www.plurk.com Open in urlscan Pro
52.1.194.240 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.plurk.com/p/o5nfb6
Submission: On December 29 via manual (December 29th 2020, 2:26:27 pm UTC) from VN

Summary HTTP 61 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 10 domains to perform 61 HTTP transactions. The main IP is 52.1.194.240, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.plurk.com.
TLS certificate: Issued by Amazon on July 2nd 2020. Valid for: a year.

This is the only time www.plurk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.1.194.240 52.1.194.240	14618 (AMAZON-AES) (AMAZON-AES)
18	2606:4700::68... 2606:4700::6811:4503	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	13.224.196.65 13.224.196.65	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
61	16

2 52.1.194.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-194-240.compute-1.amazonaws.com

www.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6811:4503 (United States)

ASN13335 (CLOUDFLARENET, US)

s.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatars.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgs.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.196.65 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-65.fra2.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0c9c33fc16d14e288a63eeeee714dbee.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	plurk.com www.plurk.com s.plurk.com avatars.plurk.com imgs.plurk.com assets.plurk.com	303 KB
13	googlesyndication.com 0c9c33fc16d14e288a63eeeee714dbee.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	104 KB
5	ampproject.org cdn.ampproject.org	98 KB
5	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	108 KB
5	scupio.com img.scupio.com	17 KB
4	google.com 1 redirects adservice.google.com www.google.com	348 B
4	cloudflare.com cdnjs.cloudflare.com	54 KB
2	google.de adservice.google.de www.google.de	276 B
2	google-analytics.com www.google-analytics.com	19 KB
1	googletagservices.com www.googletagservices.com	19 KB
61	10

	Domain	Requested by
13	s.plurk.com	www.plurk.com s.plurk.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.plurk.com tpc.googlesyndication.com cdn.ampproject.org
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	img.scupio.com	www.plurk.com img.scupio.com
4	cdnjs.cloudflare.com	www.plurk.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.com	1 redirects www.plurk.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.plurk.com
3	assets.plurk.com	cdnjs.cloudflare.com
2	www.google-analytics.com	www.plurk.com www.google-analytics.com
2	www.plurk.com	cdnjs.cloudflare.com
1	googleads.g.doubleclick.net
1	www.google.de	www.plurk.com
1	0c9c33fc16d14e288a63eeeee714dbee.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	www.plurk.com
1	imgs.plurk.com	www.plurk.com
1	avatars.plurk.com	www.plurk.com
61	20

This site contains links to these domains. Also see Links.

Domain
www.bandatnendongnai.vn

Subject Issuer	Validity	Valid
*.plurk.com Amazon	`2020-07-02` - `2021-08-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2019-10-15` - `2021-10-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.plurk.com/p/o5nfb6
Frame ID: 04724AC9826382D7D491394FDC6D176A
Requests: 42 HTTP requests in this frame

Frame: https://img.scupio.com/html/mv.html?v=1.0.76
Frame ID: 6853694B076709DFDB9F71D307D478AD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 9BD3AEB52443039BE4780A70C8FB95EC
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 6DAA77B1FC8A7E0DDECB4D10D8E43D34
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.46
Frame ID: 8138BE603C92F942D7C957938C032B41
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

61
Requests

98 %
HTTPS

80 %
IPv6

10
Domains

20
Subdomains

16
IPs

3
Countries

721 kB
Transfer

1906 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bandatnendongnai.vn/du-an/gem-skyworld-long-thanh-dat-xanh-group/
Title: Gem Skyworld Long Thành - Đất Xanh Group

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set o5nfb6 Show response
www.plurk.com/p/ 16 KB
6 KB 475ms
136ms Document
text/html 52.1.194.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plurk.com/p/o5nfb6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.194.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-194-240.compute-1.amazonaws.com
Software: Cheroot/8.4.5 /
Resource Hash: f7efe6646e073188e90f72a91d175a1fc9b2fd7dab2af545d673e9be01381e18

Request headers

Host: www.plurk.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 29 Dec 2020 14:26:08 GMT
Server: Cheroot/8.4.5
Set-Cookie: plurkcookiea="/pd1YUm7lL1iVkQ/yGG3x8c63TdiNlB20mnIx3XwRBw=?from_url=Ii9wL281bmZiNiI=&invitation_from_uid=MTQ4MDc2MzQ="; Domain=.plurk.com; Expires=Wed, 13-Jan-2021 14:26:08 GMT; Max-Age=1296000; Secure; HttpOnly; Path=/
Content-Length: 5921
Connection: keep-alive

GET
H2 200 0.0a9ec823a62d53520340.js Show response
s.plurk.com/ 88 KB
29 KB 61ms
28ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/0.0a9ec823a62d53520340.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e619d160e9e8bfb0e2604cfe9a1bd3637c3e32a60d3c801afce27e91f01284ce

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 229274
x-amz-request-id: 0DC1A69C48EA2C9E
x-amz-id-2: PgypYY7xN78MJPRCJKo0U2mfRhb71cVaiTIH4dGpIRi9X1S/AKjbyqczo+9OVC2GgNu0+o6b2Qw=
last-modified: Sat, 26 Dec 2020 22:40:17 GMT
server: cloudflare
etag: W/"bccb4f3ad88350f51d02ee734502e013"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 07507d6d1c00000746d5a47000000001
cf-ray: 609431c1ce8c0746-FRA
expires: Wed, 03 Dec 2025 14:26:08 GMT

GET
H2 200 1.d7962966f4a4cce508fb.js Show response
s.plurk.com/ 236 KB
79 KB 61ms
29ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/1.d7962966f4a4cce508fb.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ef854dcc885fe3ab841d8ad4d6d21112481af03a603e4bd639854dacf036be

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 229274
x-amz-request-id: 8C39A63B387D8C2A
x-amz-id-2: fDDVnqKKRsjT3tWrtf/tiMfVeKXt9n7FUM8zJMoDh5x5RUCNd/8W0vhR0bF8SsRYZx8f6IYTmNY=
last-modified: Sat, 26 Dec 2020 22:40:17 GMT
server: cloudflare
etag: W/"4c73d18e129d69c5c039b5129a279cf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 07507d6d1c00000746fe8b6000000001
cf-ray: 609431c1ce8d0746-FRA
expires: Wed, 03 Dec 2025 14:26:08 GMT

GET
H2 200 37dfbffe0f333c914db3.js Show response
s.plurk.com/ 3 KB
2 KB 47ms
15ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/37dfbffe0f333c914db3.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5860691a8292292a2567ab3b3bdd6044640a2e0868840c7105d570400e4a8f3f

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 229274
x-amz-request-id: A8F0D900744363FD
x-amz-id-2: w/cmAkf3A2TP+ihhVcpHDh7V5gJpIQ8Qc2Xp4hBfhI+twCjGHmwQIU40HarXpoc/tGSccszfs6A=
last-modified: Sat, 26 Dec 2020 22:40:16 GMT
server: cloudflare
etag: W/"f36760ce2dbcfeca88d6471f61231005"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 07507d6d1b000007469ca94000000001
cf-ray: 609431c1ce890746-FRA
expires: Wed, 03 Dec 2025 14:26:08 GMT

GET
H2 200 0.75451a3d254d993aadb6.css
s.plurk.com/ 4 KB
1 KB 53ms
22ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/0.75451a3d254d993aadb6.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50f16900e3571e1b43cfa12e126a8b38caf560dca7d2b61c601f5211adfb1e5a

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 229274
x-amz-request-id: 22CE6060568A86D1
x-amz-id-2: tT/X/uCRo4vIuDs+tYs9zziE7HxyAYWp8jEw6RmpRCppO0kPXl2D/ut8a5928ZfqmH54I3nycUY=
last-modified: Sat, 26 Dec 2020 22:40:16 GMT
server: cloudflare
etag: W/"41aa2ca5d2d7b0fc4702e90c4492fa6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 07507d6d1a000007469e12a000000001
cf-ray: 609431c1ce7d0746-FRA
expires: Wed, 03 Dec 2025 14:26:08 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 19ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 296917
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 27433
cf-request-id: 07507d6cfe00002bd20385c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=36k%2F1Adv2SZwBFJztwtLxtWX5K9NSqb6qU1Z2IH8cgHmkTGofhvsTzxGn59lASho5i0qhP7RouynYJ0cvPYx9f5OigmRV6XMcMavNtdA5JRFpx7mfMoM0G5mrN6c1hscGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 609431c19e812bd2-FRA
expires: Sun, 19 Dec 2021 14:26:08 GMT

GET
H2 200 469523c93ee03c48ca2e.js Show response
s.plurk.com/ 11 KB
4 KB 47ms
15ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/469523c93ee03c48ca2e.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f91a546585f972a38f20b3047ad43c0c5b39e00a560d3c833f3f45a254b715e

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 229273
x-amz-request-id: 7G3M6YBJCQ9GAWDG
x-amz-id-2: Fmb9zJnTt3uSsEwoBm4gaRRribWesfCknX01t+0V39ZUQC/eVYW8PF4g4dEnC7Cn/E6eacvj9PA=
last-modified: Sat, 26 Dec 2020 22:40:16 GMT
server: cloudflare
etag: W/"f7487a9e7164fc28a0ce0d202ba78c2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 07507d6d1b000007461ba3b000000001
cf-ray: 609431c1ce8b0746-FRA
expires: Wed, 03 Dec 2025 14:26:08 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/ 21 KB
4 KB 20ms
17ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 296898
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 4037
cf-request-id: 07507d6cfe00002bd22e278000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-55e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N6tQ%2FvsOxbtAjzIBItZN9BQqeKSl1KnQXOanTKb7bcwSZhcRfEGoyN1T1LD5ZtKeDMeSzt2yfuxastzK1A5HwSqsfwl8I9qMsa5zvfBoUVcN0geC0lZ%2F8lG89DxEVELDCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 609431c19e7c2bd2-FRA
expires: Sun, 19 Dec 2021 14:26:08 GMT

GET
H2 200 c21debb0acb6de8300e3.js Show response
s.plurk.com/ 1 KB
715 B 47ms
16ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/c21debb0acb6de8300e3.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b137b50ee7f49bf7bb1fe79d62394d94e01e8e1a8ac11b1b408837ca089c2818

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 229273
x-amz-request-id: 875840897FEEF86D
x-amz-id-2: /q/aIh0ay2FqbbIA5h9NJjVSYNWwW4BrExXTgSquajRSadlSOqUzzbrIvWGrdjwvDcJkvEmWn2o=
last-modified: Sat, 26 Dec 2020 22:40:16 GMT
server: cloudflare
etag: W/"1193cc90cb9434dda22a19820c32254d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 07507d6d1b00000746db24c000000001
cf-ray: 609431c1ce880746-FRA
expires: Wed, 03 Dec 2025 14:26:08 GMT

GET
H2 200 20e98ced63608cc71d44.css
s.plurk.com/ 6 KB
1 KB 47ms
16ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/20e98ced63608cc71d44.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b31cd448810f1526683422701edfda3fda04e49df1dd22cbc6718867eef7b1c5

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 297904
x-amz-request-id: 0090BB573F2B4285
x-amz-id-2: o5ubL2EB6x+t45zt6Us/S8xqSdYs4RPGUjmdfm/PA2c3Xax20F5yLuZrX8gHGytykTNpV5IUZ54=
last-modified: Tue, 15 Dec 2020 07:16:13 GMT
server: cloudflare
etag: W/"46cce1ab85cbbb15a25283ff3cbd14ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 07507d6d1a000007469d2b6000000001
cf-ray: 609431c1ce820746-FRA
expires: Wed, 03 Dec 2025 14:26:08 GMT

GET
H2 200 sweetalert.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/ 40 KB
11 KB 28ms
25ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 296893
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 10494
cf-request-id: 07507d6cfe00002bd20895e000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff8-9f68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jWNT%2B4yJ7JZUowfXn8aub5rlPX3vOpiEgfIlxcGu%2BvRIlxxxZNy0Zyrbt10QOvr7jPdM70vr6kI2eCKQoN3EdLYfJWVAdrWGLgG7NUN3F7xIejcpiaabC3e15ZICp7psgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 609431c19e842bd2-FRA
expires: Sun, 19 Dec 2021 14:26:08 GMT

GET
H2 200 handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/ 43 KB
12 KB 17ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/handlebars.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 296874
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 11830
cf-request-id: 07507d6cff00002bd2e88ec000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-ac34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HgJ%2BOswEmA1d6%2BfpKPncifG0sfMTPEwsw0ZSfadwC8sansROds1gUmlldbu%2BDFFB6%2FtdyM%2FnChFnEF1HTBMxhW7q7ANmnIGzfU3MTi%2BO4ZQwJ%2FlhWV6MOg3CymCWtWtRjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 609431c19e872bd2-FRA
expires: Sun, 19 Dec 2021 14:26:08 GMT

GET
H2 200 f8006b780a2c0cd25217.js Show response
s.plurk.com/ 64 KB
23 KB 57ms
27ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/f8006b780a2c0cd25217.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b3c792643d96ef96ae8542e93c7f92cdb81fda125351f69c16f2b426e381c48

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 27002
x-amz-request-id: C9E071D0B09B1DBF
x-amz-id-2: eSr4ALMJqf3iIhQMzrY26qsnEoSvVA416klL02pEYoC1rO6eloG7425EYlG8sBT5v7ymH0+QKBA=
last-modified: Tue, 29 Dec 2020 06:07:32 GMT
server: cloudflare
etag: W/"cb8d56256b958d55f22dc7adfb1b1752"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 07507d6d1b000007469ead3000000001
cf-ray: 609431c1ce860746-FRA
expires: Wed, 03 Dec 2025 14:26:08 GMT

GET
H2 200 872bbc41f894ecd2f30f.css
s.plurk.com/ 34 KB
7 KB 51ms
20ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/872bbc41f894ecd2f30f.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 064ab4e3257c359564e49bc564b9b88c5f0b8c6f3a7849d10fb382ea9119991b

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 229273
x-amz-request-id: B434DCAD9403C04D
x-amz-id-2: koU/DAd3sOcjtJRcIDhp6mbTquZ5mVWY/rV2Z1GCpRsN7zLwI/Qwn76G0k/uZK6oGUwO+HKJMQg=
last-modified: Sat, 26 Dec 2020 22:40:16 GMT
server: cloudflare
etag: W/"8a800fddd44729636c7fcdb5b64b0428"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 07507d6d1b000007460187b000000001
cf-ray: 609431c1ce840746-FRA
expires: Wed, 03 Dec 2025 14:26:08 GMT

GET
H2 200 da42b3033975feaffacd.js Show response
s.plurk.com/ 226 KB
71 KB 48ms
18ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/da42b3033975feaffacd.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 083a36700aa80abe04d85229b5f3bfc9287e212fc032689394eb5974fb7f4e94

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 25836
x-amz-request-id: FSDZ4X3V3R7R1Q4T
x-amz-id-2: 4fc2B8bfs4etQqGe5nwR+QyFZC5GcjjJgqTx+OSL1BxMmWm2wi/oQXgFfIMSgtmCkP5Rr/j8ki8=
last-modified: Tue, 29 Dec 2020 06:07:32 GMT
server: cloudflare
etag: W/"6e3b10726e963eaea0defce3cc491aec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 07507d6d1c000007460a87f000000001
cf-ray: 609431c1ce8f0746-FRA
expires: Wed, 03 Dec 2025 14:26:08 GMT

GET
H2 200 c76f93eeb59f4a6b9e78.css
s.plurk.com/ 60 KB
11 KB 53ms
23ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/c76f93eeb59f4a6b9e78.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d8dd4140d18d08eb3884a008abf56317a42f13763dd0ee27435cc33cbff5210

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 25837
x-amz-request-id: BAD4C0ED71258300
x-amz-id-2: AZOpyzeQQY2ff4H3ZuiMzvMbX3ZhWUjAiOPLz8ASwHHqMmsSpjz9YMpMEUb5c3dJXGcQ1XEJD3I=
last-modified: Tue, 29 Dec 2020 06:07:31 GMT
server: cloudflare
etag: W/"890e3be48cfb7eeb4b1a271733b431ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 07507d6d1b0000074613941000000001
cf-ray: 609431c1ce850746-FRA
expires: Wed, 03 Dec 2025 14:26:08 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 42 KB
15 KB 124ms
37ms Script
application/javascript 13.224.196.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-65.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 5d56552317ba8a0cb209f2260eacfb768d2a0490ebf80a2871e981833ca153ea

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:23:05 GMT
content-encoding: gzip
last-modified: Tue, 29 Dec 2020 12:37:34 GMT
server: nginx/1.12.1
age: 183
etag: W/"5feb230e-a783"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: uQh5u_-T2JXB2ej1VUlGi3n8768RZcszQl9pd0LQw3nGvw_amUkJwA==
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
expires: Tue, 29 Dec 2020 14:38:05 GMT

GET
H2 200 14807634-medium15092772.gif
avatars.plurk.com/ 1 KB
2 KB 29ms
19ms Image
image/gif 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.plurk.com/14807634-medium15092772.gif
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
cf-cache-status: HIT
age: 17538
cf-polished: origSize=1287
cf-ray: 609431c2e97d0746-FRA
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 1279
x-amz-id-2: 0ZSUezi7coQKmewqdpiGo/lxV8IXaohmWNP9avZ6CqsxkzwvUqvD8Ha85dtz81EsmXa3Kt+IoUQ=
last-modified: Wed, 24 Oct 2018 17:48:38 GMT
server: cloudflare
etag: "6c0779ae49111313047639c892eef67c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: A0F18076CC127B49
expires: Wed, 03 Dec 2025 14:26:08 GMT
cache-control: public, max-age=155520000
cf-request-id: 07507d6dcf00000746f134c000000001
accept-ranges: bytes
content-type: image/gif
cf-bgj: imgq:100,h2pri

GET
H2 200 pXpDTpQsW8nMwtBgtcgvace7GH3_mt.jpg
imgs.plurk.com/Qyg/4Q1/ 8 KB
9 KB 31ms
21ms Image
image/jpeg 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgs.plurk.com/Qyg/4Q1/pXpDTpQsW8nMwtBgtcgvace7GH3_mt.jpg
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc2cda8f58a168906fda8e1a1b38577456b35c44d39d59d6becbe227d39f1a0c

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
cf-cache-status: HIT
age: 17538
cf-polished: origSize=8755
cf-ray: 609431c31a0f0746-FRA
x-amz-meta-source: https://www.bandatnendongnai.vn/wp-content/uploads/2020/04/gem-skyworld-long-thanh-dat-xanh-group.jpg
x-amz-meta-hash: 4Q1pXpDTpQsW8nMwtBgtcgvace7GH3
content-length: 8654
x-amz-id-2: 2kgY0ZnZeiENF7Y3z64SOjMVlpP5bRpL+mxU2e4gIEcCX8twqXt40GyUS/ve7mFPP8wAdn7T28U=
last-modified: Tue, 29 Dec 2020 09:33:36 GMT
server: cloudflare
etag: "ab02048cf364d7a256dda1ca4257d602"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: A66D7BEC6FB9841F
expires: Wed, 03 Dec 2025 14:26:08 GMT
cache-control: public, max-age=155520000
cf-request-id: 07507d6dec00000746b71cd000000001
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:100,h2pri

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 54 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

678c16283762d2d1a12c9b055cf3e4333ca3c4c6638a95741f1130084882756f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "738 / 882 of 1000 / last-modified: 1608034737"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18850
x-xss-protection: 0
expires: Tue, 29 Dec 2020 14:26:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5761
date: Tue, 29 Dec 2020 12:50:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 29 Dec 2020 14:50:07 GMT

GET
H2 200 background.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
379 B 26ms
16ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/background.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
cf-cache-status: HIT
age: 294747
cf-ray: 609431c258110746-FRA
content-length: 0
x-amz-id-2: gDXkvkWQwKnpCkwSvcS5g0/8wjn7jALsdu8+wUqqu0sIZhwL9538dGv3kT5p+5DccgXsMUyDaWs=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 00E6999D46E58D2A
cache-control: public, max-age=31536000
cf-request-id: 07507d6d7900000746dd864000000001
accept-ranges: bytes
content-type: text/css
expires: Wed, 29 Dec 2021 14:26:08 GMT

GET
H2 200 timeline.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
155 B 28ms
18ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/timeline.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
cf-cache-status: HIT
age: 306574
cf-ray: 609431c258150746-FRA
content-length: 0
x-amz-id-2: KkAPjNJywUibDlamp+GKsCJZXo0miCH+f9OSE1BNngsVMD4F9TeQ9oSH0Kf1ZQOXNAQ4P4NfOsk=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 90E54F217F5A446E
cache-control: public, max-age=31536000
cf-request-id: 07507d6d7900000746c8081000000001
accept-ranges: bytes
content-type: text/css
expires: Wed, 29 Dec 2021 14:26:08 GMT

GET
H2 200 dashboard.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
152 B 29ms
20ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/dashboard.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
cf-cache-status: HIT
age: 2284127
cf-ray: 609431c258160746-FRA
content-length: 0
x-amz-id-2: UnNSxubFhCWFoHPuDf47fK3fulzUw8sBNuCxKyl+9oRlfwQar0zjMAEh6caxMnY6LKu47NiPbEo=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 1A5A5641377947DB
cache-control: public, max-age=31536000
cf-request-id: 07507d6d7900000746e82e8000000001
accept-ranges: bytes
content-type: text/css
expires: Wed, 29 Dec 2021 14:26:08 GMT

GET
H2 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
97 KB 102ms
37ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Tue, 29 Dec 2020 14:26:08 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
67 B 14ms
14ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1893439679&t=pageview&_s=1&dl=https%3A%2F%2Fwww.plurk.com%2Fp%2Fo5nfb6&ul=en-us&de=UTF-8&dt=datnendongnai%20-%20%C4%90%E1%BA%A5t%20n%E1%BB%81n%20Gem%20Sky%20World%20%C4%90%E1%BA%A5t%20Xanh%20%C4%91%C6%B0%E1%BB%A3c%20c%C3%B4ng%20ty%20H%C3%A0%20An%20v%C3%A0%20%C4%90%E1%BA%A5t%20Xanh%20Group%20ph%C3%A1t%20tri%E1%BB%83n.%20Khu%20%C4%91%C3%B4%20th%E1%BB%8B%20Gem%20Sky%20World%20Long%20Th%C3%A0nh%20c%C3%B3%20quy%20m%C3%B4%2092.2%20ha%20g%E1%BB%93m%20%C4%91%E1%BA%A5t%20n%E1%BB%81n%20Gem%20Skyworld%20Long%20Th%C3%A0nh%20-%20%C4%90%E1%BA%A5t%20Xanh%20Group%20-%20Plurk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=642882263&gjid=1092045615&cid=481258062.1609251969&tid=UA-53436-7&_gid=866357655.1609251969&_r=1&_slc=1&z=546192170

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 14:26:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d4c0955530a8e2c432946c6057221cab.woff
s.plurk.com/plurkiconfont/fonts/ 21 KB
22 KB 67ms
49ms Font
application/font-woff 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/plurkiconfont/fonts/d4c0955530a8e2c432946c6057221cab.woff
Requested by: Host: s.plurk.com
URL: https://s.plurk.com/20e98ced63608cc71d44.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1

Request headers

Origin: https://www.plurk.com
Referer: https://s.plurk.com/20e98ced63608cc71d44.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 296681
x-amz-request-id: EYCG5J0Q9J9ZEM0M
x-amz-id-2: aaIW2VotnvNvxQB/6FrtmU7rzJOP/lLVybPqC/N2QnF0T7sfFeXLnFnxSo77BHopXaZ5esov6p8=
last-modified: Tue, 15 Dec 2020 07:16:12 GMT
server: cloudflare
etag: W/"d4c0955530a8e2c432946c6057221cab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=155520000
cf-request-id: 07507d6e530000c2c76e382000000001
cf-ray: 609431c3b965c2c7-FRA
expires: Wed, 03 Dec 2025 14:26:08 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-53436-7&cid=481258062.1609251969&jid=642882263&gjid=1092045615&_gid=866357655.1609251969&_u=IEBAAEAAAAAAAC~&z=1320064851

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 29 Dec 2020 14:26:08 GMT
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 15ms
14ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.plurk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 16ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.plurk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 14:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
11 KB 354ms
318ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2262683643833282&correlator=299357828497293&output=ldjh&impl=fif&eid=21069137%2C21068811%2C21069068%2C44733567&vrg=2020120801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201229&iu_parts=75142684%2Cplurk_message_300x250_SB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1609251968&dt=1609251968689&dlt=1609251968251&idt=302&frm=20&biw=1600&bih=1200&oid=3&adxs=1005&adys=102&adks=2862190043&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.plurk.com%2Fp%2Fo5nfb6&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=481258062.1609251969&ga_sid=1609251969&ga_hid=1893439679&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

65bbf09e652515f925c2eb6a6ceebd3d6b9068480c9aad74da61c8c6c1a9d8ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10907
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.plurk.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0c9c33fc16d14e288a63eeeee714dbee.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 59ms
14ms Other
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://0c9c33fc16d14e288a63eeeee714dbee.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 10987.json Show response
img.scupio.com/js/config/ 549 B
930 B 92ms
34ms XHR
application/json 13.224.196.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/10987.json?v=1.0.3752
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-65.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: a104bcbb5d8f53cb30eba56a2d49e4723a8c79d6b99c2c82968dab26be77565e

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 06:44:19 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA2-C1
etag: "5f6062c3-225"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 549
x-amz-cf-id: UrXijdTTz_L71rmpVeB_2xf8TuVCMsy7yJ8gv-e22en8ksFmlaba7A==
expires: Tue, 29 Dec 2020 17:23:52 GMT

GET
H2 200 mv.html
img.scupio.com/html/ Frame 6853 0
0 43ms
42ms Document
text/html 13.224.196.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/mv.html?v=1.0.76
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-65.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/mv.html?v=1.0.76
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/p/o5nfb6
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.plurk.com/p/o5nfb6

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Fri, 11 Dec 2020 01:26:18 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 29 Dec 2020 14:26:08 GMT
expires: Tue, 29 Dec 2020 14:07:12 GMT
cache-control: max-age=1500
etag: "5fd2caba-10ca4"
x-cache: Hit from cloudfront
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 2M_1yFrgz7sspoV9RNwkozEoFtILEdmOnUkJ2Rf_Uadp4lKTvP-x7g==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 29ms
28ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-53436-7&cid=481258062.1609251969&jid=642882263&_u=IEBAAEAAAAAAAC~&z=1597878944

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 14:26:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-53436-7&cid=481258062.1609251969&jid=642882263&_u=IEBAAEAAAAAAAC~&z=1597878944

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 14:26:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d236fd746e000431a8e2c6bc787ee7c5.gif
s.plurk.com/ 34 KB
35 KB 26ms
24ms Image
image/gif 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.plurk.com/d236fd746e000431a8e2c6bc787ee7c5.gif
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af9c36eb65ef1ee2bd3b895ab1295065f7c43f07fceac8e7d8c076a0058325c7

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:08 GMT
cf-cache-status: HIT
age: 296686
cf-ray: 609431c4bf180746-FRA
content-length: 35115
x-amz-id-2: 7wM2ey66q4T1sIPDTz0QKtaAr7g18lnyaC3rYFQgNuC7MPWg6IxeHzrt27ldP4pylDjmB4wGfjk=
last-modified: Tue, 15 Dec 2020 07:16:12 GMT
server: cloudflare
etag: "d236fd746e000431a8e2c6bc787ee7c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 07A19F6709FF1831
cache-control: public, max-age=155520000
cf-request-id: 07507d6ef10000074615a65000000001
accept-ranges: bytes
content-type: image/gif
expires: Wed, 03 Dec 2025 14:26:08 GMT

POST
H/1.1 200
OK get Show response
www.plurk.com/Responses/ 104 B
259 B 119ms
119ms XHR
application/json 52.1.194.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plurk.com/Responses/get
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.194.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-194-240.compute-1.amazonaws.com
Software: Cheroot/8.4.5 /
Resource Hash: f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949

Request headers

Accept: */*
Referer: https://www.plurk.com/p/o5nfb6
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 29 Dec 2020 14:26:08 GMT
Content-Encoding: gzip
Server: Cheroot/8.4.5
Connection: keep-alive
Content-Length: 80
Content-Type: application/json

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 9BD3 180 KB
50 KB 37ms
12ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 503079
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 9BD3 13 KB
5 KB 36ms
12ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 503518
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:34:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 9BD3 90 KB
28 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 503080
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 9BD3 3 KB
1 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 503545
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:33:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:33:44 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 9BD3 41 KB
13 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 503065
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:44 GMT

GET
DATA 200
OK truncated
/ Frame 9BD3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4550fe405bf315221a7940d2bc5299e97f7e26038f953723848ce55f93145242

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4419817766275077592
tpc.googlesyndication.com/simgad/ Frame 9BD3 42 KB
42 KB 39ms
22ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4419817766275077592?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkbT46ofMzmY4wuunDySaqqLdLyRg

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a24cf0a9be854e94bf97a5ef6c53aadf61e82887b80c0edb23ad93ac73b3af78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 03:35:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Jul 2020 16:23:15 GMT
server: sffe
age: 384649
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42515
x-xss-protection: 0
expires: Sat, 25 Dec 2021 03:35:20 GMT

GET
H3-Q050 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9BD3 3 KB
3 KB 38ms
23ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Dec 2020 16:28:13 GMT
x-content-type-options: nosniff
server: cafe
age: 79076
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Tue, 29 Dec 2020 16:28:13 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9BD3 344 B
798 B 37ms
22ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Dec 2020 17:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 75059
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 29 Dec 2020 17:35:10 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9BD3 0
0 16ms
15ms Image
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFJWugJyKTVRgqGcRMkZfNUQiqUQ1dvYm7csnvJmksoYg7d6lJmHHZ1GE3tAgy2HQmUsCA
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9BD3 0
0 40ms
39ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_LkhgDzrX9PgL4Sz7gOO-L3YDemL6a5ez8rh4P8Lv-EeEAEg9JeCNWD7gYCAiAqgAcbB_pMDyAEC4AIAqAMByAMIqgT5AU_QIQlef4ETl6bPlweePmTiaKTw4GOTWuiLaQSLSZs17Qz58vBU7RNo1B3-cadniOyb1rXfiZG6DOfRggtG3Pt5l6beD7aWe8_IRIEZG51NVD8zNtbZ369QR8Qmu7ct4v6lT8yuvR70zsPhynLhW38A69DtBAw98_Z6p0vCR-L1lFD4v--5Wb83EyLj9FCzRwhOlieNmsbtPGXSYz16SFlyjksCJa76ufkYZrCCqFm0wimCcquhbMzxqztkZYTrkmkg6bp3KGiVUYs8HLe_LgGOQ2C-BSPS83bcLtsdpYCUM-s__PTdqaQofl_4ypJaIMncnVqJgC32DsAEg7iA3JID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB6K-gWyoB9XJG6gH8NkbqAfy2RuoB5SYsQKoB6XfG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDf7APSCAkIgOGAUBABGB2ACgPICwHYEw2YFgGyFxoKGAgBEhRwdWItNDEyNDk2OTI5MDEwOTM2MA&sigh=1KY5lrW2Z4c&tpd=AGWhJmt5_Vuk2wBP4yHPhDOJZt_7XmQ9qHlvQDIkxB5USy7mRg
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/o5nfb6
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6974bd82f48c9106a676bb36df1b2f397df6ad724c554407b380cf8c3b86a1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 14:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6475
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 14:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Tue, 29 Dec 2020 14:26:09 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9BD3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 29 Dec 2020 14:26:09 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 6DAA 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/p/o5nfb6
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.plurk.com/p/o5nfb6

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Tue, 29 Dec 2020 13:39:57 GMT
expires: Wed, 29 Dec 2021 13:39:57 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2772
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 4419817766275077592
tpc.googlesyndication.com/simgad/ Frame 9BD3 42 KB
42 KB 6ms
6ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4419817766275077592?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkbT46ofMzmY4wuunDySaqqLdLyRg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a24cf0a9be854e94bf97a5ef6c53aadf61e82887b80c0edb23ad93ac73b3af78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 03:35:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Jul 2020 16:23:15 GMT
server: sffe
age: 384649
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42515
x-xss-protection: 0
expires: Sat, 25 Dec 2021 03:35:20 GMT

GET
H3-Q050 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9BD3 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Dec 2020 16:28:13 GMT
x-content-type-options: nosniff
server: cafe
age: 79076
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Tue, 29 Dec 2020 16:28:13 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9BD3 344 B
369 B 7ms
6ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 28 Dec 2020 17:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 75059
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 29 Dec 2020 17:35:10 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
145 B 41ms
41ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120801&jk=2262683643833282&bg=!AgGlASHNAAXKjztBylh3dqfMrahOwgIAAABMUgAAAAxoAQcKAff7MG3pEEPlVBSJkRXbD1AXpjBePKms6_zgZGTfg4w0hgm32HX8hhIu51qq-PH3IYwNNC2Gf1klzZpcjKoeswxkqzP5BeqObstI-eFczC4CfcR-x2XYUSVZ_vxUhK7bAXddkp8Bt36AwRjuG6WHHLpd9oyKGIedRaSD3sNt7SRKaq0FVBoS2qMJGizwrzSkwu-2g5FDtWiobcTpJujWydQQMKE-KkxbZnxS8gw1dHIkqwl1p3VqK-FTGKo29nE3SXXiMBUFoL-LEWE45CPx3p2zfpjLiooCenFAXYXWLw6q4lIaArDYu7Hkg96JqPMfr5cRd0B3sNTjwKx0NxsAenzyKYOVK0-bhHOZg_AFnLXn9eKiwruk6ZCRETCKWaqgGnmykHF_QENHKBQKegumNPa0ygA2NFCTXF563YTWEEfhMx_vBnOdwuCbY2c83OG8Hyih3xKv6DWp1OcYqNwJKSsGySkW38A1GY7StR-daDICTO31lmVDbBQgCboUlBGbzdi-buKR_NSqkcudl_gjMlvOtQY6Fve1UACrgEHil3zuBBfgzGi_As_p_seBBvfHvnYppzptFUjGbfnc2i4ieYLQH2jpZppB0Ffl5h1wyrKQSoLNvw4QeY1yn3uM-e7Uk_WyB9dUUzAcBOZhTOhb2LFcF4nHg3I0ZJkBtoALaLBzTrK7DvbqFaAwNQtKF-jL3WlmSIn36wuBKUchLvDKRHfIl11z4GmOQUuPFVDCKY_yAiLLAm70vIprvADr4JHpCTxnGlf5j07zOlnE25ZR6jUuWIu41FKCQr2Bjc7ZJWdlU0XNi6iKJsFg9qhfYUVSAGTve5mGWegyizLtf_n0lZTf4M7rrEF_Aj5wUc7oFZfLr9V8x6LxjVJeKK-SyeQX0RBt78n2NQOaz3Hap09meBye4kLCPA7diqkxOH2xJAGxo8jm8PL1Kjt9LfHRrn0ZNc4Fjv06tsE5CIQLj3LMoK61EvkqqJlArIEsHQYlk8JJD-epOszbOJRfGWnIkduOeXX4bTNF41WvDl4foFx4mwXTRXnB0fK-ZTddpAYN1qrZxkdabjsuIdHSbqc_rMUtf-T-WJLQ0heiwJFySPV0qTtpdwH7JpY5YeAYwQsoAcJ4KpwZK-q_lVy4S50NwYvRucfdDW1h6BO7UlEK9aFonLJQOEn4ApB47PEnC7ABTndRfyV-EYL5rXK_KdW-aU0NlC7m630IqwHINCmAyCRxFrzy8YI6l1jsoL5NuMHCES7nSQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 14:26:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9BD3 42 B
94 B 40ms
40ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstX_1u60j_ZgjTZwxRNjC0H8SPuI4EaqnNiYDeocvmB6vuJKDpvEXPDU9Ayseuvx-s3Z5HDJK5i94e3Ol4xF5hsFBxceqDIuGMS5yYhonSw7R-3juLCY_L8pqtjpw&sai=AMfl-YTO4ZjZcg0lSU5SqbPywRigaTVcySlJkevdt7wPsUdWMRb11c7DfQSF0pwhCRJfA4H8ZjQCMgTrpGoNc79QHwUnX4xRByb2TNbdlYmKK71nzyFcOTCCiizYa9buTRbl&sig=Cg0ArKJSzC6Sja7paYBBEAE&cid=CAASPeRoAilLAZR6cBc48GP-dS53xSitZ9pbudqqPefEy2ZJx_DdzUJKmfv_jS3jC49VBalYlD08Ng_udOEm-lY&id=ampim&o=1005,102&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=130&tls=1131&g=100&h=100&tt=1131&r=v&avms=ampa&adk=2862190043

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Dec 2020 14:26:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13567.json Show response
img.scupio.com/js/config/ 468 B
857 B 34ms
33ms XHR
application/json 13.224.196.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/13567.json?v=1.0.3752
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-65.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 32fa98341f4ae04f57a10bfddfd070aae01b67b98a7f4a70aad492063572ad2f

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.plurk.com/p/o5nfb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 29 Dec 2020 14:24:26 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 02:21:16 GMT
server: nginx/1.12.1
age: 104
etag: "5f4db01c-1d4"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 468
x-amz-cf-id: yXys8Xftei-sOnxLjHqUb3Rh6TOWy9OU_L25B4xGbJojgnzWyqsJ1g==
expires: Tue, 29 Dec 2020 17:24:26 GMT

GET
H2 200 ad.html
img.scupio.com/html/ Frame 8138 0
0 31ms
31ms Document
text/html 13.224.196.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.46
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.196.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-65.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ad.html?v=1.0.46
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/p/o5nfb6
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CCA20201229222609963153
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.plurk.com/p/o5nfb6

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Fri, 11 Dec 2020 01:11:13 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 29 Dec 2020 13:35:07 GMT
expires: Tue, 29 Dec 2020 19:35:07 GMT
cache-control: max-age=21600
etag: "5fd2c731-89c8"
x-cache: Hit from cloudfront
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: dSQzK455to-5DWevElJqfan5GLOa-6Vp85ax3OLxPXbmtaNCsA_SsQ==
age: 3063

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.plurk.com/	1970-01-19 15:00:52	Name: _gat Value: 1
.plurk.com/	1970-01-19 15:02:18	Name: _gid Value: GA1.2.866357655.1609251969
.plurk.com/	1970-01-20 08:32:03	Name: _ga Value: GA1.2.481258062.1609251969
.plurk.com/	1970-01-19 15:44:03	Name: __cfduid Value: dca7f3a474519104f9f108c1feb8160fb1609251968
.plurk.com/	1970-01-19 15:22:27	Name: plurkcookiea Value: "/pd1YUm7lL1iVkQ/yGG3x8c63TdiNlB20mnIx3XwRBw=?from_url=Ii9wL281bmZiNiI=&invitation_from_uid=MTQ4MDc2MzQ="

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.plurk.com/p/o5nfb6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0c9c33fc16d14e288a63eeeee714dbee.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
assets.plurk.com
avatars.plurk.com
cdn.ampproject.org
cdnjs.cloudflare.com
googleads.g.doubleclick.net
img.scupio.com
imgs.plurk.com
pagead2.googlesyndication.com
s.plurk.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.plurk.com
13.224.196.65
172.217.23.98
2606:4700::6810:135e
2606:4700::6811:4503
2a00:1450:4001:809::200e
2a00:1450:4001:814::2004
2a00:1450:4001:816::2002
2a00:1450:4001:817::2003
2a00:1450:4001:81b::2001
2a00:1450:4001:81d::2001
2a00:1450:4001:81f::2001
2a00:1450:4001:820::2002
2a00:1450:4001:824::2004
2a00:1450:400c:c06::9c
52.1.194.240
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
064ab4e3257c359564e49bc564b9b88c5f0b8c6f3a7849d10fb382ea9119991b
083a36700aa80abe04d85229b5f3bfc9287e212fc032689394eb5974fb7f4e94
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae
32fa98341f4ae04f57a10bfddfd070aae01b67b98a7f4a70aad492063572ad2f
3f91a546585f972a38f20b3047ad43c0c5b39e00a560d3c833f3f45a254b715e
4550fe405bf315221a7940d2bc5299e97f7e26038f953723848ce55f93145242
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
50f16900e3571e1b43cfa12e126a8b38caf560dca7d2b61c601f5211adfb1e5a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5860691a8292292a2567ab3b3bdd6044640a2e0868840c7105d570400e4a8f3f
5d56552317ba8a0cb209f2260eacfb768d2a0490ebf80a2871e981833ca153ea
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
65bbf09e652515f925c2eb6a6ceebd3d6b9068480c9aad74da61c8c6c1a9d8ed
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
678c16283762d2d1a12c9b055cf3e4333ca3c4c6638a95741f1130084882756f
6974bd82f48c9106a676bb36df1b2f397df6ad724c554407b380cf8c3b86a1e4
7b3c792643d96ef96ae8542e93c7f92cdb81fda125351f69c16f2b426e381c48
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9
9d8dd4140d18d08eb3884a008abf56317a42f13763dd0ee27435cc33cbff5210
a104bcbb5d8f53cb30eba56a2d49e4723a8c79d6b99c2c82968dab26be77565e
a24cf0a9be854e94bf97a5ef6c53aadf61e82887b80c0edb23ad93ac73b3af78
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af9c36eb65ef1ee2bd3b895ab1295065f7c43f07fceac8e7d8c076a0058325c7
b137b50ee7f49bf7bb1fe79d62394d94e01e8e1a8ac11b1b408837ca089c2818
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b31cd448810f1526683422701edfda3fda04e49df1dd22cbc6718867eef7b1c5
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1
c5ef854dcc885fe3ab841d8ad4d6d21112481af03a603e4bd639854dacf036be
dc2cda8f58a168906fda8e1a1b38577456b35c44d39d59d6becbe227d39f1a0c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e619d160e9e8bfb0e2604cfe9a1bd3637c3e32a60d3c801afce27e91f01284ce
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949
f7efe6646e073188e90f72a91d175a1fc9b2fd7dab2af545d673e9be01381e18

www.plurk.com Open in urlscan Pro 52.1.194.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

61 Requests

98 %HTTPS

80 %IPv6

10 Domains

20 Subdomains

16 IPs

3 Countries

721 kBTransfer

1906 kBSize

5 Cookies

1 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.plurk.com Open in urlscan Pro
52.1.194.240 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

98 %
HTTPS

80 %
IPv6

10
Domains

20
Subdomains

16
IPs

3
Countries

721 kB
Transfer

1906 kB
Size

5
Cookies

61 HTTP transactions
0 data transactions