare etag "c3b7fb5936c54759a60414339661ee5a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET x-amz-request-id Q2VE45SS1CCZY1V0 access-control-allow-origin * cache-control public, max-age=155520000 accept-ranges bytes content-type font/woff2 expires Tue, 19 Jan 2027 07:21:04 GMT
GET H2	200	integrator.js Show response adservice.google.it/adsid/	107 B 792 B	96ms 34ms	Script application/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.it/adsid/integrator.js?domain=www.plurk.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Mon, 14 Feb 2022 07:21:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	98ms 35ms	Script application/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.plurk.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Mon, 14 Feb 2022 07:21:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	16 KB 8 KB	320ms 283ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=674425250516679&correlator=2695810047228280&output=ldjh&eid=31064848%2C31064540%2C44756895%2C44756897%2C44755510&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220214&iu_parts=75142684%2Cplurk_message_300x250_SB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&dt=1644823266592&lmt=1644823266&dlt=1644823266030&idt=481&frm=20&biw=1600&bih=1200&oid=2&adxs=1005&adys=102&adks=2862190043&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.plurk.com%2Fp%2Fo3cx30&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=604245546.1644823267&ga_sid=1644823267&ga_hid=1588134464&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 50894ffbb622ddfa9caab763cc853523f60583ac76a8c5a74d694b9e4c88d215 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:05 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8557 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.plurk.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6AD1	6 KB 4 KB	111ms 34ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Mon, 14 Feb 2022 07:21:04 GMT expires Tue, 14 Feb 2023 07:21:04 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	10987.json Show response img.scupio.com/js/config/	591 B 982 B	86ms 29ms	XHR application/json	13.32.99.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/config/10987.json?v=1.0.3839 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/ad.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-7.fra60.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 9dc9906207b6c022e3259e47d4009df32d68600459e9fb7fa038c9e97258a244 Request headers Accept application/json, text/javascript, */* Referer https://www.plurk.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Mon, 14 Feb 2022 07:20:37 GMT via 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront) last-modified Mon, 14 Feb 2022 02:20:04 GMT server nginx/1.12.1 age 27 etag "6209bc54-24f" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=10800 x-amz-cf-pop FRA60-P3 accept-ranges bytes content-length 591 x-amz-cf-id zv5teJBULmSMnWhmMBy7MP-B4pk2iz-_qptcAv7m_B8PD7FfJRnzvQ== expires Mon, 14 Feb 2022 10:20:37 GMT
POST		adreqlog.aspx bw.scupio.com/adpinline/	0 0
GET H2	200	mv.html Show response img.scupio.com/html/ Frame 121C	123 KB 37 KB	35ms 34ms	Document text/html	13.32.99.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/html/mv.html?v=1.0.133 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/ad.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-7.fra60.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 7f257fb2cc513f5d99918f0aeca1b94d82f5c763d0307d510d332df67f0cb88d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ Response headers content-type text/html; charset=utf-8 server nginx/1.12.1 last-modified Wed, 12 Jan 2022 05:56:43 GMT access-control-allow-origin * content-encoding gzip date Mon, 14 Feb 2022 07:01:44 GMT expires Wed, 16 Mar 2022 06:53:40 GMT cache-control max-age=2592000 etag W/"61de6d9b-1ebb1" x-cache Hit from cloudfront via 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 x-amz-cf-id L8qgxErbQOXQSUkOdmmMVUNSz0c5d14Aa2NAIkN0IHttRmzovINXsg== age 1643
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	66ms 33ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1588134464&t=pageview&_s=1&dl=https%3A%2F%2Fwww.plurk.com%2Fp%2Fo3cx30&ul=en-us&de=UTF-8&dt=frenchwillaume%20-%20How%20To%20Fold%20Underwear%20-%20Plurk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1147842986&gjid=558559173&cid=604245546.1644823267&tid=UA-53436-7&_gid=196434079.1644823267&_r=1&_slc=1&z=681515249 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.plurk.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 14 Feb 2022 07:21:04 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.plurk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	0cd0435740e740eece09.gif s.plurk.com/	31 KB 31 KB	68ms 32ms	Image image/gif	2606:4700::6811:4603 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.plurk.com/0cd0435740e740eece09.gif Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e7d43630a261b51e2a419b892c4fa8aed22dcbc1cfc7e5f8a575771d5fbe67c Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:04 GMT cf-cache-status HIT age 1463593 cf-polished origSize=35115 cf-ray 6dd4899e1e4283af-MXP last-modified Thu, 02 Dec 2021 05:48:31 GMT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 31308 x-amz-id-2 JHOY6bpNvccMe4vN/f25QJ/9KuaOXwl+RdL2b6c+9oRwK8S427EQ1xatZgfxHGFNcuADzsC7n1Q= cf-bgj imgq:100,h2pri server cloudflare etag "d236fd746e000431a8e2c6bc787ee7c5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id Q2VBRFXZVQ15CNGW cache-control public, max-age=155520000 accept-ranges bytes content-type image/gif expires Tue, 19 Jan 2027 07:21:04 GMT
POST H3	200	get Show response www.plurk.com/Responses/	6 KB 2 KB	475ms 436ms	XHR application/json	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.plurk.com/Responses/get Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35c75f93a09cbadb96127290bc1c8b1776806d18ec1e4f82c3f1fe95d1e54cdc Request headers Accept */* Referer https://www.plurk.com/p/o3cx30 X-Requested-With XMLHttpRequest Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Mon, 14 Feb 2022 07:21:05 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/json cf-ray 6dd4899e4abb59f5-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	prebid.js Show response img.scupio.com/js/ Frame 121C	259 KB 92 KB	33ms 33ms	Script application/javascript	13.32.99.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/prebid.js?v=5.20.0 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/mv.html?v=1.0.133 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-7.fra60.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 203952d95f704a3d83b4f4d2b637c3ec6eed453918da831b11433d6854770063 Request headers Accept-Language it-IT,it;q=0.9 Referer https://img.scupio.com/html/mv.html?v=1.0.133 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:19:22 GMT content-encoding gzip last-modified Mon, 01 Nov 2021 04:07:12 GMT server nginx/1.12.1 age 109 etag W/"617f67f0-40b0e" x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=2592000 x-amz-cf-pop FRA60-P3 x-amz-cf-id t5mFfkCgJUSHNU6APCuE5wsEa3OZgtUmkKnwv-wqLK37Zyr56hIAwg== via 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront) expires Wed, 16 Mar 2022 07:19:16 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 441 B	128ms 44ms	XHR text/plain	2a00:1450:400c:c0c::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53436-7&cid=604245546.1644823267&jid=1147842986&gjid=558559173&_gid=196434079.1644823267&_u=IAhAAEAAAAAAAC~&z=1634341896 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.plurk.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 14 Feb 2022 07:21:05 GMT content-type text/plain access-control-allow-origin https://www.plurk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	currency.json Show response img.scupio.com/js/config/ Frame 121C	108 B 498 B	29ms 28ms	XHR application/json	13.32.99.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/config/currency.json Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-7.fra60.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 2c12f54b595f47ff364a57a32704fa287b13704472cb04b87686a83ffe22122c Request headers Referer https://img.scupio.com/html/mv.html?v=1.0.133 Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 14 Feb 2022 07:20:52 GMT via 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront) last-modified Sun, 13 Feb 2022 19:15:06 GMT server nginx/1.12.1 age 13 etag "620958ba-6c" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=10800 x-amz-cf-pop FRA60-P3 accept-ranges bytes content-length 108 x-amz-cf-id i7lQNNt578MyCjvQJHA2sIX1AKypZq9FUW01AP8pwNtXmIlv-5glIw== expires Mon, 14 Feb 2022 10:20:52 GMT
POST H2	204	bids Show response prebid-asia.creativecdn.com/bidder/prebid/ Frame 121C	0 176 B	789ms 265ms	XHR text/plain	103.132.192.30 RTBHOUSE-AS-AP RT...
General Check archive.org Show headers Download Go to Full URL https://prebid-asia.creativecdn.com/bidder/prebid/bids Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG), Reverse DNS ip-103-132-192-30.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://img.scupio.com date Mon, 14 Feb 2022 07:21:05 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
POST H2	204	prebid.aspx Show response prebid.scupio.com/recweb/ Frame 121C	0 163 B	959ms 323ms	XHR text/html	210.59.219.181 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7977203727133297 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.59.219.181 Zhonghe, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 14 Feb 2022 07:21:05 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type text/html access-control-allow-origin https://img.scupio.com cache-control private access-control-allow-credentials true
POST H2	204	cdb Show response bidder.criteo.com/ Frame 121C	0 215 B	107ms 34ms	XHR text/plain	178.250.2.131 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0-pre&cb=95719978098 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.am5.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://img.scupio.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 14 Feb 2022 07:21:04 GMT server Finatra vary Origin access-control-allow-origin https://img.scupio.com access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
GET H/1.1	204 No Content	header Show response hb.aralego.com/ Frame 121C	0 323 B	993ms 650ms	XHR text/plain	199.115.117.82 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7844B6A6EAE2406AB34AB2A734EE&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&eids=&pubcid=f63cc908-f6b5-450f-aeba-ff9fda5d6412&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=41bccf51-84bb-45c5-9728-e8bc23aea49c&w=970&h=250 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 199.115.117.82 , United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://img.scupio.com Date Mon, 14 Feb 2022 07:21:06 GMT Access-Control-Allow-Credentials true Connection close
POST H2	200	bid Show response ad2.apx.appier.net/v1/prebid/ Frame 121C Redirect Chain https://ad2.apx.appier.net/v1/prebid/bid https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid https://ad2.apx.appier.net/v1/prebid/bid?acid=DkTjYdkiBAumXiAZ4gIKYg	2 B 168 B	291ms 288ms	XHR application/json	34.96.119.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad2.apx.appier.net/v1/prebid/bid?acid=DkTjYdkiBAumXiAZ4gIKYg Protocol H2 Server 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.119.96.34.bc.googleusercontent.com Software nginx/1.19.0 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Accept-Language it-IT,it;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:06 GMT via 1.1 google server nginx/1.19.0 content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-store access-control-allow-credentials true alt-svc clear content-length 2 Redirect headers date Mon, 14 Feb 2022 07:21:06 GMT server nginx access-control-allow-origin null p3p CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad2.apx.appier.net/v1/prebid/bid?acid=DkTjYdkiBAumXiAZ4gIKYg cache-control no-store access-control-allow-credentials true content-length 0
POST H/1.1	200 OK	videoad.aspx Show response bw.scupio.com/adpinline/ Frame 121C	74 B 958 B	2458ms 1221ms	XHR text/xml	210.59.219.180 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://bw.scupio.com/adpinline/videoad.aspx?cb=0.17081225780960785 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/mv.html?v=1.0.133 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 210.59.219.180 Zhonghe, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d Request headers Accept application/json, text/javascript, */* Referer https://img.scupio.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Mon, 14 Feb 2022 07:21:06 GMT Content-Encoding gzip Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding P3P CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA " Access-Control-Allow-Origin https://img.scupio.com Cache-Control private Access-Control-Allow-Credentials true Content-Type text/xml; charset=utf-8 Content-Length 185
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	13 KB 10 KB	106ms 39ms	XHR application/json	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021001&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b01625d055fe719c55216815a21757be894e5925901607222ddde6f4b274f97e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Mon, 14 Feb 2022 07:21:05 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9817 x-xss-protection 0
POST H3	200	rum Show response www.plurk.com/cdn-cgi/	0 202 B	24ms 24ms	XHR text/plain	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.plurk.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.plurk.com/p/o3cx30 Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json Response headers date Mon, 14 Feb 2022 07:21:05 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://www.plurk.com access-control-max-age 86400 access-control-allow-credentials true cf-ray 6dd4899efc3859f5-MXP vary Origin
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	102ms 36ms	Image image/gif	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53436-7&cid=604245546.1644823267&jid=1147842986&_u=IAhAAEAAAAAAAC~&z=2098891641 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 14 Feb 2022 07:21:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.it/ads/	42 B 501 B	117ms 39ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53436-7&cid=604245546.1644823267&jid=1147842986&_u=IAhAAEAAAAAAAC~&z=2098891641 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 14 Feb 2022 07:21:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	container.html Show response 8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 42EA	6 KB 3 KB	64ms 27ms	Document text/html	2a00:1450:4001:803::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 x-content-type-options nosniff server sffe x-xss-protection 0 date Mon, 14 Feb 2022 07:21:04 GMT expires Tue, 14 Feb 2023 07:21:04 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT content-type text/html age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	112ms 35ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js?31064848 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 14 Feb 2022 07:21:05 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 3BE6	624 B 975 B	108ms 41ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6tnBNjAB&v=APEucNXbUSruZDge7q0_O_-WY38TJ1C76qs35dF0Y8HsNKXQsSJhs9J3GdgsTRTlCAH_-2ux-RPlo26znxKXq76DOcpRTBf8F2O5mKSaRO1t0k_9i6QOgRLHYMwOiZ0fNqnz7DBj2LS91YXbh8WCPMKvgAA8C2HOZ1W9ADnipQ7gADkSQ-y4ouc Requested by Host: 8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com URL: https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Mon, 14 Feb 2022 07:21:05 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Mon, 14 Feb 2022 07:21:05 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 42EA	25 KB 15 KB	133ms 70ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsRPsyFjlCYwZOam_fyiec-kDuA3kEPjmol3fhiJL3xgtcW2zYcdF7ut2m70O87OENXC-ft71cHwY0T-iJ5i5u_tL-q3bmYLIdZStPHPbHgoV8A7M1In1OQhgtZ4idMqzgUc8EhG3hofKqiU60fftgNWFy4Q&cry=1&dbm_d=AKAmf-AWtctDBXqboKibbmD-pJ4X-6wNrJCpPCHCOkV-Oiw1ydxn1hj2ZYBKMp7T_H7wZunVVYGrJdeJM6X6Nl8BdWyLHCpr8Xxa7wmplc4a2-fJrdzfLilXW9QkU1WxyqCAQz85tSuAUI7LP3bXnsReHj5tRDrgnyC0r1rd2MiRcfPYjpre23ONKhrIhMq6cSFQbjwO91zbtt9GcpV7hTpFBKX0ipm1OaRVJgB_5YwQlIpfA6y_kaqVSPVMryw7RWuDnhpP84OV8JLVEvgweK9P4Nmg8iJq7zPv5wB4rQtV2osmQey8BF7UiMnHhDi4Dq7oSp-duiC2eT_FV0fVj1dWIsNmpK-1yCn9cFMlHG_UH1tlTOFVi1AROPZFt9ac1t3RYVA3BMtBh_V2VJwYJpZhZ83Dol8d3dEKbrgRXMtMmCny38m4441-4E2mv6QrFQqY5d4RmoXGfd9_0m1lJEbm5fvRQPtHUv0tfrF9ZI8x0dqyCHVh_F98p8IhR_VPAb9RZE8wBBBNHsgTnNh_3kdu-JqLVc-bzyTHZ0bbSpMHypC0sG9RXzQvLq--rtYy7yGFXZTOHwUulxWF2SB4PTZkO3wywrzEQnyhnhoc7wbxP0yIMGLlLNPAcfkI_mYBRW5r-SDV1Jfv4W3thlGA-TT_4cRdB6LGiU6BURcwUX0S5KO9hGmfKX-8TJtf_x06LZmu42lB9DAHuXVdwH__zDYnp3ZIUWhjU6MkK4BDj87Sh2Sh5wq2gcHpz56lxKrWMHxRYyWNhp--WdRsxkF332eqj7ZEvEHlEf2_oRouH0AR9bUFru2gqav-P5dI-b-A_EG-7ukYFy6bxb1h4uvt6I9o4x5A4208B57G5nKaoL94j1_RBgX-rIXUpmKowwjkKhW2zjWE4Y4Dav2Tby8eZuZ-D_iSckiQ_0By836Qm0bn5RM3fS1zOf6Jp8pgXHZyn44yhhDGgJGnGsO0OqQcXQq3OdyihJ3z71oYyAUD59bTOVHX-NNJJYVgGo_w98crI3HN6miM8SNm6qDpEKLxzkaK3myRMNi_XT3tmW54Aw0N_3yKoGp4ktMzO4WxOGIsVbb_i3a0qeHvxWqic8Nvb68M3pSeCUI_NDHEycc_x6Tuj2UT0r91Mv_1CLBaQuJHZcc4uoZarN6ZUDkLg2-qPHQFhcU7BFUodvNiy-AP_a-Vg5Mhinax8LCgCiyMD11FH2CURQ5LdZb2Chg-7amlAZqXa1gJQoJJczS7NG2FHXTrGpllaj8vB7VkBnOQwmWRgixKxOn-TSIVv6xr_VIpXsUdUBIX6LX1oZwKh82o8Jw7rUzYbQedxbh2lJRS6uWXE7lgykYvxzB_dxUIGd7VrWB-SPmhUCwW7_6r3kjOZdvwEJhBNFgaIS-UwC7RawWBOW3cev3gLFXOcEELXdgeJWRT3l11FFafO5O6N2B8cxKCbXOtoHdOEGyfxbBzgMZi-7H98VBatSjZdSAANRc6YzjZh_IXMcykIv5yIiO2vm8f1iRy9q31jpW0EbCEzXrXeK5v5BNhJ0xjVz_fxcPA2IhINP6sprfFsfpuTW7dpfSmy1Vwy7fWBg4PAnFzzHIo1GeILkQrwT4drwroKVfW-JFhFiYgvy4siQzZvekKRo7tceP5RdjPdx77o3YuVbP8x1LILJuk0b4CQc-Uf8Gc1uoSVc2jauh6Wq12-fFa-VW6jRI_rtxQTjZOoQOCJ0EWOMnw_nw7MT9GsRX6TxRf6v39g9gslzEqQ1kDAcKshm43IeCM_Nk3IwyHjNUdbB9Kf44qMCNGNWgUR7lSpPa8fundpULXwo82j6A2SsfT5O59BpQY2FjYKczRDAmSs2CstJiMwn3s3R0Ow3fHBQLpW-vOdOEv9qH_K4QcWORuINx2HUECvA4xdYdtbmVizGdMKSUNj9IFi4saht8Obpg2-bWDqQgTLVEvbKzbNX6paXhvvlwMququOFFSrQaYa1J6_lhpAWkz8-zBjEYtDNND7m-TV0k7qTvgjQGT3-TlEnkNeAUpaIbLg2p7pbcF8kgNlBHc-HDHVHqd888Sy54N12EwOFUYSrcszPXLG8rhlPHb6tM01hhv1STzGxtPOkrhrGMekotQzwhCQJnMBAy66PC4fcQR1WHv-5hkNUBO9eRwjiYbk8DgSoe30wOc_Cux2q8NBNvnuySB18Y-WTbhKxbgNBpR3WZ3K8O_e5DA12ZSS6rwSyabQjCuk23fqbnhUWutaiT2V1pcBrolTe6fRIn6-JxaCVxiLOd3tOUBEMP1I_qC6zDjyM18qVAfktNzCcfJJ8v3QHAYUZLwBkXCU9S9AL3s5DjyS3v16yaDLcDsjcATfe5AYUodYVsKqp3FmVL-qGGLknC7VPV-XQ1ptgZt-T3-M_0zqB4BGIADo4CpOF84s490lqMelwKMR9FQtzdY3dF9MqXk1ip3-49AO4DjE4GX7N5i9jy7n13oizauouFNbkhX6N-GSA8gMXjU4yDzCXDEc0Pe5so7i3LDcxrjCYd1uOGUBLdw1hxwOodkkQ4Pe7VkM-ptdfuBg1CcSICETQ3HcnnSxTubdshsh5FkS-ZfGhJ8lzJfDPPZl6_VmdVhlARrVgLOwzKOXmLZWKmBojKMee1taiaRsFVi5auFhvk2XmofSD5EtY9tZDNwDOi39z9M27kZKEbsBVJYskfqyy9CRgcMH7yU6ra9fbigL28M09IWcnDEAEutkMN2mg7gce93CrqcPtFIhspVNcB4sftm3xda5sdfmFTYFoGUU-LfZsTAajgXrlVr-2BCw8fqDhdlDFE6dA7AnP9-P6jKTS2KTvadishxBq_Wsyd-WLw-OCJfECJQ02r-t9_596dFJl8oPHarevqkoymUUsH-TeQqy3IboZrPFmU82O9fTlN_J86g1NAckRmMIwDiaQC-Fu9V1s9WOCpx7hFMyaYKlKK27yJTyyhNNu9-frlWsO-TzlieZc1iERN5EqpnRhuLpdngvVwQp5maeklYnyePfihHX0cwxtS_undAld9G7JuFk1XZdj8CsyiPzsMckhf2qHIKa30&cid=CAASFeRokeIWmIF249z1vXF32Odh50nqlg&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240 Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 642e8464a33f22b78b7015e8191e16b07d70b49696db72a55628912dfe41ff58 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 14 Feb 2022 07:21:05 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 42EA	42 B 63 B	94ms 58ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DaepWb9ukx_lVCC1FWCNmRXRPxYh0Z6y0YBsTCerhlkxzNWsvcELSsbcLOd4klAx05Sd5Z4_tjernR1g_IyNSzfw9pRYki4RXfOcf_dHrdGptNKz0 Requested by Host: 8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com URL: https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 14 Feb 2022 07:21:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 42EA	2 KB 1 KB	28ms 24ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js Requested by Host: 8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com URL: https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:07:08 GMT content-encoding gzip x-content-type-options nosniff age 837 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1205 x-xss-protection 0 server cafe etag 18074202747124231361 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 28 Feb 2022 07:07:08 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 42EA	124 KB 38 KB	80ms 44ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com URL: https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38562 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1644410386637351" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 14 Feb 2022 07:21:05 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 42EA	15 KB 6 KB	28ms 25ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com URL: https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:07:59 GMT content-encoding gzip x-content-type-options nosniff age 786 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6367 x-xss-protection 0 server cafe etag 17798303060702513824 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 28 Feb 2022 07:07:59 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 42EA	0 0	82ms 34ms	Image text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWqQna40AhQ66lMns1HmQ1QYiFQzPoNNESebjfUrNX-QGsr0qJctovl33zytkO831Pb0jjcgMJEZPUqP_XMdiVv6jODg Requested by Host: 8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com URL: https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame C1A2	13 KB 5 KB	63ms 26ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Mon, 14 Feb 2022 06:19:22 GMT expires Tue, 14 Feb 2023 06:19:22 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 3703 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 5854	783 B 535 B	54ms 35ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash bd4942fb03f926134682f772434398bb0c7dd88adae2930a1a1af1c005c976d3 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-nMUb8ncT6K+gXCgkz4No0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Mon, 14 Feb 2022 07:21:05 GMT date Mon, 14 Feb 2022 07:21:05 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-nMUb8ncT6K+gXCgkz4No0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	15038438-small19342803.gif avatars.plurk.com/	474 B 910 B	27ms 26ms	Image application/octet-stream	2606:4700::6811:4503 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://avatars.plurk.com/15038438-small19342803.gif Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 953089b715a8eb9478359fdb1f377e3be784283c3661c8de89e07093cd1b60c5 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:05 GMT cf-cache-status HIT age 120951 cf-ray 6dd489a118f859f5-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 474 x-amz-id-2 rpJ3CYMpK2zJXR3bc6AI65v4fnfBo4gTbA9EpnCcYHyU9uH6aRTw3OBrYZfMsvZ7swLTjTq/3f0= last-modified Thu, 21 Mar 2019 07:30:10 GMT server cloudflare etag "beeb1cb75abaaf5ff33cf89708d34771" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id EEZ3BYVTJ36GSMAJ cache-control public, max-age=155520000 accept-ranges bytes content-type application/octet-stream expires Tue, 19 Jan 2027 07:21:05 GMT
GET H3	200	s8NDBBQrCsAprJ27iRnNNX3mqUO_mt.jpg imgs.plurk.com/Qyf/yQG/	7 KB 8 KB	299ms 295ms	Image image/jpeg	2606:4700::6811:4603 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgs.plurk.com/Qyf/yQG/s8NDBBQrCsAprJ27iRnNNX3mqUO_mt.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01f6ccd3eb88c1e159cdcd72b0e0d2048c661022faec19eeaea676f30853790d Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:05 GMT cf-cache-status MISS x-amz-meta-source https://angiespanties.com/wp-content/uploads/2020/05/how-to-fold-underwear.png x-amz-meta-hash yQGs8NDBBQrCsAprJ27iRnNNX3mqUO alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id P244TP5TSYH3R1KB x-amz-id-2 IbV6r+yaAwjrCh3owtdpJdS5CGMoiHJPLnzYBEO0676StVPO5X2oWbKDGSgLA6rRB9q8mXq6d1c= accept-ranges bytes last-modified Sun, 15 Nov 2020 16:53:19 GMT server cloudflare etag "3a55220c7497db1333fa2eccab42cb41" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=155520000 content-length 7342 cf-ray 6dd489a11d8f83af-MXP expires Tue, 19 Jan 2027 07:21:05 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame 42EA	24 KB 9 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsRPsyFjlCYwZOam_fyiec-kDuA3kEPjmol3fhiJL3xgtcW2zYcdF7ut2m70O87OENXC-ft71cHwY0T-iJ5i5u_tL-q3bmYLIdZStPHPbHgoV8A7M1In1OQhgtZ4idMqzgUc8EhG3hofKqiU60fftgNWFy4Q&cry=1&dbm_d=AKAmf-AWtctDBXqboKibbmD-pJ4X-6wNrJCpPCHCOkV-Oiw1ydxn1hj2ZYBKMp7T_H7wZunVVYGrJdeJM6X6Nl8BdWyLHCpr8Xxa7wmplc4a2-fJrdzfLilXW9QkU1WxyqCAQz85tSuAUI7LP3bXnsReHj5tRDrgnyC0r1rd2MiRcfPYjpre23ONKhrIhMq6cSFQbjwO91zbtt9GcpV7hTpFBKX0ipm1OaRVJgB_5YwQlIpfA6y_kaqVSPVMryw7RWuDnhpP84OV8JLVEvgweK9P4Nmg8iJq7zPv5wB4rQtV2osmQey8BF7UiMnHhDi4Dq7oSp-duiC2eT_FV0fVj1dWIsNmpK-1yCn9cFMlHG_UH1tlTOFVi1AROPZFt9ac1t3RYVA3BMtBh_V2VJwYJpZhZ83Dol8d3dEKbrgRXMtMmCny38m4441-4E2mv6QrFQqY5d4RmoXGfd9_0m1lJEbm5fvRQPtHUv0tfrF9ZI8x0dqyCHVh_F98p8IhR_VPAb9RZE8wBBBNHsgTnNh_3kdu-JqLVc-bzyTHZ0bbSpMHypC0sG9RXzQvLq--rtYy7yGFXZTOHwUulxWF2SB4PTZkO3wywrzEQnyhnhoc7wbxP0yIMGLlLNPAcfkI_mYBRW5r-SDV1Jfv4W3thlGA-TT_4cRdB6LGiU6BURcwUX0S5KO9hGmfKX-8TJtf_x06LZmu42lB9DAHuXVdwH__zDYnp3ZIUWhjU6MkK4BDj87Sh2Sh5wq2gcHpz56lxKrWMHxRYyWNhp--WdRsxkF332eqj7ZEvEHlEf2_oRouH0AR9bUFru2gqav-P5dI-b-A_EG-7ukYFy6bxb1h4uvt6I9o4x5A4208B57G5nKaoL94j1_RBgX-rIXUpmKowwjkKhW2zjWE4Y4Dav2Tby8eZuZ-D_iSckiQ_0By836Qm0bn5RM3fS1zOf6Jp8pgXHZyn44yhhDGgJGnGsO0OqQcXQq3OdyihJ3z71oYyAUD59bTOVHX-NNJJYVgGo_w98crI3HN6miM8SNm6qDpEKLxzkaK3myRMNi_XT3tmW54Aw0N_3yKoGp4ktMzO4WxOGIsVbb_i3a0qeHvxWqic8Nvb68M3pSeCUI_NDHEycc_x6Tuj2UT0r91Mv_1CLBaQuJHZcc4uoZarN6ZUDkLg2-qPHQFhcU7BFUodvNiy-AP_a-Vg5Mhinax8LCgCiyMD11FH2CURQ5LdZb2Chg-7amlAZqXa1gJQoJJczS7NG2FHXTrGpllaj8vB7VkBnOQwmWRgixKxOn-TSIVv6xr_VIpXsUdUBIX6LX1oZwKh82o8Jw7rUzYbQedxbh2lJRS6uWXE7lgykYvxzB_dxUIGd7VrWB-SPmhUCwW7_6r3kjOZdvwEJhBNFgaIS-UwC7RawWBOW3cev3gLFXOcEELXdgeJWRT3l11FFafO5O6N2B8cxKCbXOtoHdOEGyfxbBzgMZi-7H98VBatSjZdSAANRc6YzjZh_IXMcykIv5yIiO2vm8f1iRy9q31jpW0EbCEzXrXeK5v5BNhJ0xjVz_fxcPA2IhINP6sprfFsfpuTW7dpfSmy1Vwy7fWBg4PAnFzzHIo1GeILkQrwT4drwroKVfW-JFhFiYgvy4siQzZvekKRo7tceP5RdjPdx77o3YuVbP8x1LILJuk0b4CQc-Uf8Gc1uoSVc2jauh6Wq12-fFa-VW6jRI_rtxQTjZOoQOCJ0EWOMnw_nw7MT9GsRX6TxRf6v39g9gslzEqQ1kDAcKshm43IeCM_Nk3IwyHjNUdbB9Kf44qMCNGNWgUR7lSpPa8fundpULXwo82j6A2SsfT5O59BpQY2FjYKczRDAmSs2CstJiMwn3s3R0Ow3fHBQLpW-vOdOEv9qH_K4QcWORuINx2HUECvA4xdYdtbmVizGdMKSUNj9IFi4saht8Obpg2-bWDqQgTLVEvbKzbNX6paXhvvlwMququOFFSrQaYa1J6_lhpAWkz8-zBjEYtDNND7m-TV0k7qTvgjQGT3-TlEnkNeAUpaIbLg2p7pbcF8kgNlBHc-HDHVHqd888Sy54N12EwOFUYSrcszPXLG8rhlPHb6tM01hhv1STzGxtPOkrhrGMekotQzwhCQJnMBAy66PC4fcQR1WHv-5hkNUBO9eRwjiYbk8DgSoe30wOc_Cux2q8NBNvnuySB18Y-WTbhKxbgNBpR3WZ3K8O_e5DA12ZSS6rwSyabQjCuk23fqbnhUWutaiT2V1pcBrolTe6fRIn6-JxaCVxiLOd3tOUBEMP1I_qC6zDjyM18qVAfktNzCcfJJ8v3QHAYUZLwBkXCU9S9AL3s5DjyS3v16yaDLcDsjcATfe5AYUodYVsKqp3FmVL-qGGLknC7VPV-XQ1ptgZt-T3-M_0zqB4BGIADo4CpOF84s490lqMelwKMR9FQtzdY3dF9MqXk1ip3-49AO4DjE4GX7N5i9jy7n13oizauouFNbkhX6N-GSA8gMXjU4yDzCXDEc0Pe5so7i3LDcxrjCYd1uOGUBLdw1hxwOodkkQ4Pe7VkM-ptdfuBg1CcSICETQ3HcnnSxTubdshsh5FkS-ZfGhJ8lzJfDPPZl6_VmdVhlARrVgLOwzKOXmLZWKmBojKMee1taiaRsFVi5auFhvk2XmofSD5EtY9tZDNwDOi39z9M27kZKEbsBVJYskfqyy9CRgcMH7yU6ra9fbigL28M09IWcnDEAEutkMN2mg7gce93CrqcPtFIhspVNcB4sftm3xda5sdfmFTYFoGUU-LfZsTAajgXrlVr-2BCw8fqDhdlDFE6dA7AnP9-P6jKTS2KTvadishxBq_Wsyd-WLw-OCJfECJQ02r-t9_596dFJl8oPHarevqkoymUUsH-TeQqy3IboZrPFmU82O9fTlN_J86g1NAckRmMIwDiaQC-Fu9V1s9WOCpx7hFMyaYKlKK27yJTyyhNNu9-frlWsO-TzlieZc1iERN5EqpnRhuLpdngvVwQp5maeklYnyePfihHX0cwxtS_undAld9G7JuFk1XZdj8CsyiPzsMckhf2qHIKa30&cid=CAASFeRokeIWmIF249z1vXF32Odh50nqlg&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 406dae81a8e95037a3bca53ca771f446df097cf86084d76de62fd308e2bf32a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:17:49 GMT content-encoding gzip x-content-type-options nosniff age 196 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9577 x-xss-protection 0 server cafe etag 11201793935764353180 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 28 Feb 2022 07:17:49 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 42EA	41 KB 15 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsRPsyFjlCYwZOam_fyiec-kDuA3kEPjmol3fhiJL3xgtcW2zYcdF7ut2m70O87OENXC-ft71cHwY0T-iJ5i5u_tL-q3bmYLIdZStPHPbHgoV8A7M1In1OQhgtZ4idMqzgUc8EhG3hofKqiU60fftgNWFy4Q&cry=1&dbm_d=AKAmf-AWtctDBXqboKibbmD-pJ4X-6wNrJCpPCHCOkV-Oiw1ydxn1hj2ZYBKMp7T_H7wZunVVYGrJdeJM6X6Nl8BdWyLHCpr8Xxa7wmplc4a2-fJrdzfLilXW9QkU1WxyqCAQz85tSuAUI7LP3bXnsReHj5tRDrgnyC0r1rd2MiRcfPYjpre23ONKhrIhMq6cSFQbjwO91zbtt9GcpV7hTpFBKX0ipm1OaRVJgB_5YwQlIpfA6y_kaqVSPVMryw7RWuDnhpP84OV8JLVEvgweK9P4Nmg8iJq7zPv5wB4rQtV2osmQey8BF7UiMnHhDi4Dq7oSp-duiC2eT_FV0fVj1dWIsNmpK-1yCn9cFMlHG_UH1tlTOFVi1AROPZFt9ac1t3RYVA3BMtBh_V2VJwYJpZhZ83Dol8d3dEKbrgRXMtMmCny38m4441-4E2mv6QrFQqY5d4RmoXGfd9_0m1lJEbm5fvRQPtHUv0tfrF9ZI8x0dqyCHVh_F98p8IhR_VPAb9RZE8wBBBNHsgTnNh_3kdu-JqLVc-bzyTHZ0bbSpMHypC0sG9RXzQvLq--rtYy7yGFXZTOHwUulxWF2SB4PTZkO3wywrzEQnyhnhoc7wbxP0yIMGLlLNPAcfkI_mYBRW5r-SDV1Jfv4W3thlGA-TT_4cRdB6LGiU6BURcwUX0S5KO9hGmfKX-8TJtf_x06LZmu42lB9DAHuXVdwH__zDYnp3ZIUWhjU6MkK4BDj87Sh2Sh5wq2gcHpz56lxKrWMHxRYyWNhp--WdRsxkF332eqj7ZEvEHlEf2_oRouH0AR9bUFru2gqav-P5dI-b-A_EG-7ukYFy6bxb1h4uvt6I9o4x5A4208B57G5nKaoL94j1_RBgX-rIXUpmKowwjkKhW2zjWE4Y4Dav2Tby8eZuZ-D_iSckiQ_0By836Qm0bn5RM3fS1zOf6Jp8pgXHZyn44yhhDGgJGnGsO0OqQcXQq3OdyihJ3z71oYyAUD59bTOVHX-NNJJYVgGo_w98crI3HN6miM8SNm6qDpEKLxzkaK3myRMNi_XT3tmW54Aw0N_3yKoGp4ktMzO4WxOGIsVbb_i3a0qeHvxWqic8Nvb68M3pSeCUI_NDHEycc_x6Tuj2UT0r91Mv_1CLBaQuJHZcc4uoZarN6ZUDkLg2-qPHQFhcU7BFUodvNiy-AP_a-Vg5Mhinax8LCgCiyMD11FH2CURQ5LdZb2Chg-7amlAZqXa1gJQoJJczS7NG2FHXTrGpllaj8vB7VkBnOQwmWRgixKxOn-TSIVv6xr_VIpXsUdUBIX6LX1oZwKh82o8Jw7rUzYbQedxbh2lJRS6uWXE7lgykYvxzB_dxUIGd7VrWB-SPmhUCwW7_6r3kjOZdvwEJhBNFgaIS-UwC7RawWBOW3cev3gLFXOcEELXdgeJWRT3l11FFafO5O6N2B8cxKCbXOtoHdOEGyfxbBzgMZi-7H98VBatSjZdSAANRc6YzjZh_IXMcykIv5yIiO2vm8f1iRy9q31jpW0EbCEzXrXeK5v5BNhJ0xjVz_fxcPA2IhINP6sprfFsfpuTW7dpfSmy1Vwy7fWBg4PAnFzzHIo1GeILkQrwT4drwroKVfW-JFhFiYgvy4siQzZvekKRo7tceP5RdjPdx77o3YuVbP8x1LILJuk0b4CQc-Uf8Gc1uoSVc2jauh6Wq12-fFa-VW6jRI_rtxQTjZOoQOCJ0EWOMnw_nw7MT9GsRX6TxRf6v39g9gslzEqQ1kDAcKshm43IeCM_Nk3IwyHjNUdbB9Kf44qMCNGNWgUR7lSpPa8fundpULXwo82j6A2SsfT5O59BpQY2FjYKczRDAmSs2CstJiMwn3s3R0Ow3fHBQLpW-vOdOEv9qH_K4QcWORuINx2HUECvA4xdYdtbmVizGdMKSUNj9IFi4saht8Obpg2-bWDqQgTLVEvbKzbNX6paXhvvlwMququOFFSrQaYa1J6_lhpAWkz8-zBjEYtDNND7m-TV0k7qTvgjQGT3-TlEnkNeAUpaIbLg2p7pbcF8kgNlBHc-HDHVHqd888Sy54N12EwOFUYSrcszPXLG8rhlPHb6tM01hhv1STzGxtPOkrhrGMekotQzwhCQJnMBAy66PC4fcQR1WHv-5hkNUBO9eRwjiYbk8DgSoe30wOc_Cux2q8NBNvnuySB18Y-WTbhKxbgNBpR3WZ3K8O_e5DA12ZSS6rwSyabQjCuk23fqbnhUWutaiT2V1pcBrolTe6fRIn6-JxaCVxiLOd3tOUBEMP1I_qC6zDjyM18qVAfktNzCcfJJ8v3QHAYUZLwBkXCU9S9AL3s5DjyS3v16yaDLcDsjcATfe5AYUodYVsKqp3FmVL-qGGLknC7VPV-XQ1ptgZt-T3-M_0zqB4BGIADo4CpOF84s490lqMelwKMR9FQtzdY3dF9MqXk1ip3-49AO4DjE4GX7N5i9jy7n13oizauouFNbkhX6N-GSA8gMXjU4yDzCXDEc0Pe5so7i3LDcxrjCYd1uOGUBLdw1hxwOodkkQ4Pe7VkM-ptdfuBg1CcSICETQ3HcnnSxTubdshsh5FkS-ZfGhJ8lzJfDPPZl6_VmdVhlARrVgLOwzKOXmLZWKmBojKMee1taiaRsFVi5auFhvk2XmofSD5EtY9tZDNwDOi39z9M27kZKEbsBVJYskfqyy9CRgcMH7yU6ra9fbigL28M09IWcnDEAEutkMN2mg7gce93CrqcPtFIhspVNcB4sftm3xda5sdfmFTYFoGUU-LfZsTAajgXrlVr-2BCw8fqDhdlDFE6dA7AnP9-P6jKTS2KTvadishxBq_Wsyd-WLw-OCJfECJQ02r-t9_596dFJl8oPHarevqkoymUUsH-TeQqy3IboZrPFmU82O9fTlN_J86g1NAckRmMIwDiaQC-Fu9V1s9WOCpx7hFMyaYKlKK27yJTyyhNNu9-frlWsO-TzlieZc1iERN5EqpnRhuLpdngvVwQp5maeklYnyePfihHX0cwxtS_undAld9G7JuFk1XZdj8CsyiPzsMckhf2qHIKa30&cid=CAASFeRokeIWmIF249z1vXF32Odh50nqlg&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 13 Feb 2022 16:15:50 GMT content-encoding gzip x-content-type-options nosniff age 54315 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 13 Feb 2023 16:15:50 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 3BE6 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVECAa_2a8PEFSnMr_QRSI&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVECAa_2a8PEFSnMr_QRSI&google_cver=1&C=1	43 B 1013 B	43ms 43ms	Image image/gif	92.122.254.129 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVECAa_2a8PEFSnMr_QRSI&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6tnBNjAB&v=APEucNXbUSruZDge7q0_O_-WY38TJ1C76qs35dF0Y8HsNKXQsSJhs9J3GdgsTRTlCAH_-2ux-RPlo26znxKXq76DOcpRTBf8F2O5mKSaRO1t0k_9i6QOgRLHYMwOiZ0fNqnz7DBj2LS91YXbh8WCPMKvgAA8C2HOZ1W9ADnipQ7gADkSQ-y4ouc Protocol HTTP/1.1 Server 92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-122-254-129.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language it-IT,it;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 14 Feb 2022 07:21:05 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 14 Feb 2022 07:21:05 GMT Redirect headers Pragma no-cache Date Mon, 14 Feb 2022 07:21:05 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVECAa_2a8PEFSnMr_QRSI&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Mon, 14 Feb 2022 07:21:05 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 3BE6 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgoC4TaNtzzy1ZmG7zBEWAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVECAa_2a8PEFSnMr_QRSI&google_cver=1	43 B 893 B	42ms 41ms	Image image/gif	92.122.254.129 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVECAa_2a8PEFSnMr_QRSI&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6tnBNjAB&v=APEucNXbUSruZDge7q0_O_-WY38TJ1C76qs35dF0Y8HsNKXQsSJhs9J3GdgsTRTlCAH_-2ux-RPlo26znxKXq76DOcpRTBf8F2O5mKSaRO1t0k_9i6QOgRLHYMwOiZ0fNqnz7DBj2LS91YXbh8WCPMKvgAA8C2HOZ1W9ADnipQ7gADkSQ-y4ouc Protocol HTTP/1.1 Server 92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-122-254-129.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language it-IT,it;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 14 Feb 2022 07:21:05 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 14 Feb 2022 07:21:05 GMT Redirect headers pragma no-cache date Mon, 14 Feb 2022 07:21:05 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVECAa_2a8PEFSnMr_QRSI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 3BE6 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEKnmnhlrdyJ_51ce-IlLBI0&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKnmnhlrdyJ_51ce-IlLBI0%26google_cver%3D1	43 B 1 KB	52ms 36ms	Image image/gif	185.33.220.240 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKnmnhlrdyJ_51ce-IlLBI0%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6tnBNjAB&v=APEucNXbUSruZDge7q0_O_-WY38TJ1C76qs35dF0Y8HsNKXQsSJhs9J3GdgsTRTlCAH_-2ux-RPlo26znxKXq76DOcpRTBf8F2O5mKSaRO1t0k_9i6QOgRLHYMwOiZ0fNqnz7DBj2LS91YXbh8WCPMKvgAA8C2HOZ1W9ADnipQ7gADkSQ-y4ouc Protocol HTTP/1.1 Server 185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 14 Feb 2022 07:21:05 GMT X-Proxy-Origin 192.145.127.219; 192.145.127.219; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 7dc0ff10-e032-4ec8-8a67-35574aeb3ef8 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Mon, 14 Feb 2022 07:21:05 GMT X-Proxy-Origin 192.145.127.219; 192.145.127.219; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 26e781fd-ce30-4787-8627-ca1c7457e6f2 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKnmnhlrdyJ_51ce-IlLBI0%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3BE6 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0MTU0NzE1NTY0ODY4NzI2OQ%3D%3D	170 B 188 B	96ms 67ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0MTU0NzE1NTY0ODY4NzI2OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY6tnBNjAB&v=APEucNXbUSruZDge7q0_O_-WY38TJ1C76qs35dF0Y8HsNKXQsSJhs9J3GdgsTRTlCAH_-2ux-RPlo26znxKXq76DOcpRTBf8F2O5mKSaRO1t0k_9i6QOgRLHYMwOiZ0fNqnz7DBj2LS91YXbh8WCPMKvgAA8C2HOZ1W9ADnipQ7gADkSQ-y4ouc Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 14 Feb 2022 07:21:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 14 Feb 2022 07:21:05 GMT X-Proxy-Origin 192.145.127.219; 192.145.127.219; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 2b855efa-d262-47a0-839b-1253f2e84a16 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0MTU0NzE1NTY0ODY4NzI2OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 5854	0 0	49ms 49ms	Image text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021001&jk=674425250516679&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	200	O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response pagead2.googlesyndication.com/bg/ Frame C1A2	35 KB 13 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 06:19:23 GMT content-encoding br x-content-type-options nosniff age 3702 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13545 x-xss-protection 0 last-modified Tue, 08 Feb 2022 16:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 14 Feb 2023 06:19:23 GMT
GET H/1.1	200 OK	74omlawhsoy3 Show response hal9000.redintelligence.net/zone/ Frame 42EA	11 KB 4 KB	97ms 30ms	Script text/html	138.201.84.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/74omlawhsoy3?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmNlD4AIKYqy0Of-w7_UPrYKI8AGC35mQYdCCtt2tCvAuEAEg9JeCNWD9gpGE6BHIAQmpAsAI0yyNCrM-qAMBqgTaAU_QRC1OQXRYXb2r1IVMDIciIobV1lk34w_BBc8ZxemN_SxdOvLnuUGd_DHJxJT-tC8piD9G7LRPN0NECj6cXHB9EXpSlV-FsKnMbvXAtdWwEkqEbV5DBCZ8wxsyNj-lgoTZXt0Y4LbdaBMqKS-kJzki5agp_IjLfnM8mOOzS7Scmt3EU_8BOHowLKERGCq397TJmJTlAQEo_juJ9nrOlP5dqV6tVBTEVTQTJG0VygU-eBTaRcYTLQXei2-Kz4NAjL_OCJzS3XCizQVGPjb5SXyZf86g1YfsqwtEwATW6ZiNxwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5TH5A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokeIWmIF249z1vXF32Odh50nqlg%26sig%3DAOD64_1fvNrn9UBHjORae-GpuQVF644Rfw%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-DLmXy5ZCdUghtfQJgqF1QHkIKN3TSGZ7fbEo0bKp_NxWL1KPnymM4-17w34-Q7je3KCDjZ8b-NtkQZEJpv03lfzJISY3MUmEW1eedKKUjNNJENp2NqeVlDTHbCS9i6R81E0yEsrcXbdwc_hWVAT12l-iSTAA%26cry%3D1%26dbm_d%3DAKAmf-CbVGm6QEKG6ItAavtwyAz_6QtD1LPjYkfbC9PONvuAI7XQ6Y5DCWeFdh9WAj34YTe1DeUwZMlCR_qSamAqTdYrf8KjJ5esKrTsxKqiMasHnyqzMelkCvdSJH8DydcoZMye5oEbRGGFBEyY_KmO5z7_ubek8MOI1TM61PX_OFWrfW1nybrbHrbo25QEyIrZOAXtnQHn6Yc9TPQLG0Lk1qa5H1eghoj8wET1rMPzdjdpTbswQxoNpnWSInk1ylgUA1cjx-nRQIvf8Poq5kvw0UsEgeqQh_xzUyAgR_Nk_FqH-eyYZOxZIC1ZIi1XW9Bys9D01lPN4y8isfEPGsnHdEoH72dWaWhOdjFMQ4dg5WWtfQJsTCCbDLZ_SW1ZN0bIYvk6lH9gK4eVmTEiV6eONKIq2TrI0NrgXzZBUi59g3TKqPqFsfbKJCmAOY10ZnrzZ7tsUPoE%26adurl%3D Requested by Host: 8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com URL: https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.244.84.201.138.clients.your-server.de Software Apache / Resource Hash 7870f694e05ba62a03c43fc98bbbf7480d029ef1f6c260cf69c06f1ec0b875e5 Request headers Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 14 Feb 2022 07:21:05 GMT Content-Encoding gzip Server Apache Connection close Content-Length 3888 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame A6EC	22 KB 8 KB	25ms 25ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 x-content-type-options nosniff server sffe x-xss-protection 0 date Sun, 13 Feb 2022 16:17:00 GMT expires Mon, 13 Feb 2023 16:17:00 GMT cache-control public, max-age=31536000 last-modified Tue, 03 Mar 2020 20:15:00 GMT content-type text/html age 54245 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Show response pagead2.googlesyndication.com/bg/ Frame A6EC	35 KB 13 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/O0zcrAsc3s2SKI8Tuz5umMJoYZUI79PNRri5GeZhfeg.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b4cdcac0b1cdecd92288f13bb3e6e98c268619508efd3cd46b8b919e6617de8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 06:19:23 GMT content-encoding br x-content-type-options nosniff age 3702 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13545 x-xss-protection 0 last-modified Tue, 08 Feb 2022 16:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 14 Feb 2023 06:19:23 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame C1A2	0 9 B	25ms 25ms	Image text/plain	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?PqnCpw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H/1.1	200 OK	request.php Show response hal900020.redintelligence.net/ Frame 42EA Redirect Chain https://hal900020.redintelligence.net/request.php?zone=74omlawhsoy3&nw=20&renderingType=javascript&namespace=8fbbea82c2&subid=&uid=8d4ba1957a505ab7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900020.redintelligence.net/request.php?zone=74omlawhsoy3&nw=20&renderingType=javascript&namespace=8fbbea82c2&subid=&uid=8d4ba1957a505ab7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	613 B 936 B	341ms 282ms	Script application/x-javascript	178.63.52.121 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900020.redintelligence.net/request.php?zone=74omlawhsoy3&nw=20&renderingType=javascript&namespace=8fbbea82c2&subid=&uid=8d4ba1957a505ab7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmNlD4AIKYqy0Of-w7_UPrYKI8AGC35mQYdCCtt2tCvAuEAEg9JeCNWD9gpGE6BHIAQmpAsAI0yyNCrM-qAMBqgTaAU_QRC1OQXRYXb2r1IVMDIciIobV1lk34w_BBc8ZxemN_SxdOvLnuUGd_DHJxJT-tC8piD9G7LRPN0NECj6cXHB9EXpSlV-FsKnMbvXAtdWwEkqEbV5DBCZ8wxsyNj-lgoTZXt0Y4LbdaBMqKS-kJzki5agp_IjLfnM8mOOzS7Scmt3EU_8BOHowLKERGCq397TJmJTlAQEo_juJ9nrOlP5dqV6tVBTEVTQTJG0VygU-eBTaRcYTLQXei2-Kz4NAjL_OCJzS3XCizQVGPjb5SXyZf86g1YfsqwtEwATW6ZiNxwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5TH5A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokeIWmIF249z1vXF32Odh50nqlg%26sig%3DAOD64_1fvNrn9UBHjORae-GpuQVF644Rfw%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-DLmXy5ZCdUghtfQJgqF1QHkIKN3TSGZ7fbEo0bKp_NxWL1KPnymM4-17w34-Q7je3KCDjZ8b-NtkQZEJpv03lfzJISY3MUmEW1eedKKUjNNJENp2NqeVlDTHbCS9i6R81E0yEsrcXbdwc_hWVAT12l-iSTAA%26cry%3D1%26dbm_d%3DAKAmf-CbVGm6QEKG6ItAavtwyAz_6QtD1LPjYkfbC9PONvuAI7XQ6Y5DCWeFdh9WAj34YTe1DeUwZMlCR_qSamAqTdYrf8KjJ5esKrTsxKqiMasHnyqzMelkCvdSJH8DydcoZMye5oEbRGGFBEyY_KmO5z7_ubek8MOI1TM61PX_OFWrfW1nybrbHrbo25QEyIrZOAXtnQHn6Yc9TPQLG0Lk1qa5H1eghoj8wET1rMPzdjdpTbswQxoNpnWSInk1ylgUA1cjx-nRQIvf8Poq5kvw0UsEgeqQh_xzUyAgR_Nk_FqH-eyYZOxZIC1ZIi1XW9Bys9D01lPN4y8isfEPGsnHdEoH72dWaWhOdjFMQ4dg5WWtfQJsTCCbDLZ_SW1ZN0bIYvk6lH9gK4eVmTEiV6eONKIq2TrI0NrgXzZBUi59g3TKqPqFsfbKJCmAOY10ZnrzZ7tsUPoE%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=2889811465023&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: 8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com URL: https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Server 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.121.52.63.178.clients.your-server.de Software Apache / Resource Hash f281d29031830a6f1289cf5b7b8bfb3b423d31d74c949dc986fd7d549920c9ba Request headers Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 14 Feb 2022 07:21:05 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 25155500034685400707896011870020 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 330 Expires Mon, 14 Feb 2022 07:21:05 +0100 Redirect headers Pragma no-cache Date Mon, 14 Feb 2022 07:21:05 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=74omlawhsoy3&nw=20&renderingType=javascript&namespace=8fbbea82c2&subid=&uid=8d4ba1957a505ab7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmNlD4AIKYqy0Of-w7_UPrYKI8AGC35mQYdCCtt2tCvAuEAEg9JeCNWD9gpGE6BHIAQmpAsAI0yyNCrM-qAMBqgTaAU_QRC1OQXRYXb2r1IVMDIciIobV1lk34w_BBc8ZxemN_SxdOvLnuUGd_DHJxJT-tC8piD9G7LRPN0NECj6cXHB9EXpSlV-FsKnMbvXAtdWwEkqEbV5DBCZ8wxsyNj-lgoTZXt0Y4LbdaBMqKS-kJzki5agp_IjLfnM8mOOzS7Scmt3EU_8BOHowLKERGCq397TJmJTlAQEo_juJ9nrOlP5dqV6tVBTEVTQTJG0VygU-eBTaRcYTLQXei2-Kz4NAjL_OCJzS3XCizQVGPjb5SXyZf86g1YfsqwtEwATW6ZiNxwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5TH5A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokeIWmIF249z1vXF32Odh50nqlg%26sig%3DAOD64_1fvNrn9UBHjORae-GpuQVF644Rfw%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-DLmXy5ZCdUghtfQJgqF1QHkIKN3TSGZ7fbEo0bKp_NxWL1KPnymM4-17w34-Q7je3KCDjZ8b-NtkQZEJpv03lfzJISY3MUmEW1eedKKUjNNJENp2NqeVlDTHbCS9i6R81E0yEsrcXbdwc_hWVAT12l-iSTAA%26cry%3D1%26dbm_d%3DAKAmf-CbVGm6QEKG6ItAavtwyAz_6QtD1LPjYkfbC9PONvuAI7XQ6Y5DCWeFdh9WAj34YTe1DeUwZMlCR_qSamAqTdYrf8KjJ5esKrTsxKqiMasHnyqzMelkCvdSJH8DydcoZMye5oEbRGGFBEyY_KmO5z7_ubek8MOI1TM61PX_OFWrfW1nybrbHrbo25QEyIrZOAXtnQHn6Yc9TPQLG0Lk1qa5H1eghoj8wET1rMPzdjdpTbswQxoNpnWSInk1ylgUA1cjx-nRQIvf8Poq5kvw0UsEgeqQh_xzUyAgR_Nk_FqH-eyYZOxZIC1ZIi1XW9Bys9D01lPN4y8isfEPGsnHdEoH72dWaWhOdjFMQ4dg5WWtfQJsTCCbDLZ_SW1ZN0bIYvk6lH9gK4eVmTEiV6eONKIq2TrI0NrgXzZBUi59g3TKqPqFsfbKJCmAOY10ZnrzZ7tsUPoE%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=2889811465023&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Mon, 14 Feb 2022 07:21:05 +0100
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	60ms 59ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021001&jk=674425250516679&bg=!lpWlldHNAAbAtJCDwLQ7ACkAdvg8Wrmuha0ZYh1a4RVs7OgHsjUL_g7nG3MdltrAw9mQuUYvEcaKXAIAAACEUgAAAAFoAQcKAHCWLeiSD68gX3p4m6aQXh4HL7OZe9do2B6Ah0OloUUF27Yq0hrPNGQ95IA-iOrlhsoi1JOCZzhAYjOtg0F6xkvQ_s4hpo7EW3slouhIQtUeN8bl7muwE3b6KrDQuMgllBmn4paSHQRkzrqEjapQQlPZmQJ9Slr1lGPlEbXR2on6QUTx_NSao7gCG6bcK9wzSvedjZCM3eD7ZLiqZKOfPGb-XOowwxRY0BABXHR1VwM2qNYonZ9k0gkV0xZdkIdXvaKh2YuNF1f1gpurs9CWwgShOvovvdnQgKWxL-yPFtJ1Nrs-2ddCMLTiP5ikZgc70roVXHdJFVmBThjiEOarbLTG9zzs1771MVJBxRyRugk85r3ut0KdkdA7wuVS31XM93f0Ipfoc3FCtU3aq8QF4xNIOf2Xiq7W_bBciyPy7S1lWvlXKnK7zaurQbSWm_hfu8LBclvZACk7ETOLlWYJ0aTLzdmD6j0dBJF80I5Bnn__NgB-kOgelTFPFyq0uW3qQWMqWwpkPjxDZkEQeoAwa5teZ_Vo0Lc7KhaaLaLhvgBVVRhse8wGSabRSiqCeSeWXkPfojWJXhhZ9_sODRMs7PnUKXiORz1aH_duA2RMq78f8T4zFsOwIIbv8-DkH3lBQwkM0jPHu8TLwx1puMFdL4ao_YiTNQXgj_bHy-feibI2dJvBDT3WGvKDBiKZgjspGKLypdVbifJlPhdfiPalKJyvMHwcOPK1H8MD7ZA5zhwtbKoPlF7V0HynvM4UppTqZ31G4HYXxTkRspZ_9xA3WgPUw3cvrjwvmKbjAu4LG7YW62T2mB6-1SsL3c0O84MnGhNSowANk_u6BMLoWqwBfFRgk_qMnzeqY6Koj_YESdDcAB-H7iqkGEbogqy-yvEBwrrrAG7vj3nbn-eg3-40o9hV6F5VMKPpXJh4se07MCUEfO2zV0230T0sLy7cqX5GunV_1lVY_X2oRRJYRL8ihPJexA77qHNJwImC0nLWq-olAA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 14 Feb 2022 07:21:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame A6EC	0 20 B	61ms 61ms	Image image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxpWy4QIKYpuzG8WC3gO7qKGoBwAAAAA4AeAEAg&bg=!cHOlczfNAAbAtJCDwLQ7ACkAdvg8Wn3CDpdoHes_Ww9f-A2fzMNSAN9tVZRSqQLE9VdJJzmpJeM80gIAAABoUgAAAAJoAQeZAtKM6ivKffXJWqyxim0I6wueQHi9DW9G3A-tetBcwHfFPKIxuFFFWhPI_zGGGBgYps-QLwRPvNLoEKN-Gqr-WDz6TETOeIIfNRKX10e5Od0LuEr0XYtq7JeGkEaj41I1weqE0xGAvPb_37ZFgePrhgsDvlhSX-SZ5Udxmuqs1baXuKpI3apJ-scwWiCQx0IA0lN5WDXaxvttQficDGeQYk7_S1YrUMsM1Mdi9rgHMq6CxlCrwH5dEratEv3Tc8IUV_fPOPru_5uJAhQihUo_wej68LxSSFRh109TpXY_1riGyPL8oNWq2p2TmeYoBGcj3-844SatJr6OnXvis8sC29pXCfoTWXLTf1ZqU7Pu_rU93IoSmy6u2uLyet6KK_5LUaxRNh37UAgGDDMle-6CWJ-ZzCWUEWNnpSFCq0MVTBwgqng9Jxqe08ewqTYm_JEdOZvjwm9kBeaCBY8Sxx5IzAMQeeRsD6_XASSFhW7LZldMXzkQy1Ym4LINMGb0gYhF2aQCm9Q8ocsCCXW07o0t5Z7Ruu15uyC2aiZVvzJ-3_mxe_h-aUgGmSJd33hfn40_PtunBPvB-kQzA2xBo8U5dJNQccaAbqmMIcz-f6cEx8N21nAX1iReKJS3AG384tpntBZClkeZer-r8dwMmrOCNT9qFfV74B9hKdL6NoBlaSyKvb-E240qQ0Rkm8OqalbWqNQaAOX9Z9QMaND5e-fAH4sNsywptTgvrQ906JE4AiFRXaqN8mmE9Iy01FZtjSi5mk7WHvEAPRHGy3DO0flDHhVLKX565niqtIfPT-7pWBAqmSdjY5c60_t5sHXmBMj1boo9F1iC0yPEJv3tCw51xkDGfSW_Od7wQO8THJb0fKpYlbZbeBSe1O_UghmBLMf5Fa6EPL40b0OFwlWvlAaH6EUUbZLNT-S3KYwyfCqV9oRzwHEVz2vbp0-ia7xB9ndZGXSaHw Requested by Host: 8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com URL: https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 14 Feb 2022 07:21:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	request_content.php Show response hal900020.redintelligence.net/ Frame 8925	7 KB 3 KB	90ms 31ms	Document text/html	178.63.52.121 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900020.redintelligence.net/request_content.php?s=25155500034685400707896011870020&a=95c3cdeb Requested by Host: hal900020.redintelligence.net URL: https://hal900020.redintelligence.net/request.php?zone=74omlawhsoy3&nw=20&renderingType=javascript&namespace=8fbbea82c2&subid=&uid=8d4ba1957a505ab7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCmNlD4AIKYqy0Of-w7_UPrYKI8AGC35mQYdCCtt2tCvAuEAEg9JeCNWD9gpGE6BHIAQmpAsAI0yyNCrM-qAMBqgTaAU_QRC1OQXRYXb2r1IVMDIciIobV1lk34w_BBc8ZxemN_SxdOvLnuUGd_DHJxJT-tC8piD9G7LRPN0NECj6cXHB9EXpSlV-FsKnMbvXAtdWwEkqEbV5DBCZ8wxsyNj-lgoTZXt0Y4LbdaBMqKS-kJzki5agp_IjLfnM8mOOzS7Scmt3EU_8BOHowLKERGCq397TJmJTlAQEo_juJ9nrOlP5dqV6tVBTEVTQTJG0VygU-eBTaRcYTLQXei2-Kz4NAjL_OCJzS3XCizQVGPjb5SXyZf86g1YfsqwtEwATW6ZiNxwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE5TH5A3QEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokeIWmIF249z1vXF32Odh50nqlg%26sig%3DAOD64_1fvNrn9UBHjORae-GpuQVF644Rfw%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-DLmXy5ZCdUghtfQJgqF1QHkIKN3TSGZ7fbEo0bKp_NxWL1KPnymM4-17w34-Q7je3KCDjZ8b-NtkQZEJpv03lfzJISY3MUmEW1eedKKUjNNJENp2NqeVlDTHbCS9i6R81E0yEsrcXbdwc_hWVAT12l-iSTAA%26cry%3D1%26dbm_d%3DAKAmf-CbVGm6QEKG6ItAavtwyAz_6QtD1LPjYkfbC9PONvuAI7XQ6Y5DCWeFdh9WAj34YTe1DeUwZMlCR_qSamAqTdYrf8KjJ5esKrTsxKqiMasHnyqzMelkCvdSJH8DydcoZMye5oEbRGGFBEyY_KmO5z7_ubek8MOI1TM61PX_OFWrfW1nybrbHrbo25QEyIrZOAXtnQHn6Yc9TPQLG0Lk1qa5H1eghoj8wET1rMPzdjdpTbswQxoNpnWSInk1ylgUA1cjx-nRQIvf8Poq5kvw0UsEgeqQh_xzUyAgR_Nk_FqH-eyYZOxZIC1ZIi1XW9Bys9D01lPN4y8isfEPGsnHdEoH72dWaWhOdjFMQ4dg5WWtfQJsTCCbDLZ_SW1ZN0bIYvk6lH9gK4eVmTEiV6eONKIq2TrI0NrgXzZBUi59g3TKqPqFsfbKJCmAOY10ZnrzZ7tsUPoE%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=2889811465023&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.121.52.63.178.clients.your-server.de Software Apache / Resource Hash bb0cc07ed6a3640fe6b4765aa060caf810fc6cc7caed9369c121e2147416c1f2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ Response headers Date Mon, 14 Feb 2022 07:21:06 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Mon, 14 Feb 2022 07:21:06 +0100 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 2313 Connection close Content-Type text/html; charset=utf-8
GET DATA	200 OK	truncated / Frame 42EA	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 265857e838773b4f39bf3129f35321a3d0fc4d472b448d4d7ef1b59b7c50869e Request headers Accept-Language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 8925	89 KB 90 KB	101ms 30ms	Script text/javascript	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js Requested by Host: hal900020.redintelligence.net URL: https://hal900020.redintelligence.net/request_content.php?s=25155500034685400707896011870020&a=95c3cdeb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://hal900020.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 13 Feb 2022 13:36:31 GMT x-content-type-options nosniff age 63875 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 91556 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Mon, 13 Feb 2023 13:36:31 GMT
GET H/1.1	200 OK	300x250_OMAC_2016_Launch%20(1).jpg cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame 8925	53 KB 53 KB	160ms 55ms	Image image/jpeg	85.114.131.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.contentspread.net/24i/advertiser/14265/creativesup/300x250_OMAC_2016_Launch%20(1).jpg Requested by Host: hal900020.redintelligence.net URL: https://hal900020.redintelligence.net/request_content.php?s=25155500034685400707896011870020&a=95c3cdeb Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 85.114.131.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS srv21037.dus4.fastwebserver.de Software nginx / Resource Hash e7c099c985ec85158ceffa3995db2225fe41c5a1676c7b189ce2ad0511d9c42d Request headers Accept-Language it-IT,it;q=0.9 Referer https://hal900020.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 14 Feb 2022 07:21:06 GMT Last-Modified Tue, 16 Feb 2016 10:13:15 GMT Server nginx ETag "56c2f63b-d397" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 54167
GET H/1.1	200 OK	viewability Show response hal900020.redintelligence.net/ Frame 8925	0 150 B	90ms 31ms	Script text/html	178.63.52.121 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900020.redintelligence.net/viewability?s=25155500034685400707896011870020&a=b85ffb5d&vb=m Requested by Host: hal900020.redintelligence.net URL: https://hal900020.redintelligence.net/request_content.php?s=25155500034685400707896011870020&a=95c3cdeb Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.121.52.63.178.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer https://hal900020.redintelligence.net/request_content.php?s=25155500034685400707896011870020&a=95c3cdeb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 14 Feb 2022 07:21:06 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated / Frame 8925	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language it-IT,it;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	publishertag.prebid.113.js Show response static.criteo.net/js/ld/ Frame 121C	85 KB 27 KB	116ms 35ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.113.js Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language it-IT,it;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:07 GMT content-encoding gzip last-modified Wed, 08 Sep 2021 12:50:31 GMT server nginx etag W/"6138b197-1532d" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 15 Feb 2022 07:21:07 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 42EA	42 B 64 B	84ms 37ms	Fetch image/gif	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBClv1AguuHWnJNQfRrZIDKvjZdArg84It9pckeeNHmwwKSyLOie3VH1-8nk_0N-SBC5948JNFI-6OrgOLet0-UEru9z9ZhRQjvMM0&sai=AMfl-YShPDOLaunOTFQG3_a1hKw7CQJTs09YKxXn4YuRR7SiWGhGDptREfFGTP8JsymZdY63uBlrXIKI0tEZSJ3K-QqEX1PNqf65gGIdixLrweyxb-MTcBc6N-qQ3bGsq6dc&sig=Cg0ArKJSzLyhfAO8jlZ6EAE&cid=CAASFeRokeIWmIF249z1vXF32Odh50nqlg&id=lidar2&mcvt=1000&p=102,1005,352,1305&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2862190043&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644823266969&rpt=933&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://8cec9790d348ce1b3888319069aeb3d3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 14 Feb 2022 07:21:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame CB48	13 KB 5 KB	97ms 32ms	Document text/html	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://img.scupio.com/ Response headers cache-control private, max-age=3600 content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp server-processing-duration-in-ticks 2078 date Mon, 14 Feb 2022 07:21:07 GMT content-length 5145 strict-transport-security max-age=31536000; preload;
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame 121C	90 KB 28 KB	110ms 40ms	XHR text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language it-IT,it;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:07 GMT content-encoding gzip last-modified Mon, 31 Jan 2022 09:04:35 GMT server nginx etag W/"61f7a623-16685" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 15 Feb 2022 07:21:07 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame CB48 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=www.plurk.com&lsw=1 https://mug.criteo.com/sid?cpp=K0PTtnx5UmVNc29XOEQ5OWY5OU5VeXFQTWlCb3RUYmdWNk9qMklDWFU2aG9OZ1NqYm9rN0wzZ1dQdFJvcnd3R1dlTzVSOGNvWU5JSXNFb1V2WTVHSGhCMmRjMnFpc25DMWxVMC9Zb25ieHJvbTQrQ2lBNnpCb0Y1V1FPeG...	439 B 635 B	111ms 36ms	Fetch application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=K0PTtnx5UmVNc29XOEQ5OWY5OU5VeXFQTWlCb3RUYmdWNk9qMklDWFU2aG9OZ1NqYm9rN0wzZ1dQdFJvcnd3R1dlTzVSOGNvWU5JSXNFb1V2WTVHSGhCMmRjMnFpc25DMWxVMC9Zb25ieHJvbTQrQ2lBNnpCb0Y1V1FPeGpvaWEzdTJxd0FQQTJGL0VnclpjMEdwK0NwcVdXanRCTGIwanBNVTZ4WUh3czF0R2tTbkRSRnFSUTNUeTlXZzVWc2wxZFdzSTRtVE0yenRMSmkxdnFGd0N0SlVucy8rTVZrL2djTXkwclZqajdmODNLajhYQUNjaWtHNU1JcjJqaC9UZHpwaFRqeExnSnZTT1ZBY3lDZmNvVUprL2F2QT09fA&cppv=2 Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 22be46ca4a5513d0dc7bed123a61f726b4411f586a766729e7a80bcf0b3e03f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language it-IT,it;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 14 Feb 2022 07:21:07 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 3985 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Mon, 14 Feb 2022 07:21:06 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=K0PTtnx5UmVNc29XOEQ5OWY5OU5VeXFQTWlCb3RUYmdWNk9qMklDWFU2aG9OZ1NqYm9rN0wzZ1dQdFJvcnd3R1dlTzVSOGNvWU5JSXNFb1V2WTVHSGhCMmRjMnFpc25DMWxVMC9Zb25ieHJvbTQrQ2lBNnpCb0Y1V1FPeGpvaWEzdTJxd0FQQTJGL0VnclpjMEdwK0NwcVdXanRCTGIwanBNVTZ4WUh3czF0R2tTbkRSRnFSUTNUeTlXZzVWc2wxZFdzSTRtVE0yenRMSmkxdnFGd0N0SlVucy8rTVZrL2djTXkwclZqajdmODNLajhYQUNjaWtHNU1JcjJqaC9UZHpwaFRqeExnSnZTT1ZBY3lDZmNvVUprL2F2QT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1695 content-length 541 expires 0
GET H/1.1	200 OK	viewability Show response hal900020.redintelligence.net/ Frame 8925	0 150 B	90ms 31ms	Script text/html	178.63.52.121 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900020.redintelligence.net/viewability?s=25155500034685400707896011870020&a=b85ffb5d&vb=v Requested by Host: hal900020.redintelligence.net URL: https://hal900020.redintelligence.net/request_content.php?s=25155500034685400707896011870020&a=95c3cdeb Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.121.52.63.178.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language it-IT,it;q=0.9 Referer https://hal900020.redintelligence.net/request_content.php?s=25155500034685400707896011870020&a=95c3cdeb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 14 Feb 2022 07:21:07 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H2	200	13567.json Show response img.scupio.com/js/config/	469 B 861 B	30ms 29ms	XHR application/json	13.32.99.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/config/13567.json?v=1.0.3839 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/ad.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-7.fra60.r.cloudfront.net Software nginx/1.12.1 / Resource Hash cf49204e251d59cb87d3a4b95cbd8a3dc3c8a30bc31fa860e2c1301ad517cca7 Request headers Accept application/json, text/javascript, */* Referer https://www.plurk.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Mon, 14 Feb 2022 07:20:41 GMT via 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront) last-modified Mon, 14 Feb 2022 02:20:20 GMT server nginx/1.12.1 age 26 etag "6209bc64-1d5" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=10800 x-amz-cf-pop FRA60-P3 accept-ranges bytes content-length 469 x-amz-cf-id 7pNh-1elEvbzLtyTyvnK88qJItIsWu0LPxUhNJ3DyQM48FIRfgESNg== expires Mon, 14 Feb 2022 10:20:41 GMT
POST H/1.1	200 OK	adreqlog.aspx Show response bw.scupio.com/adpinline/	0 716 B	316ms 316ms	XHR application/json	210.59.219.180 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://bw.scupio.com/adpinline/adreqlog.aspx?cid=13567&cb=0.7890468062589417 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/ad.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 210.59.219.180 Zhonghe, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/javascript, */* Referer https://www.plurk.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Mon, 14 Feb 2022 07:21:07 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA " Access-Control-Allow-Origin https://www.plurk.com Cache-Control private Access-Control-Allow-Credentials true Content-Type application/json Content-Length 0
GET H2	200	ad.html Show response img.scupio.com/html/ Frame 652F	82 KB 22 KB	31ms 30ms	Document text/html	13.32.99.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/html/ad.html?v=1.0.61 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/ad.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-7.fra60.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 88de5f95fea91d43e84cba58bbc21573c9f9f2a6d45b3bdd8af60295903c88c4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://www.plurk.com/ Response headers content-type text/html; charset=utf-8 server nginx/1.12.1 last-modified Wed, 12 Jan 2022 05:51:14 GMT access-control-allow-origin * content-encoding gzip date Mon, 14 Feb 2022 06:54:32 GMT expires Wed, 16 Mar 2022 06:54:16 GMT cache-control max-age=2592000 etag W/"61de6c52-148ff" x-cache Hit from cloudfront via 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 x-amz-cf-id QDHGz9-r7ltk1Dczg6swXm5QVSLkfAoJER0ZwCHSucpcZv49s4NVFg== age 1611
GET H3	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 652F	95 KB 33 KB	73ms 37ms	Script text/javascript	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language it-IT,it;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 13 Feb 2022 14:36:50 GMT content-encoding gzip x-content-type-options nosniff age 60257 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Mon, 13 Feb 2023 14:36:50 GMT
GET H2	200	prebid.js Show response img.scupio.com/js/ Frame 652F	259 KB 92 KB	30ms 30ms	Script application/javascript	13.32.99.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/prebid.js?v=5.20.0 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-7.fra60.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 203952d95f704a3d83b4f4d2b637c3ec6eed453918da831b11433d6854770063 Request headers Accept-Language it-IT,it;q=0.9 Referer https://img.scupio.com/html/ad.html?v=1.0.61 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:19:22 GMT content-encoding gzip last-modified Mon, 01 Nov 2021 04:07:12 GMT server nginx/1.12.1 age 111 etag W/"617f67f0-40b0e" x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=2592000 x-amz-cf-pop FRA60-P3 x-amz-cf-id hUwxj9iTo3LGGDyalf29ma-6Prk9khLWDaeydyoq1sPfBVMrSRUMTw== via 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront) expires Wed, 16 Mar 2022 07:19:16 GMT
GET H2	200	currency.json Show response img.scupio.com/js/config/ Frame 652F	108 B 489 B	29ms 28ms	XHR application/json	13.32.99.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/config/currency.json Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-7.fra60.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 2c12f54b595f47ff364a57a32704fa287b13704472cb04b87686a83ffe22122c Request headers Referer https://img.scupio.com/html/ad.html?v=1.0.61 Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 14 Feb 2022 07:20:52 GMT via 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront) last-modified Sun, 13 Feb 2022 19:15:06 GMT server nginx/1.12.1 age 16 etag "620958ba-6c" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=10800 x-amz-cf-pop FRA60-P3 accept-ranges bytes content-length 108 x-amz-cf-id EN_IogUp19eE0rw_qD6zjcQzMkGhNCXbIIJ9uwjorbw02gPyXB7wWA== expires Mon, 14 Feb 2022 10:20:52 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 1B34	13 KB 5 KB	36ms 36ms	Document text/html	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://img.scupio.com/ Response headers cache-control private, max-age=3600 content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp server-processing-duration-in-ticks 3439 date Mon, 14 Feb 2022 07:21:08 GMT content-length 5145 strict-transport-security max-age=31536000; preload;
POST H2	200	cdb Show response bidder.criteo.com/ Frame 652F	1 KB 1 KB	41ms 40ms	XHR application/json	178.250.2.131 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?ptv=119&profileId=185&av=34&wv=5.20.0-pre&bundle=oNgmVV9NczNaM2hSY1RZeWlEcEclMkJHJTJGZ2E5dGhOSDNqd3dKVyUyRmh5YVkyNllxQnF3WmlORUVvcWQzOG5pd1VLdnVYNUhiOXdFdTBzaGc0JTJCa2pQbTR5TFhwVmVvZkU2MThqYW4yRzZwJTJGUTFLYmRBUExYTSUyQklIQmJITldRTjN6eXZ6cyUyQjN3UHVPTWpXMWlFUkVzTTBlU1dIeEt0dyUzRCUzRA&cb=71315149983 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.am5.vip.prod.criteo.com Software Finatra / Resource Hash 81d053ccdcbc138a3a5cc397dcb0ffa302d918d325c4141a2b6a88f8ca89f691 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://img.scupio.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 14 Feb 2022 07:21:07 GMT content-encoding gzip server Finatra vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://img.scupio.com access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 882
POST H2	204	bids Show response prebid-asia.creativecdn.com/bidder/prebid/ Frame 652F	0 176 B	267ms 266ms	XHR text/plain	103.132.192.30 RTBHOUSE-AS-AP RT...
General Check archive.org Show headers Download Go to Full URL https://prebid-asia.creativecdn.com/bidder/prebid/bids Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG), Reverse DNS ip-103-132-192-30.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://img.scupio.com date Mon, 14 Feb 2022 07:21:08 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
POST H2	200	prebid.json Show response ad.holmesmind.com/adserver/ Frame 652F	0 219 B	794ms 273ms	XHR text/html	54.168.194.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ad.holmesmind.com/adserver/prebid.json?cb=1644823269742&hb=1&ver=1.21 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.168.194.199 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-168-194-199.ap-northeast-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://img.scupio.com date Mon, 14 Feb 2022 07:21:08 GMT content-encoding gzip access-control-allow-credentials true server nginx/1.14.0 (Ubuntu) vary Accept-Encoding content-type text/html; charset=UTF-8
POST H2	204	prebid.aspx Show response prebid.scupio.com/recweb/ Frame 652F	0 50 B	318ms 318ms	XHR text/html	210.59.219.181 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9474810356358405 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.59.219.181 Zhonghe, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 14 Feb 2022 07:21:07 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type text/html access-control-allow-origin https://img.scupio.com cache-control private access-control-allow-credentials true
GET H/1.1	204 No Content	header Show response hb.aralego.com/ Frame 652F	0 323 B	677ms 441ms	XHR text/plain	199.115.117.82 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7BE8827732D680EA64BB3A493A78B&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&eids=&pubcid=f63cc908-f6b5-450f-aeba-ff9fda5d6412&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=7fcf2dfd-4158-41e6-b1a2-2ba3386a7364&w=970&h=250 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 199.115.117.82 , United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://img.scupio.com Date Mon, 14 Feb 2022 07:21:08 GMT Access-Control-Allow-Credentials true Connection close
POST H2	204	events bidder.criteo.com/csm/ Frame 652F	0 215 B	32ms 31ms	Ping text/plain	178.250.2.131 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/csm/events Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.am5.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://img.scupio.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 14 Feb 2022 07:21:07 GMT server Finatra vary Origin access-control-allow-origin https://img.scupio.com access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
GET H2	200	sid Show response mug.criteo.com/ Frame 1B34 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=2&topUrl=www.plurk.com&bundle=oNgmVV9NczNaM2hSY1RZeWlEcEclMkJHJTJGZ2E5dGhOSDNqd3dKVyUyRmh5YVkyNllxQnF... https://mug.criteo.com/sid?cpp=oGembXxlcFI3RGFURFVDNzdKSG54U1hobnJSU2IxUzEzRHFwUG02Z25NcW5rY2xiazcyVWRVUWEySnVHY2QrWlY5MFliY1F5QkYyS2wxaHlOempIOENzUURKYkVDdHcrYUFnaWZxZTB2MkJuU3Nkd3p4bXJ2QTRJU1ExeG...	433 B 636 B	36ms 35ms	Fetch application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=oGembXxlcFI3RGFURFVDNzdKSG54U1hobnJSU2IxUzEzRHFwUG02Z25NcW5rY2xiazcyVWRVUWEySnVHY2QrWlY5MFliY1F5QkYyS2wxaHlOempIOENzUURKYkVDdHcrYUFnaWZxZTB2MkJuU3Nkd3p4bXJ2QTRJU1ExeGZadC93ejh1b3p0UHFjRGNzQjllbFNpZ3ltakJZRkF0S3UwNEgwUlhZRk8vcGFmY0dKNyt6OVZqbnN5QVlXZTdwUUM0UnRIQ09IeVg0SzFhTGp3ejhNcTViakZoY3ZNVi8yalgwdVhUNVd3RG5WUGx5Y1VsZ2U0TlVpY3liWDJDZmhXZk5uaXFYSTBPZG1SZFJGQTh5TG9GNml5WW5TVWxIb096OHdWdVVCTG9BOG9PYTVkMD18&cppv=2 Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 05b28dfd7f66773b05d034a459ec099733de4ee0c87fd7f3d585f73d4759ba93 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language it-IT,it;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 14 Feb 2022 07:21:07 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 3402 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Mon, 14 Feb 2022 07:21:07 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=oGembXxlcFI3RGFURFVDNzdKSG54U1hobnJSU2IxUzEzRHFwUG02Z25NcW5rY2xiazcyVWRVUWEySnVHY2QrWlY5MFliY1F5QkYyS2wxaHlOempIOENzUURKYkVDdHcrYUFnaWZxZTB2MkJuU3Nkd3p4bXJ2QTRJU1ExeGZadC93ejh1b3p0UHFjRGNzQjllbFNpZ3ltakJZRkF0S3UwNEgwUlhZRk8vcGFmY0dKNyt6OVZqbnN5QVlXZTdwUUM0UnRIQ09IeVg0SzFhTGp3ejhNcTViakZoY3ZNVi8yalgwdVhUNVd3RG5WUGx5Y1VsZ2U0TlVpY3liWDJDZmhXZk5uaXFYSTBPZG1SZFJGQTh5TG9GNml5WW5TVWxIb096OHdWdVVCTG9BOG9PYTVkMD18&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1938 content-length 567 expires 0
POST H/1.1	200 OK	bidinfo.aspx Show response bw.scupio.com/adpinline/ Frame 652F	2 KB 2 KB	311ms 310ms	XHR application/javascript	210.59.219.180 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.6944171631527916 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 210.59.219.180 Zhonghe, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash ad426a4aff4236a12ccac3f43b43a2789c7a965164cd351dd2172a2544302264 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://img.scupio.com/ Accept-Language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Mon, 14 Feb 2022 07:21:08 GMT Content-Encoding gzip Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding P3P CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA " Access-Control-Allow-Origin https://img.scupio.com Cache-Control private Access-Control-Allow-Credentials true Content-Type application/javascript; charset=utf-8 Content-Length 1466
GET H2	200	publishertag.prebid.113.js Show response static.criteo.net/js/ld/ Frame 652F	85 KB 27 KB	37ms 37ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.113.js Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language it-IT,it;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:08 GMT content-encoding gzip last-modified Wed, 08 Sep 2021 12:50:31 GMT server nginx etag W/"6138b197-1532d" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 15 Feb 2022 07:21:08 GMT
GET H2	200	ls.html Show response img.scupio.com/html/ Frame DE8E	1 KB 1 KB	29ms 29ms	Document text/html	13.32.99.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/html/ls.html Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-7.fra60.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://img.scupio.com/html/ad.html?v=1.0.61 Response headers content-type text/html; charset=utf-8 server nginx/1.12.1 last-modified Mon, 21 Nov 2016 06:35:53 GMT access-control-allow-origin * content-encoding gzip date Mon, 14 Feb 2022 06:31:44 GMT expires Mon, 21 Feb 2022 06:31:42 GMT cache-control max-age=604800 etag W/"583295c9-4dc" x-cache Hit from cloudfront via 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 x-amz-cf-id a7luhlGfqZ9UCSsaPXr7jP7SxMAnt670IL_q_GAatQt9C7lsU9jnjQ== age 2967
GET		ggid.aspx rec.scupio.com/recweb/ Frame 9606 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1BBMjAyMjAyMTQxNTIxMDY0MTg4OTc%3d&layout=js https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEAqemsJHefR7o5jsYNJwgec&google_cver=1&google_ula=3918219,0	0 0
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 19F3 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac	281 B 554 B	99ms 26ms	Document text/html	23.211.165.15
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac Requested by Host: www.plurk.com URL: https://www.plurk.com/p/o3cx30 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.211.165.15 -, , ASN (), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer https://img.scupio.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 14 Dec 2021 23:07:59 GMT ETag "402b2-119-5d32342a551c0" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Mon, 14 Feb 2022 07:21:09 GMT Connection keep-alive Vary Accept-Encoding Redirect headers server AkamaiGHost content-length 0 location https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac date Mon, 14 Feb 2022 07:21:09 GMT access-control-allow-credentials true access-control-allow-origin *
GET H2	200	/ www.facebook.com/tr/ Frame 9606	44 B 406 B	90ms 28ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.61&rl=&if=true&ts=1644823270895&cd[SBST]=25&cd[PuID]=plurk Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language it-IT,it;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Feb 2022 07:21:09 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 content-length 44 expires Mon, 14 Feb 2022 07:21:09 GMT
GET		idsync sync.aralego.com/ Frame 9606 Redirect Chain https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CPA20220214152106418897 https://pr-bh.ybp.yahoo.com/sync/ucfunnel/41bccf51-84bb-45c5-9728-e8bc23aea49c?gdpr=0&euconsent= https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-epY.IWtE2oXvIaZL_oCoCKtQ0skfpUWO7DrajYk-~A&redirect=	0 0
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 19F3	32 KB 10 KB	26ms 26ms	Script text/html	23.211.165.15
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.211.165.15 -, , ASN (), Reverse DNS Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 7c5b7fe31808c03d9b91619d029f2d922dfeb007d9a68f96f2a8090314243b53 Request headers Accept-Language it-IT,it;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 14 Feb 2022 07:21:09 GMT Content-Encoding gzip Last-Modified Wed, 15 Dec 2021 23:04:16 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=15465 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9704 Expires Mon, 14 Feb 2022 11:38:54 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 19F3	284 B 536 B	238ms 25ms	Image image/jpg	69.173.144.138
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.138 -, , ASN (), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Accept-Language it-IT,it;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 Content-Type image/jpg
GET H2	200	sid Show response mug.criteo.com/ Frame 121C Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 https://mug.criteo.com/sid?cpp=GiEmM3wyc01nU1dtK3hvVmN5dlRyUVQ5SnBiR2V6L05KMTQrV1g1TWl3Z3VyUkJTQXpNaDJrSjF5TkxjSTQrck1vSXNWR0ZNTjQxbkhGNzRCRDhNRkk5V3BLUGJMVGZpVUhvUnp3R0h1ZDl0YTlVV0JXR092aU9nb1RBWE...	409 B 657 B	36ms 36ms	XHR application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=GiEmM3wyc01nU1dtK3hvVmN5dlRyUVQ5SnBiR2V6L05KMTQrV1g1TWl3Z3VyUkJTQXpNaDJrSjF5TkxjSTQrck1vSXNWR0ZNTjQxbkhGNzRCRDhNRkk5V3BLUGJMVGZpVUhvUnp3R0h1ZDl0YTlVV0JXR092aU9nb1RBWEFKMVQ3UGVWZEhObjRCcnZSNDZYK2Q1VHNnMEdueWcycnNXZGVjNWtuTlZTVTdrdStCQ2dlTklHNmlEMmd1b0lkLzNZVFVKTTUzeWFpd0hBaWxOc0xKeXI1QkM2aWhWa3dPSWhaTmpGRGVmdXAwTVlFRU5TaTBaZjgyU1VrK0swSThhODRraEJVS1BId25NNEI1YUF2RzdWVTUzWWFGQklYTGw4MzdmOXZjbER3K1hjbk1ZRT18&cppv=2 Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 9014df5f2247aec9bf9da8f93112160c7fcb72c760efb732d7703e24232ff02c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language it-IT,it;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 14 Feb 2022 07:21:08 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 3595 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Mon, 14 Feb 2022 07:21:08 GMT location https://mug.criteo.com/sid?cpp=GiEmM3wyc01nU1dtK3hvVmN5dlRyUVQ5SnBiR2V6L05KMTQrV1g1TWl3Z3VyUkJTQXpNaDJrSjF5TkxjSTQrck1vSXNWR0ZNTjQxbkhGNzRCRDhNRkk5V3BLUGJMVGZpVUhvUnp3R0h1ZDl0YTlVV0JXR092aU9nb1RBWEFKMVQ3UGVWZEhObjRCcnZSNDZYK2Q1VHNnMEdueWcycnNXZGVjNWtuTlZTVTdrdStCQ2dlTklHNmlEMmd1b0lkLzNZVFVKTTUzeWFpd0hBaWxOc0xKeXI1QkM2aWhWa3dPSWhaTmpGRGVmdXAwTVlFRU5TaTBaZjgyU1VrK0swSThhODRraEJVS1BId25NNEI1YUF2RzdWVTUzWWFGQklYTGw4MzdmOXZjbER3K1hjbk1ZRT18&cppv=2 strict-transport-security max-age=31536000; preload; access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://img.scupio.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1835 content-length 567 expires 0
GET		idsync sync.aralego.com/ Frame 121C Redirect Chain https://sync.aralego.com/idSync https://pr-bh.ybp.yahoo.com/sync/ucfunnel/41bccf51-84bb-45c5-9728-e8bc23aea49c?gdpr=0&euconsent= https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-epY.IWtE2oXvIaZL_oCoCKtQ0skfpUWO7DrajYk-~A&redirect=	0 0
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	93ms 32ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://img.scupio.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 access-control-allow-origin https://img.scupio.com access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1548 date Mon, 14 Feb 2022 07:21:09 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip vary Accept-Encoding
GET		sync.php pixel-apac.rubiconproject.com/exchange/ Frame 19F3	0 0
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	103ms 37ms	Preflight application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=GiEmM3wyc01nU1dtK3hvVmN5dlRyUVQ5SnBiR2V6L05KMTQrV1g1TWl3Z3VyUkJTQXpNaDJrSjF5TkxjSTQrck1vSXNWR0ZNTjQxbkhGNzRCRDhNRkk5V3BLUGJMVGZpVUhvUnp3R0h1ZDl0YTlVV0JXR092aU9nb1RBWEFKMVQ3UGVWZEhObjRCcnZSNDZYK2Q1VHNnMEdueWcycnNXZGVjNWtuTlZTVTdrdStCQ2dlTklHNmlEMmd1b0lkLzNZVFVKTTUzeWFpd0hBaWxOc0xKeXI1QkM2aWhWa3dPSWhaTmpGRGVmdXAwTVlFRU5TaTBaZjgyU1VrK0swSThhODRraEJVS1BId25NNEI1YUF2RzdWVTUzWWFGQklYTGw4MzdmOXZjbER3K1hjbk1ZRT18&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1075 date Mon, 14 Feb 2022 07:21:08 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip vary Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

bw.scupio.com

URL

https://bw.scupio.com/adpinline/adreqlog.aspx?cid=10987&cb=0.17372515045979764

Domain

rec.scupio.com

URL

https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEAqemsJHefR7o5jsYNJwgec&google_cver=1&google_ula=3918219,0

Domain

sync.aralego.com

URL

https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-epY.IWtE2oXvIaZL_oCoCKtQ0skfpUWO7DrajYk-~A&redirect=

Domain

sync.aralego.com

URL

https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-epY.IWtE2oXvIaZL_oCoCKtQ0skfpUWO7DrajYk-~A&redirect=

Domain

pixel-apac.rubiconproject.com

URL

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell