www.plurk.com Open in urlscan Pro
2606:4700::6811:4503 Public Scan

URL:
https://www.plurk.com/p/of9v7w
Submission: On June 20 via manual (June 20th 2021, 3:45:11 am UTC) from VN

Summary HTTP 119 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 42 IPs in 9 countries across 26 domains to perform 119 HTTP transactions. The main IP is 2606:4700::6811:4503, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.plurk.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 17th 2020. Valid for: 2 years.

This is the only time www.plurk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700::68... 2606:4700::6811:4503	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	65.9.77.82 65.9.77.82	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:4603	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2 6	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	54.178.71.123 54.178.71.123	16509 (AMAZON-02) (AMAZON-02)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
3	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
4 7	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	51.75.147.170 51.75.147.170	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4 9	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	185.29.133.52 185.29.133.52	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 2	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
119	42

15 2606:4700::6811:4503 (United States)

ASN13335 (CLOUDFLARENET, US)

www.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatars.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgs.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 65.9.77.82 (United States)

ASN16509 (AMAZON-02, US)

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4603 (United States)

ASN13335 (CLOUDFLARENET, US)

s.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.210.196.208 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.178.71.123 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-71-123.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.181 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 210.59.219.180 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 138.201.84.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hal900024.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.147.170 (France)

ASN16276 (OVH, FR)
PTR: ns3133977.ip-51-75-147.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.175 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.96.200.41 (United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.52 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.76.93 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	plurk.com www.plurk.com s.plurk.com avatars.plurk.com imgs.plurk.com assets.plurk.com	267 KB
17	scupio.com img.scupio.com prebid.scupio.com bw.scupio.com rec.scupio.com	229 KB
16	googlesyndication.com 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	73 KB
13	rubiconproject.com 6 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel-apac.rubiconproject.com pixel.rubiconproject.com	17 KB
12	criteo.com 2 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	6 KB
12	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	137 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal900024.redintelligence.net	10 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	aralego.com 1 redirects hb.aralego.com sync.aralego.com	1 KB
4	criteo.net static.criteo.net	107 KB
4	google.com adservice.google.com www.google.com	1 KB
4	cloudflare.com cdnjs.cloudflare.com	54 KB
3	holmesmind.com 1 redirects ad.holmesmind.com c.holmesmind.com	982 B
3	googletagservices.com www.googletagservices.com	86 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	627 B
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com ads.yahoo.com	1 KB
2	googleapis.com ajax.googleapis.com	65 KB
2	creativecdn.com prebid-asia.creativecdn.com	352 B
2	google.de adservice.google.de www.google.de	960 B
2	google-analytics.com www.google-analytics.com	19 KB
1	adsrvr.org match.adsrvr.org	265 B
1	mathtag.com 1 redirects sync.mathtag.com	611 B
1	facebook.com www.facebook.com	147 B
1	contentspread.net cdn.contentspread.net	52 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
0	appier.net Failed ad2.apx.appier.net Failed
119	26

	Domain	Requested by
11	s.plurk.com	www.plurk.com s.plurk.com
10	img.scupio.com	www.plurk.com img.scupio.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net eus.rubiconproject.com
6	tpc.googlesyndication.com	1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com
6	gum.criteo.com	2 redirects static.criteo.net
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	hal900024.redintelligence.net	1 redirects 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com hal900024.redintelligence.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	pixel.rubiconproject.com	eus.rubiconproject.com
4	static.criteo.net	img.scupio.com static.criteo.net
4	mug.criteo.com
4	cdnjs.cloudflare.com	www.plurk.com
3	sync.aralego.com	1 redirects img.scupio.com
3	bw.scupio.com	img.scupio.com ajax.googleapis.com eus.rubiconproject.com
3	www.google.com	www.plurk.com 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com tpc.googlesyndication.com
3	assets.plurk.com	cdnjs.cloudflare.com
3	www.googletagservices.com	www.plurk.com securepubads.g.doubleclick.net 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com
3	www.plurk.com	cdnjs.cloudflare.com static.cloudflareinsights.com
2	c.holmesmind.com	1 redirects
2	sync-tm.everesttech.net	2 redirects
2	eus.rubiconproject.com	www.plurk.com eus.rubiconproject.com
2	rec.scupio.com	img.scupio.com
2	ajax.googleapis.com	hal900024.redintelligence.net img.scupio.com
2	googleads.g.doubleclick.net	1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com www.plurk.com
2	prebid-asia.creativecdn.com	img.scupio.com
2	prebid.scupio.com	img.scupio.com
2	bidder.criteo.com	img.scupio.com
2	hb.aralego.com	img.scupio.com
2	1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.plurk.com www.google-analytics.com
1	ads.yahoo.com	eus.rubiconproject.com
1	match.adsrvr.org	eus.rubiconproject.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	pixel-apac.rubiconproject.com	1 redirects
1	www.facebook.com	img.scupio.com
1	secure-assets.rubiconproject.com	1 redirects
1	cdn.contentspread.net	hal900024.redintelligence.net
1	hal9000.redintelligence.net	1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com
1	ad.holmesmind.com	img.scupio.com
1	www.google.de	www.plurk.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.cloudflareinsights.com	www.plurk.com
1	imgs.plurk.com	www.plurk.com
1	avatars.plurk.com	www.plurk.com
0	ad2.apx.appier.net Failed	img.scupio.com
119	50

This site contains links to these domains. Also see Links.

Domain
vlam.vn

Subject Issuer	Validity	Valid
*.plurk.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-17` - `2022-07-16`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2019-10-15` - `2021-10-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
contentspread.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-06-16` - `2021-07-28`	a month	crt.sh

This page contains 14 frames:

Primary Page: https://www.plurk.com/p/of9v7w
Frame ID: 5B4848374AF19685F1948EBA4204C428
Requests: 42 HTTP requests in this frame

Frame: https://img.scupio.com/html/mv.html?v=1.0.91
Frame ID: A0E73330F6DEDD20ECC259943AB7127D
Requests: 15 HTTP requests in this frame

Frame: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CF1892085E4DE8F2C742D16A3B67CCF4
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNVSR5d0OqGv0S_bOjXbdsSLPhtbrF9QVDqtqv1tMToJqBiYb7b4VaV683DqW9XwbsVRPjEDlDJhg3C_J8WMTuGnRLB86g
Frame ID: 76252CB4A959B5B1E6EBDD18BFEE534F
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EDCB664B383C3C7F585F40BA8B32D732
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 857015BDC04715D1CEA7110E530B1DDC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2756E65810E1A7208CB46E929F012095
Requests: 1 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=63891900012273100710156011631024&a=d34923af
Frame ID: 42CACC75464ADACDBA89D645D10F6E46
Requests: 6 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.56
Frame ID: 34F01498FA43238817D1A0C21BF45920
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com
Frame ID: 70B5A1079EE10FEA6F88976F20A3ABCC
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 1EFE7F92850055B40FE8E23F7009F003
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEARRnRzLuFXJT_7mlsM-y60&google_cver=1&google_ula=3918219,0
Frame ID: 012D2A45876A296C0A802F37F3346E5D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 65A032C0F900D355876FE5EEB9BC96D2
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com
Frame ID: 068D8905EAAEC42AA580BDF9565A83DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

119
Requests

99 %
HTTPS

50 %
IPv6

26
Domains

50
Subdomains

42
IPs

9
Countries

1127 kB
Transfer

3065 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vlam.vn/viec-lam-binh-duong/tuyen-dung-ke-toan-tong-hop-lam-viec-tai-kcn-viet-nam-singapore-binh-duong-cv69
Title: Tuyển dụng kế toán tổng hợp làm việc tại KCN Việt Na...

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=dDUyNnwvMjlrRUQ1MVcxeGljQ0habmphMzgzdVc4aFdGNGxaOVJmL0szclVTYkxQMHc2Y2M5OFlPazZrQXVuRk9RTEJsRFA5WTVHcXRFRERPa0xGMkRCcTJ0TlErK2ptVnNMTDBadUU0OHhmc3ArVlZGYTVjV2hOMGRoWjFLTXZpci9KeHBocmc5cjdDbkFCM3Z5UUFXODlKM3lBUUJyTjhPK2Z4WUFKUmM5ejQxNjlPalpHcGp0cmtBd1g1WEdUUlk2L0d2aTgxU0ZYNWtkbUJQNjBQZjJNS1JIY3ZTTWFGMmZLUDFwZ2NOYURMZmJVPXw&cppv=2

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnlUHzBhsJUUvxhUyqZPvU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnlUHzBhsJUUvxhUyqZPvU&google_cver=1&C=1

Request Chain 64

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YM65t-oR6RM6GeeKIRkPGQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnlUHzBhsJUUvxhUyqZPvU&google_cver=1

Request Chain 71

https://hal900024.redintelligence.net/request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=e6aac604c4&subid=&uid=a21d5b209e9d62a0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR7m1t7nOYNfqFJT8gAeC4rGQBuS0qoNXmuHOw60K8C4QASD0l4I1YPWVzoHgBMgBCakC4gdi_nbnsz6oAwGqBNoBT9Cqu945Yevc0-A0D3iA8ioUa5iycHkHTzJcpl_2jntsztBGUlohXYTd_J3iU2z1yTm3CQNYRVfHgFyaRFmEZJbbArwD0yMLiV_XWVAzoB222rFFp4W8Wnk_AEhTVKEDodX0ZL2CDIqdZtPzMapwiu6q0f2gECmUSrnSCnQVPWGCC15h7AqdZ-vVQwHHWf0SG9D1eOd18xOp91yPUcGTl-dMV791EOk24SEZqFAnxWmVfRdjdqriIGNs1z-gygu4hoPl_areo_uVdzfLboPcv6Qj31HO1J-0VRvABOWU39HOAeAEA5AGAaAGTYAH6-foXqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB2ACgOYCwHICwGADAGwE4XAtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoBcZk0X6NgxJVXuYsiV3YXn0Cjg%26sig%3DAOD64_2Y359vG-ic4DrcaYBgOfyZQON1aA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BDEEgw1BWcJ-vxd73fEZr1xD7NY_4gKcawRWib9BJ-Ec8Eg3eCLhpdBL3cwWRQPTruvZwDVhUmmm0Z0u2IzDx4YzUXDqagsNvS4cRoQt4Pfluq6yvRPdXef3SCzSAnQlDKvae0DIpTMNsAhv123_OW5hugIg%26cry%3D1%26dbm_d%3DAKAmf-BWntkBxTbqFlSXraaR5V2lOcGz12Z5yFgpSN7WF2hrBre5UX1WEjVUZ8xPx3O0uWvNLtqVEre4dxLKBl0v_w3voZwLhfEMMMZDNuZEtOhJRDROf-r5OzbjXY496u-btu_kaL6BfW1OFg-8rCwANKiJTAAf_4x-_Nw8-Sw4jzoZsmF6kIBiWcZ6xOhatA_vkc22bd85PfbIOjhSXlpqdz6h9MkVBvuIHNmk0vdQgMUIWY1KZJ1nSz76NLfx304BUNGojKATSZ1BJba2AfImvuzBzOXZUOl9LeOtUpgzRX9TNzU65c0sKzx2TxW0pKYoeAZTgXjrXmApw8hg4kdDoDmIEnHSZApA2leaVSjQOvxlJSsprFHEuctjjdejJ-g53l-za5jX44ZEcmYUBg1wXsIVSxCNxd2XsRA4krdTXtEaMwm8KfuFh3jwbsNlsGeVLkzAxrGb%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=2120126000355&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal900024.redintelligence.net/request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=e6aac604c4&subid=&uid=a21d5b209e9d62a0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR7m1t7nOYNfqFJT8gAeC4rGQBuS0qoNXmuHOw60K8C4QASD0l4I1YPWVzoHgBMgBCakC4gdi_nbnsz6oAwGqBNoBT9Cqu945Yevc0-A0D3iA8ioUa5iycHkHTzJcpl_2jntsztBGUlohXYTd_J3iU2z1yTm3CQNYRVfHgFyaRFmEZJbbArwD0yMLiV_XWVAzoB222rFFp4W8Wnk_AEhTVKEDodX0ZL2CDIqdZtPzMapwiu6q0f2gECmUSrnSCnQVPWGCC15h7AqdZ-vVQwHHWf0SG9D1eOd18xOp91yPUcGTl-dMV791EOk24SEZqFAnxWmVfRdjdqriIGNs1z-gygu4hoPl_areo_uVdzfLboPcv6Qj31HO1J-0VRvABOWU39HOAeAEA5AGAaAGTYAH6-foXqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB2ACgOYCwHICwGADAGwE4XAtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoBcZk0X6NgxJVXuYsiV3YXn0Cjg%26sig%3DAOD64_2Y359vG-ic4DrcaYBgOfyZQON1aA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BDEEgw1BWcJ-vxd73fEZr1xD7NY_4gKcawRWib9BJ-Ec8Eg3eCLhpdBL3cwWRQPTruvZwDVhUmmm0Z0u2IzDx4YzUXDqagsNvS4cRoQt4Pfluq6yvRPdXef3SCzSAnQlDKvae0DIpTMNsAhv123_OW5hugIg%26cry%3D1%26dbm_d%3DAKAmf-BWntkBxTbqFlSXraaR5V2lOcGz12Z5yFgpSN7WF2hrBre5UX1WEjVUZ8xPx3O0uWvNLtqVEre4dxLKBl0v_w3voZwLhfEMMMZDNuZEtOhJRDROf-r5OzbjXY496u-btu_kaL6BfW1OFg-8rCwANKiJTAAf_4x-_Nw8-Sw4jzoZsmF6kIBiWcZ6xOhatA_vkc22bd85PfbIOjhSXlpqdz6h9MkVBvuIHNmk0vdQgMUIWY1KZJ1nSz76NLfx304BUNGojKATSZ1BJba2AfImvuzBzOXZUOl9LeOtUpgzRX9TNzU65c0sKzx2TxW0pKYoeAZTgXjrXmApw8hg4kdDoDmIEnHSZApA2leaVSjQOvxlJSsprFHEuctjjdejJ-g53l-za5jX44ZEcmYUBg1wXsIVSxCNxd2XsRA4krdTXtEaMwm8KfuFh3jwbsNlsGeVLkzAxrGb%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=2120126000355&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 86

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=lmNeCHxBbFBTcFd5T05WQWJKcnYrQzdML1Q1MkJBRXVFcStRakNLUWdGdTI1dXd6cU56SHlESE5OVjliTjB4MmJOelRvQVNzcWl3ai91c1lhQlRGYlkvcnZ0Vy9xdDVmdi9NckpDNmg1aEJhbERyRGxKUk9TOW9QR3o0K3lBMXNxSjdlK3pWdmtUeTdnU0UwMXdkc3BaQ2E0RjZxV2JSaG5XWXNwOXBOT0lqK0tUY045TTZDbGFLalkzelQ5Z1BkQnVCQkdXa2V4SlcvMXd4dGx4NTRxWDNHTXhFWFJYcmdhR1BWTmdadE83OGQxd3ZrPXw&cppv=2

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0lBMjAyMTA2MjAxMTQ0NTYzMzAzNTU%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEARRnRzLuFXJT_7mlsM-y60&google_cver=1&google_ula=3918219,0

Request Chain 100

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 102

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CIA20210620114456330355 HTTP 302
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

Request Chain 108

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell HTTP 302
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=KQ4NCF8Z-B-GQBI

Request Chain 109

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=daa460ce-b9b9-4400-bc19-c5637362bda8

Request Chain 110

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTExZWZiNDY2NmRmZWFhZWZjZWUxODY3Y2EzNzgzN2E5NDBmNzI3NQ

Request Chain 111

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Wu4cwySDZwrnPW21ika2EA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5534814456925838830

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEApiIqOPHTArgSMNzkIEcpg&google_cver=1

Request Chain 113

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1E0TkNGOFotQi1HUUJJ

Request Chain 115

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQ4NCF8Z-B-GQBI&sigv=1&esig=2~8146a96c66e917d48152c5064c1c83b8f18b9195

Request Chain 116

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YM65ugABsftDaABg HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YM65ugABsftDaABg&_test=YM65ugABsftDaABg

Request Chain 118

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

119 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request of9v7w Show response
www.plurk.com/p/ 15 KB
5 KB 445ms
426ms Document
text/html 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d067cc74b07828e65b2cea7b153f63f3fdcb040b86f122ea02835f662d4c097f

Request headers

:method: GET
:authority: www.plurk.com
:scheme: https
:path: /p/of9v7w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-type: text/html; charset=utf-8
set-cookie: plurkcookiea="8s3y1Kz+9K+r8tPGciYK2NpaqaR/rBOgd0TeCoKNAgw=?from_url=Ii9wL29mOXY3dyI=&invitation_from_uid=MTQ4MDc2MzQ="; Domain=.plurk.com; Expires=Mon, 05-Jul-2021 03:44:54 GMT; Max-Age=1296000; Secure; HttpOnly; Path=/
cf-cache-status: DYNAMIC
cf-request-id: 0ac91e88e50000c2eaf297a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66220054af4dc2ea-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 b857d9cf56d6f856e2b9.js Show response
s.plurk.com/ 64 KB
22 KB 30ms
28ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/b857d9cf56d6f856e2b9.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b90a40bb183f1f7036a6aad2fe03e57e5cf350a6c76779915cca7c1e37e1427f

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 234304
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: GXQH9FQAKVTTKVMG
x-amz-id-2: SNn2yGGKEcUwxtapf6a0mEy+36lybINDnjOConzJHzE1D7cZ2AuuYJUoP6A9gWS4k9h/HkF6vGk=
last-modified: Thu, 17 Jun 2021 10:36:27 GMT
server: cloudflare
etag: W/"08e20746126cfac6c1e1fd1fb365fcef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91e8a960000c2eaafb89000000001
cf-ray: 662200575a24c2ea-FRA
expires: Mon, 25 May 2026 03:44:54 GMT

GET
H2 200 e5c9c0eaa191278ef039.js Show response
s.plurk.com/ 172 KB
57 KB 40ms
38ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/e5c9c0eaa191278ef039.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7644af38eab82d36c7e546d9bdac3b27fb22641927eb9368bc5c33c777c6d676

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 857149
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: KS35M2Y4MW0BKDMZ
x-amz-id-2: uV0OrMTBFuJ0hmPkAdpylqcEt7/YXkLx5jFMmox3AonIiyZSL9MxiPnAuwLOvsSDDS9bbruDSLM=
last-modified: Thu, 13 May 2021 05:30:35 GMT
server: cloudflare
etag: W/"79bfcb8b641331b5972ed4136ab1301b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91e8a970000c2eaf98ad000000001
cf-ray: 662200575a26c2ea-FRA
expires: Mon, 25 May 2026 03:44:54 GMT

GET
H2 200 f98462c57caf3129dd20.js Show response
s.plurk.com/ 2 KB
1 KB 34ms
32ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/f98462c57caf3129dd20.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49832bd9d6e23a7771e130b7a8c75e669a56e10f6ec88afd6872b9e27218f231

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 309720
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 6N0V29DX0WS3FRC2
x-amz-id-2: /P8UkZ9L7QJtv1Vl+pL4RIWJpS4+qc184cL66G+AlujKY8kqqV7+0te2EBc8zsZLXMDrrMg0Skg=
last-modified: Wed, 21 Apr 2021 05:52:35 GMT
server: cloudflare
etag: W/"4d81cd1413f0de03828bf6ec967af7bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91e8a970000c2eabd195000000001
cf-ray: 662200575a25c2ea-FRA
expires: Mon, 25 May 2026 03:44:54 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
28 KB 27ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7713155
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27433
cf-request-id: 0ac91e8aa200004e6792ab9000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=n1rGrGwGpyAj6cYDKkYmNkoWx1FkupZI0iinVt8qxPNS76x8%2B5BXVPVigHGO4PJreRi%2F8%2FaJ8k9UEBVSJnEUHdiaU28RnOQyvWG8PCeO4UKh1k3k7rhZL7J4WYyGtMaqNN0jcEaLvWbUWFeE%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6622005769e64e67-FRA
expires: Fri, 10 Jun 2022 03:44:54 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/ 21 KB
4 KB 33ms
18ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2693172
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4037
cf-request-id: 0ac91e8aa200004e676901f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-55e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Cm%2B6nvNwvOugt0UBC4cA4XLdB5uif2sTD4BWbrNQUSrsHZXXbBK3sZeiCVM51gYNqp%2FJz3Y2BgFYzOS9mCzJ203X9ZJBFxEBXLBObCIW8IevKLcx%2FOsJHEAuKwF2GyrJKVyYb2VNzYM0QrB%2B5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6622005769e14e67-FRA
expires: Fri, 10 Jun 2022 03:44:54 GMT

GET
H2 200 be6490d423cd4fe35add.css
s.plurk.com/ 5 KB
1 KB 35ms
33ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/be6490d423cd4fe35add.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d706fc3e4dbf7484d9143806e2fe9bde08e4089b678a919019771e7a5c2f4f

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 1622516
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PF4YGW9DS96VJM18
x-amz-id-2: t15Nrb9MVMpwrpnjO565mREXQ/fCwu70FkdyXCy7JhHbc4J7EWktPDSIBaZsIXbAXBU7FWl4U/A=
last-modified: Tue, 01 Jun 2021 08:58:28 GMT
server: cloudflare
etag: W/"0f7fc8f1ded4854c178b7b313e9a05c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0ac91e8a950000c2eaba027000000001
cf-ray: 662200575a21c2ea-FRA
expires: Mon, 25 May 2026 03:44:54 GMT

GET
H2 200 sweetalert.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/ 40 KB
11 KB 28ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1413560
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10494
cf-request-id: 0ac91e8aa200004e6792383000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff8-9f68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oTve8SdYFT%2BO9UsS%2FiDKVv3RRNPZvrP%2FAdQJYWNWD%2BKNp1FiMiUCv%2B7Tr4zJNWOco8OVjsq11nkHbygns%2FR2BKfh7n84ndgx3TTzg5s4lTyRJToKCorzn0Vb1ii3E2irHD0y8pyH5foUsnvyLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6622005769e54e67-FRA
expires: Fri, 10 Jun 2022 03:44:54 GMT

GET
H2 200 handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/ 43 KB
12 KB 32ms
17ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/handlebars.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 193388
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11830
cf-request-id: 0ac91e8aa200004e679726a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-ac34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=phhGAadRXA2ZEjcV8fXAbpFFRKY2MoHDayQhdOoo9lKmY2HbGS5150DJ3rsXgHQowth8uLsWSo0UzxjFdG1%2BDoyXeppYmOWDI0coxXUZeT%2BnX9fSR1dBzEqc8fZtdpXijcM3xquYgWiYrllYtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6622005769e34e67-FRA
expires: Fri, 10 Jun 2022 03:44:54 GMT

GET
H2 200 a7e6ae6ad276b216026d.js Show response
s.plurk.com/ 48 KB
13 KB 28ms
27ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/a7e6ae6ad276b216026d.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b52207f42e563d3a8bb56e7203515812c47ba7d8f31573300f06d323ad540f6

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 845860
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: STE62TXP513QB540
x-amz-id-2: lLFNZyZ+mYjANe4YLwKw5LRxh7fIxYueHVU/IdOYDQQVOFqDLsHVT7oTsqAjxvd3pawowkNQmCA=
last-modified: Thu, 10 Jun 2021 08:32:42 GMT
server: cloudflare
etag: W/"8c7550f23efa76de8ea43f661e206763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91e8a970000c2ead937b000000001
cf-ray: 662200575a27c2ea-FRA
expires: Mon, 25 May 2026 03:44:54 GMT

GET
H2 200 88da4e6060770e741c9a.js Show response
s.plurk.com/ 62 KB
20 KB 33ms
32ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/88da4e6060770e741c9a.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 673cb57b8bcbb6394a6b47f190d86077949725e7c9e4445d2366cbd43b242224

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 234284
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WBBM8CYFC2EWY520
x-amz-id-2: Epd4lEWT4nqgvIRz5OTT1AuwsRRYs7VYLReFy+9b0ABtFonmkyv0lSPJPX0y2lyOLyJYEhDHaBY=
last-modified: Thu, 17 Jun 2021 10:36:25 GMT
server: cloudflare
etag: W/"0df4f1bfaf87bd2c07a425b29ca4071d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91e8a980000c2eacc9a3000000001
cf-ray: 662200575a29c2ea-FRA
expires: Mon, 25 May 2026 03:44:54 GMT

GET
H2 200 31b312ff2cc0494dbf23.css
s.plurk.com/ 39 KB
8 KB 34ms
33ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/31b312ff2cc0494dbf23.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e652bca51f3d99e146d9b1d9b59b275412dc949d345c0a4566dbfb881f46a40b

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 234284
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WBBQKNM9SHW92KB0
x-amz-id-2: 808Jo/jtERi3SqTZCF9kmcbO2LrqQMrfL0jk7BRv0vbKmpSMtLXs2R43awTbPinYz4AKTQQEyqI=
last-modified: Thu, 17 Jun 2021 10:36:25 GMT
server: cloudflare
etag: W/"5586b0ed01f06b4fc36fbf63b6d21e3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0ac91e8a950000c2eaef82c000000001
cf-ray: 662200575a22c2ea-FRA
expires: Mon, 25 May 2026 03:44:54 GMT

GET
H2 200 c7613002a6ba4a98b549.js Show response
s.plurk.com/ 242 KB
66 KB 35ms
34ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/c7613002a6ba4a98b549.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6645e2c0a595a3c171a6a0eb57bbdf2abab1e9f813676ac75b2916de4778c45

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 814696
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PWWE8KVN10B49EKE
x-amz-id-2: w0GU086a0INiGF1y7G7DLGv3hzkR7e20B1vHY9pLqHnHxpvYbwkd9gCYT4dR4pHDZwhTb0U90yE=
last-modified: Thu, 10 Jun 2021 17:20:28 GMT
server: cloudflare
etag: W/"18b0b09a12beb11af3e0fc0ab6d29964"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91e8a980000c2eaf298d000000001
cf-ray: 662200575a2bc2ea-FRA
expires: Mon, 25 May 2026 03:44:54 GMT

GET
H2 200 d1d3f8efc01fbbcbabfb.css
s.plurk.com/ 69 KB
13 KB 26ms
25ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/d1d3f8efc01fbbcbabfb.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1ba74945c36d1928d02079f476ac27d123ffa19c6fccfb2a3d14b35614b9218

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 844964
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: YV0KM68RM3MFXFTZ
x-amz-id-2: 3Kd24YF8wt+y4e76QrE9gJfXJ5cZ4IRSg4QKD0WE2Xc8euGtdmXuwEvlTLPHEQ9qA1YA+ZNvFUk=
last-modified: Thu, 10 Jun 2021 08:32:43 GMT
server: cloudflare
etag: W/"3270d2100d8dd64a6c68e5101ef8346b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0ac91e8a960000c2ea06286000000001
cf-ray: 662200575a23c2ea-FRA
expires: Mon, 25 May 2026 03:44:54 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 41 KB
15 KB 88ms
27ms Script
application/javascript 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: bc7a9223874861c2b9fa970476f94a0013644fcc8c8b26a428549a2f2d050840

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:30 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 08:12:42 GMT
server: nginx/1.12.1
age: 176
etag: W/"60c860fa-a4d5"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: QlSLXJPmY0C0eA1yR-NN5b4LIogw5Lvgf2Zf08dypu7dUNbNuSDCDA==
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Sun, 20 Jun 2021 03:56:59 GMT

GET
H2 200 14807634-medium15092772.gif
avatars.plurk.com/ 1 KB
2 KB 29ms
21ms Image
image/gif 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.plurk.com/14807634-medium15092772.gif
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
cf-cache-status: HIT
age: 778198
cf-polished: origSize=1287
cf-ray: 662200583ad9c2ea-FRA
x-amz-storage-class: REDUCED_REDUNDANCY
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1279
x-amz-id-2: OfMGZl2eVQE55TpfKLf0RTliwwlXTzpaE41uVtR8bojYT1eCAJBHf1sl2IQHL6TCLvcb9MC86oc=
last-modified: Wed, 24 Oct 2018 17:48:38 GMT
server: cloudflare
etag: "6c0779ae49111313047639c892eef67c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: Y80ZYR5C82Z7NXNB
expires: Mon, 25 May 2026 03:44:55 GMT
cache-control: public, max-age=155520000
cf-request-id: 0ac91e8b260000c2eac080b000000001
accept-ranges: bytes
content-type: image/gif
cf-bgj: imgq:100,h2pri

GET
H2 200 nyrjH1gbiLmgHWEumGgaNO4kjOQ_mt.jpg
imgs.plurk.com/QzM/Eal/ 4 KB
5 KB 15ms
14ms Image
image/jpeg 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgs.plurk.com/QzM/Eal/nyrjH1gbiLmgHWEumGgaNO4kjOQ_mt.jpg
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb18058302f67c3f2c45a9b273a9536bcd4e3589c07d041d68d999740f778790

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
cf-cache-status: HIT
age: 216984
cf-polished: origSize=4442
x-amz-meta-source: https://vlam.vn/storage/image/vlam-tuyen-dung.jpg
x-amz-meta-content-type: image/jpeg
last-modified: Thu, 17 Jun 2021 14:30:45 GMT
content-length: 4372
x-amz-meta-hash: EalnyrjH1gbiLmgHWEumGgaNO4kjOQ
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 4DC1VHNZQERXSBVH
x-amz-id-2: rBO/Jd6LZ1mStnJDWNRf530rYvN0y/TGS1ViWqfYjh+m12gR/YMHY6/W/PYEoxkbcJ9IpRuBl14=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "18c836627a7e26aef3becfb5919b52c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-request-id: 0ac91e8b3d0000c2ea0628b000000001
accept-ranges: bytes
cf-ray: 662200586af7c2ea-FRA
expires: Mon, 20 Jun 2022 03:44:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a2c0a3b3510b56be29d68362d3e731986fdc810bb57d6ed461185b278ff89e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "907 / 95 of 1000 / last-modified: 1624054126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21494
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:44:55 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 13ms
13ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6622005879a7d6bd-FRA
cf-request-id: 0ac91e8b4d0000d6bd24ba6000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2778
date: Sun, 20 Jun 2021 02:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 20 Jun 2021 04:58:37 GMT

GET
H2 200 background.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
154 B 31ms
15ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/background.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
cf-cache-status: HIT
age: 160640
cf-ray: 66220057faa1c2ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-amz-id-2: c5HicxTBhNDI7lbeAC43cDlSGOJY4hEwMWjmjPtP8ZJq7Z5CZd0PtSm5CrT2mpbhd+z7s9XuuIs=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4FMF7CRZFAW4FKCT
cache-control: public, max-age=31536000
cf-request-id: 0ac91e8afe0000c2eaef82f000000001
accept-ranges: bytes
content-type: text/css
expires: Mon, 20 Jun 2022 03:44:55 GMT

GET
H2 200 timeline.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
400 B 29ms
14ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/timeline.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
cf-cache-status: HIT
age: 160641
cf-ray: 66220057faa0c2ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-amz-id-2: kankFk58IvG9qoQixb0RoQo/+VKBJ+Yzo5hd7oDdR6pIsZ/u6hCyPJqroCJ7ntx9bIAUp3dFxLI=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4FM4V2VA7M8KP4ND
cache-control: public, max-age=31536000
cf-request-id: 0ac91e8afe0000c2ea06289000000001
accept-ranges: bytes
content-type: text/css
expires: Mon, 20 Jun 2022 03:44:55 GMT

GET
H2 200 dashboard.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
154 B 35ms
20ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/dashboard.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
cf-cache-status: HIT
age: 232286
cf-ray: 66220057faa2c2ea-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-amz-id-2: ZVkaaFPyV2PiMjrku1SCeY+cKxsmOLcipMBi4QXoPvOPT8e6BFSZgTcc9Gea7XqPC7P7u5HPXMk=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 9QH19QCD2MYX33PQ
cache-control: public, max-age=31536000
cf-request-id: 0ac91e8aff0000c2eaff182000000001
accept-ranges: bytes
content-type: text/css
expires: Mon, 20 Jun 2022 03:44:55 GMT

GET
H2 200 pubads_impl_2021061503.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
115 KB 68ms
25ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 21:10:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116743
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:44:55 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1329717370&t=pageview&_s=1&dl=https%3A%2F%2Fwww.plurk.com%2Fp%2Fof9v7w&ul=en-us&de=UTF-8&dt=datnendongnai%20-%20Tuy%E1%BB%83n%20d%E1%BB%A5ng%20k%E1%BA%BF%20to%C3%A1n%20t%E1%BB%95ng%20h%E1%BB%A3p%20l%C3%A0m%20vi%E1%BB%87c%20t%E1%BA%A1i%20KCN%20Vi%E1%BB%87t%20Nam%20Singapore%20B%C3%ACnh%20D%C6%B0%C6%A1ng%20Tuy%E1%BB%83n%20d%E1%BB%A5ng%20k%E1%BA%BF%20to%C3%A1n%20t%E1%BB%95ng%20h%E1%BB%A3p%20l%C3%A0m%20vi%E1%BB%87c%20t%E1%BA%A1i%20KCN%20Vi%E1%BB%87t%20Na...%20-%20Plurk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=495583699&gjid=715862000&cid=1172499367.1624160695&tid=UA-53436-7&_gid=932906789.1624160695&_r=1&_slc=1&z=383312934

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 b903137cf2afd470223d.woff
s.plurk.com/plurkiconfont/fonts/ 21 KB
22 KB 34ms
16ms Font
application/font-woff 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/plurkiconfont/fonts/b903137cf2afd470223d.woff
Requested by: Host: s.plurk.com
URL: https://s.plurk.com/be6490d423cd4fe35add.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1

Request headers

Origin: https://www.plurk.com
Referer: https://s.plurk.com/be6490d423cd4fe35add.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1622515
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: BN69J9BZKRM6SXJG
x-amz-id-2: DIpgxBiRwdGDK4mEuMz07AqInHJ4dcsTMNpsQH1xNTw77Ss2iLlZO3RgdmBkp8I0+573OkwMRZc=
last-modified: Tue, 01 Jun 2021 08:58:27 GMT
server: cloudflare
etag: W/"d4c0955530a8e2c432946c6057221cab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=155520000
cf-request-id: 0ac91e8b9e00004a55118f5000000001
cf-ray: 66220058fbc64a55-FRA
expires: Mon, 25 May 2026 03:44:55 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-53436-7&cid=1172499367.1624160695&jid=495583699&gjid=715862000&_gid=932906789.1624160695&_u=IEBAAEAAAAAAAC~&z=751786296

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 20 Jun 2021 03:44:55 GMT
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10987.json Show response
img.scupio.com/js/config/ 557 B
948 B 79ms
26ms XHR
application/json 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/10987.json?v=1.0.3813
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 4e17a8b1a3f28afdc3e192a553e862b827e8c23688433711fd60ccea0539fd56

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 20 Jun 2021 03:42:01 GMT
via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
last-modified: Wed, 19 May 2021 02:16:46 GMT
server: nginx/1.12.1
age: 173
etag: "60a4750e-22d"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 557
x-amz-cf-id: zZj5QWvbi7uVIkvwM3DXOyaFP-vs87LpWmfYAHLQehDQ8aXBf3VjTA==
expires: Sun, 20 Jun 2021 06:42:01 GMT

GET
H2 200 mv.html Show response
img.scupio.com/html/ Frame A0E7 68 KB
21 KB 28ms
28ms Document
text/html 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/mv.html?v=1.0.91
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 67a06e09f719fde5bf65b689bcbb8284296bd18227b94e8f525a17b334c8c09a

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/mv.html?v=1.0.91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 03 May 2021 06:15:43 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 20 Jun 2021 03:30:54 GMT
expires: Sun, 20 Jun 2021 03:34:53 GMT
cache-control: max-age=1500
etag: W/"608f950f-111cd"
x-cache: Hit from cloudfront
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 6icgdfYrCbV2Q2sPMzhrkT937kiQjbtTYG946dI0wnMjgg5hLUv8yQ==
age: 2102

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 34ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.plurk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.plurk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 428ms
402ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3212548032221611&correlator=1337190511256627&output=ldjh&impl=fif&eid=31061290&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=75142684%2Cplurk_message_300x250_SB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1624160695&dt=1624160695277&dlt=1624160694927&idt=238&frm=20&biw=1600&bih=1200&oid=3&adxs=1005&adys=102&adks=2862190043&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.plurk.com%2Fp%2Fof9v7w&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1172499367.1624160695&ga_sid=1624160695&ga_hid=1329717370&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3583293c465d882beef2613412ecd5ddca9b8940d344e94ebbbd4ebef13d42d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8013
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 47ms
13ms Other
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 17ms
16ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-53436-7&cid=1172499367.1624160695&jid=495583699&_u=IEBAAEAAAAAAAC~&z=1914260200

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-53436-7&cid=1172499367.1624160695&jid=495583699&_u=IEBAAEAAAAAAAC~&z=1914260200

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 0cd0435740e740eece09.gif
s.plurk.com/ 31 KB
31 KB 31ms
15ms Image
image/gif 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.plurk.com/0cd0435740e740eece09.gif
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e7d43630a261b51e2a419b892c4fa8aed22dcbc1cfc7e5f8a575771d5fbe67c

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
cf-cache-status: HIT
age: 1622515
cf-polished: origSize=35115
cf-ray: 66220059efce16ee-FRA
last-modified: Tue, 01 Jun 2021 08:58:27 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31308
x-amz-id-2: bXssO0abYWh/cAydFARa3uN4NJKyGo6Zt83ksdGbOn5nIX368PTf6FmBYpySCYSsOCRgfTQwrKk=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "d236fd746e000431a8e2c6bc787ee7c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BN64HSRJRJYKBXHS
cache-control: public, max-age=155520000
cf-request-id: 0ac91e8c34000016eee5108000000001
accept-ranges: bytes
content-type: image/gif
expires: Mon, 25 May 2026 03:44:55 GMT

POST
H3-29 200 get Show response
www.plurk.com/Responses/ 104 B
509 B 112ms
112ms XHR
application/json 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plurk.com/Responses/get
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949

Request headers

sec-fetch-mode: cors
origin: https://www.plurk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: plurkcookiea="8s3y1Kz+9K+r8tPGciYK2NpaqaR/rBOgd0TeCoKNAgw=?from_url=Ii9wL29mOXY3dyI=&invitation_from_uid=MTQ4MDc2MzQ="; _ga=GA1.2.1172499367.1624160695; _gid=GA1.2.932906789.1624160695; _gat=1
content-length: 38
:path: /Responses/get
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.plurk.com
referer: https://www.plurk.com/p/of9v7w
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://www.plurk.com/p/of9v7w
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
set-cookie: plurkcookiea="8s3y1Kz+9K+r8tPGciYK2NpaqaR/rBOgd0TeCoKNAgw=?from_url=Ii9wL29mOXY3dyI=&invitation_from_uid=MTQ4MDc2MzQ="; Domain=.plurk.com; Expires=Mon, 05-Jul-2021 03:44:55 GMT; Max-Age=1296000; Secure; HttpOnly; Path=/
cf-ray: 66220059ffd716ee-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac91e8c37000016eef53ac000000001

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame A0E7 235 KB
85 KB 28ms
28ms Script
application/javascript 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:40:08 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 07:57:27 GMT
server: nginx/1.12.1
age: 464
etag: W/"60af50e7-3ac4b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: kY2-hujHg-0VcpSGugRpo3T6KGmjJQetnRGq3cwRSc42tdN03Ax9pg==
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Sun, 20 Jun 2021 09:37:11 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 40ms
13ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1379
date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame A0E7 108 B
487 B 25ms
24ms XHR
application/json 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 754f6a663422e4ab9d3b26427d2ff42e941d9a7d7c1fa02181a17f6768d425aa

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Jun 2021 03:40:34 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
last-modified: Sat, 19 Jun 2021 19:15:54 GMT
server: nginx/1.12.1
age: 306
etag: "60ce426a-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: WHxF-DmcNg1M1SJiH-1iwsnb1T6kX-LklU7SCcL8AdhatyMOJQd32g==
expires: Sun, 20 Jun 2021 06:39:48 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame A0E7
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=dDUyNnwvMjlrRUQ1MVcxeGljQ0habmphMzgzdVc4aFdGNGxaOVJmL0szclVTYkxQMHc2Y2M5OFlPazZrQXVuRk9RTEJsRFA5WTVHcXRFRERPa0xGMkRCcTJ0TlErK2ptVnNMTDBadUU0OHhmc3ArVlZGYTVjV2hOMGRoWj...

337 B
622 B

81ms
29ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=dDUyNnwvMjlrRUQ1MVcxeGljQ0habmphMzgzdVc4aFdGNGxaOVJmL0szclVTYkxQMHc2Y2M5OFlPazZrQXVuRk9RTEJsRFA5WTVHcXRFRERPa0xGMkRCcTJ0TlErK2ptVnNMTDBadUU0OHhmc3ArVlZGYTVjV2hOMGRoWjFLTXZpci9KeHBocmc5cjdDbkFCM3Z5UUFXODlKM3lBUUJyTjhPK2Z4WUFKUmM5ejQxNjlPalpHcGp0cmtBd1g1WEdUUlk2L0d2aTgxU0ZYNWtkbUJQNjBQZjJNS1JIY3ZTTWFGMmZLUDFwZ2NOYURMZmJVPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b4db10250289137b89b36de606ec2765d85404fa52a0c058e9e954c5322e7ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 20 Jun 2021 03:44:55 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5019
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 20 Jun 2021 03:44:55 GMT
location: https://mug.criteo.com/sid?cpp=dDUyNnwvMjlrRUQ1MVcxeGljQ0habmphMzgzdVc4aFdGNGxaOVJmL0szclVTYkxQMHc2Y2M5OFlPazZrQXVuRk9RTEJsRFA5WTVHcXRFRERPa0xGMkRCcTJ0TlErK2ptVnNMTDBadUU0OHhmc3ArVlZGYTVjV2hOMGRoWjFLTXZpci9KeHBocmc5cjdDbkFCM3Z5UUFXODlKM3lBUUJyTjhPK2Z4WUFKUmM5ejQxNjlPalpHcGp0cmtBd1g1WEdUUlk2L0d2aTgxU0ZYNWtkbUJQNjBQZjJNS1JIY3ZTTWFGMmZLUDFwZ2NOYURMZmJVPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1613
content-length: 482
expires: 0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame A0E7 0
323 B 511ms
162ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7844B6A6EAE2406AB34AB2A734EE&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&fp=undefined&eids=&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=c43a827e-cb05-4924-850b-ae9586f15d74&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:44:55 GMT
access-control-allow-credentials: true
connection: close

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame A0E7 0
219 B 790ms
289ms XHR
text/html 54.178.71.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1624160695419&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-71-123.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:44:56 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame A0E7 0
187 B 79ms
26ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0-pre&cb=20782297738
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:44:54 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame A0E7 0
163 B 874ms
292ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.6624948187024611
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://img.scupio.com
cache-control: private
access-control-allow-credentials: true

POST bid
ad2.apx.appier.net/v1/prebid/ Frame A0E7 0
0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame A0E7 0
176 B 511ms
171ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:44:55 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK videoad.aspx Show response
bw.scupio.com/adpinline/ Frame A0E7 74 B
958 B 1445ms
547ms XHR
text/xml 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/videoad.aspx?cb=0.5653122719716079
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.91
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d

Request headers

Accept: application/json, text/javascript, */*
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 20 Jun 2021 03:44:55 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 185

POST
H3-29 200 rum Show response
www.plurk.com/cdn-cgi/ 0
165 B 10ms
9ms XHR
text/plain 2606:4700::6811:4603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.plurk.com/cdn-cgi/rum?req_id=66220054af4dc2ea

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:4603 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.plurk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: plurkcookiea="8s3y1Kz+9K+r8tPGciYK2NpaqaR/rBOgd0TeCoKNAgw=?from_url=Ii9wL29mOXY3dyI=&invitation_from_uid=MTQ4MDc2MzQ="; _ga=GA1.2.1172499367.1624160695; _gid=GA1.2.932906789.1624160695; _gat=1
content-length: 10123
:path: /cdn-cgi/rum?req_id=66220054af4dc2ea
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.plurk.com
referer: https://www.plurk.com/p/of9v7w
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.plurk.com/p/of9v7w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6622005a888616ee-FRA
vary: Origin

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 81ms
27ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1137
date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3-29 200 container.html Show response
1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CF18 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 20 Jun 2021 03:44:55 GMT
expires: Mon, 20 Jun 2022 03:44:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:44:55 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 39ms
19ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061503&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba91cfa00a3293d20f04e3f4e56c23c3d192035e8379f079a6825bcaa2d2bd42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7834
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7625 478 B
565 B 17ms
17ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNVSR5d0OqGv0S_bOjXbdsSLPhtbrF9QVDqtqv1tMToJqBiYb7b4VaV683DqW9XwbsVRPjEDlDJhg3C_J8WMTuGnRLB86g

Requested by

Host: 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com
URL: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNVSR5d0OqGv0S_bOjXbdsSLPhtbrF9QVDqtqv1tMToJqBiYb7b4VaV683DqW9XwbsVRPjEDlDJhg3C_J8WMTuGnRLB86g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 20 Jun 2021 03:44:55 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkoYkJSDEUyJBoF5vI09BFUK52vVp0pA5OtZk7H0bDCYE6ZqYfxoi7vXacx; expires=Fri, 15-Jul-2022 03:44:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 20 Jun 2021 03:44:55 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CF18 24 KB
12 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_qJU3J0_n1X7fDwm3u3bAOHvvuf5Zv8QQplPH4qFbYVd8OVAsyEfSU6bHEtpALJlhRayR14TLhYHLU1DkQpP4nsCmnIelhiQhNV7Lq45imUBVzcxbw6l0kG7EDdIZzNCt-gizazDTQ5XLz5hhztVqo82VDg&cry=1&dbm_d=AKAmf-DQuGSQKZFZ84PFgkF0WIJIZX8tgUibmQgQMFkVwXkwLVRcpPNFWpfvz9HFYW0slyKg5WWZPakdJrcgioVnL-X_cBY2xN6JrWVYb513YPjxadD7nazOq_evo1_BvjLjoKBjjx33bE5GtOCCPUETEjbdzisZcmcyuYTkw99IGBIJQva9wllquUBIU41kdTO4jwC_ayZx85QBVVnkAQy3J4K98yojprxbNfXYiQSPkq1zXfG4MRYTTBF8fSdBUi-hqq1NsSN3LD3lzbyYaVg3HBKuPRkvjZv6T7_fM0rrohWf3gE83Bkcvx_2RliAaq73beaqm3n4a08ff-59fPC7FtC5H9yUFIQJ51DECScne6vcPaa40U3QD99BRUAnJRHix-bZVKl1wPKIarJdGozYN6UdvDyUAzwMCnqNIOLoDpNiY9_H5uE8N7R2sX6BdBHT5OuKGYaJG-uZHJlxQ-jQxxN5bv4pKBf1EArA0Zk2bviul4_xJKGqvuui4JQ-NXMuVbv2196eO3BMlPKKzBKF0W2VqOyxgs4_eZPtZLPzIwIXeczsfNnbf0_bGpONmx8Tg6jlv2YEkheB5__FFytHl88gkoHHWWqfxX9L7hUqWt2X8oXU8fluVtQY4kqDKTnCJ2sXVgknvd5xt8dkjCcLqj7MbfQ57m8mrHQ-tRdbCvqTSpLmWDKFt0V1SrYg5Kim3jGDg5ZTCMrFTQ_6ZBhOHfBeU7k0lZiRseLkMAc4oapE3ACODw0U0VuVeVkDRLP6MapAUGYvUqLgiYpK46l-I99W7R2QKs10Ns1nC0EKMaEcPzHArO2oP0RuICMf1KOqvWyvk91Kq4S1bQywF8bZmrUQjTu9C24FLpCTgJgzmNQ2d3ua3HeoHOoYiPHJRftxSc45o7zmump8i5nqqWwlkCGGGG55KiBLcN-trAfNoe0rQW9QA71MsSi56mPXfIXCjfsh_AdZApvJB5cr5fkNnU12gV8ud3BWxXhIJyXOLt4YALm3BjhGaET0mkkIu4vkhYtLuXiFrmpEatHzofnmLldOjUfN74Pd21YZ6YTHkJh1oqDHSnoSpaHXRrFr6MfVsRYPPzvOljqn-jUbv0Yq_NRSJqn-dSJ4nOQcgd3sVOvLOqTMiB6YN9vnBbX_XiN5AQe-9VQ565dcpiLqg_8CGYXCctuEAIxsOijAkR6SVAi8QRbRqRFEuhMeo2AdIBfi-y4ED4H4OJ9XXIZeWSmca3Jke8RKhJjLGVuD-mjBYip02lPVr1a9adgHtqSYZN0bmCQi1pkbYKPOkx4VXNj0hDposhdgxIX5Vh9HX3gs0yybXXOIU_Wgj0yIiMrsBjDmrWnG6PqAQXKk14jAFZdSXQJhGlRRc0KF1qanzZpk1Jpp2VCska51KJOKdlx6kHkw2aduv8pFZy4ncHodMdLh42PlkrUVufBQygtaix1fRTQM_2r3hZY2soeWOnIZvJg89NGXU7kEUqjvPjFUj-qKbE29TB-Y3NqK5DTWmLO-Gvay9FEGsxBk1h4O5AkVJFLFMr-g7VcUmB4zZxS3D43aoljojoCKXif0v5Lg03DqQue-Vq4GVQy9eCTSyJlZmAiFtXeGa-EFvOy0KSfsmnib66Wp97MfS0bf21XFrvtbcpsDqvihfDonptYw0T4inv5GXg4UeziVhf6dn33xGI82zeC40baP6bx1QA2NkDmrivQjz-MWs8Lk5eyU0wTETDxRvIvRMihppHQuEAWqP7aYL3KO7aM-WI86nKs5-pKXNFy7aOBKlTjF1QZi1Ver6CtyDKUs9V2VmYg2VNhJDRmAfyG1-3PAfPBM4HvlwBcFAlKwbf4EE2HhKFWIV-Cd05MFIkl4HpixDhM2T7Yfi_tvYE2GJF0whpK06TXcNdH2qOVeMuLh9bqqSWRwJ93lsQ600MBsY2V28H-ylVKVHjqX_Fl13_6Jy05NoLdk9qhvWBJvLIMk77XciqR0w2BqAaoek4J_HyJl5yzvNqKX9yeVHu20b2BTTyeA2uizIcZ0UWapw4JC4RzFg6_MAg_rzo1J3UNxtWlddNHYB0d6njmu2us64wf3k903e0mjNu3LqoJBe5CAIFHJzV77G0wvtJyVj-JnP_BETlCBnCHxJAQ6EzGgJICy7iLi9QaW1lQEy_0LXEtAE8YZe_cXR6xHd_4b_qzyHTD2lKFCmXNR1J9cNYNs3QUCHOC1nJWrvzWWu7yChUJERihaK7KAIqeSV6glb5f5WqJvNA1v08-uMpr8mBchXB5gfOYitO1hMWjQPatI0EVjHZhbGCA1j8dQFztHFtOh7gopUSMxsjebjllr31CljRNnZThFXa37MWbnABKQyihe5sshviHaU9pzKWnw4qrs6yM_JILZvlc4E88HlkYb0wxDNqoQIAKusxUGopDai0RDfQu1JJ4p1sWA4_d6Kf-7VEBpHqMUKfnckLMPSFVLS-8io6mslwH-qaYlNv9subP7CX1Bo8T3gWEzZ4s4CwC4gy3JqG8OzOK010R6qp-JZanaRVPEGv9IoZchAT4l87sS2dHs48rpkbSLoGjdMGgerCeb_m7EWPDUc6q0-vu6u9oMebPyi98MR295vw8dsB9R6Qpni2j7ulcDmSgpPTqNsORDctg7uFci59ZMSLVdsgvRBW3rkq1YkzwAct_ewXETiYThMdz9YpsWQDsZInfufHn8f1-0jDxz851bjqCLJESKebKjmM_0ElSB07d6KEUh_HoJU4jUGSW_cD35aDCKJ1iIgALXnSmbTwhU3g6ClGMKtECBCHl4oh3TnZEu_cuPBLnqEd62qw8ZwBLSwYER0by_6rZk61G8JKDhMrvmDGZfDEq5c9Nv__HduUIxmEb0KBZ1xrauGayt1MMLw9r4dQTHoCq-kMDziQYfWBf_Zqkp5IWuqLribnlWIQj6qhlKd24951kwfBdT7_Lsxu4v6UEWUezmYicgM51k3IGH1yb3Yht3ewwNrpv98y0i5EhYA6H-FXd-jguau7JVogPw3Nd_k4aK6Cjmk4RzQyCenEiBpFG_jIkyyLbeYoZJYm1x922A4Lv5x5pOLfxP6c5A0yzm&cid=CAASFeRoBcZk0X6NgxJVXuYsiV3YXn0Cjg&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03743c23eb96e2878a63d0c4d4407f972e30ac032672b8e8c7b5083146bba96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF18 42 B
515 B 33ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B8ukof3f4mu9RGPmLUOsRs1UyvnEnuqRNGBGREhUahthwNHViz-uyFNGLle9HZedPvm0al0QXlkaU169QKSkN4kOZ1EOxKPNyZQ3TI4qFUNv6lM0w

Requested by

Host: 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com
URL: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame CF18 3 KB
1 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com
URL: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 03:28:32 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF18 122 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com
URL: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:44:55 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame CF18 13 KB
6 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com
URL: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 03:29:53 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame CF18 0
0 13ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTlPQ_Z5_z3c99LZ2j_FDh55a-AsfVx2XkikzU6uf30jm4G0uxWch4Jet-qagCcsSKE2Xg9DXQXRrqGB345PWc2Iej0bA
Requested by: Host: 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com
URL: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:44:55 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame CF18 22 KB
8 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_qJU3J0_n1X7fDwm3u3bAOHvvuf5Zv8QQplPH4qFbYVd8OVAsyEfSU6bHEtpALJlhRayR14TLhYHLU1DkQpP4nsCmnIelhiQhNV7Lq45imUBVzcxbw6l0kG7EDdIZzNCt-gizazDTQ5XLz5hhztVqo82VDg&cry=1&dbm_d=AKAmf-DQuGSQKZFZ84PFgkF0WIJIZX8tgUibmQgQMFkVwXkwLVRcpPNFWpfvz9HFYW0slyKg5WWZPakdJrcgioVnL-X_cBY2xN6JrWVYb513YPjxadD7nazOq_evo1_BvjLjoKBjjx33bE5GtOCCPUETEjbdzisZcmcyuYTkw99IGBIJQva9wllquUBIU41kdTO4jwC_ayZx85QBVVnkAQy3J4K98yojprxbNfXYiQSPkq1zXfG4MRYTTBF8fSdBUi-hqq1NsSN3LD3lzbyYaVg3HBKuPRkvjZv6T7_fM0rrohWf3gE83Bkcvx_2RliAaq73beaqm3n4a08ff-59fPC7FtC5H9yUFIQJ51DECScne6vcPaa40U3QD99BRUAnJRHix-bZVKl1wPKIarJdGozYN6UdvDyUAzwMCnqNIOLoDpNiY9_H5uE8N7R2sX6BdBHT5OuKGYaJG-uZHJlxQ-jQxxN5bv4pKBf1EArA0Zk2bviul4_xJKGqvuui4JQ-NXMuVbv2196eO3BMlPKKzBKF0W2VqOyxgs4_eZPtZLPzIwIXeczsfNnbf0_bGpONmx8Tg6jlv2YEkheB5__FFytHl88gkoHHWWqfxX9L7hUqWt2X8oXU8fluVtQY4kqDKTnCJ2sXVgknvd5xt8dkjCcLqj7MbfQ57m8mrHQ-tRdbCvqTSpLmWDKFt0V1SrYg5Kim3jGDg5ZTCMrFTQ_6ZBhOHfBeU7k0lZiRseLkMAc4oapE3ACODw0U0VuVeVkDRLP6MapAUGYvUqLgiYpK46l-I99W7R2QKs10Ns1nC0EKMaEcPzHArO2oP0RuICMf1KOqvWyvk91Kq4S1bQywF8bZmrUQjTu9C24FLpCTgJgzmNQ2d3ua3HeoHOoYiPHJRftxSc45o7zmump8i5nqqWwlkCGGGG55KiBLcN-trAfNoe0rQW9QA71MsSi56mPXfIXCjfsh_AdZApvJB5cr5fkNnU12gV8ud3BWxXhIJyXOLt4YALm3BjhGaET0mkkIu4vkhYtLuXiFrmpEatHzofnmLldOjUfN74Pd21YZ6YTHkJh1oqDHSnoSpaHXRrFr6MfVsRYPPzvOljqn-jUbv0Yq_NRSJqn-dSJ4nOQcgd3sVOvLOqTMiB6YN9vnBbX_XiN5AQe-9VQ565dcpiLqg_8CGYXCctuEAIxsOijAkR6SVAi8QRbRqRFEuhMeo2AdIBfi-y4ED4H4OJ9XXIZeWSmca3Jke8RKhJjLGVuD-mjBYip02lPVr1a9adgHtqSYZN0bmCQi1pkbYKPOkx4VXNj0hDposhdgxIX5Vh9HX3gs0yybXXOIU_Wgj0yIiMrsBjDmrWnG6PqAQXKk14jAFZdSXQJhGlRRc0KF1qanzZpk1Jpp2VCska51KJOKdlx6kHkw2aduv8pFZy4ncHodMdLh42PlkrUVufBQygtaix1fRTQM_2r3hZY2soeWOnIZvJg89NGXU7kEUqjvPjFUj-qKbE29TB-Y3NqK5DTWmLO-Gvay9FEGsxBk1h4O5AkVJFLFMr-g7VcUmB4zZxS3D43aoljojoCKXif0v5Lg03DqQue-Vq4GVQy9eCTSyJlZmAiFtXeGa-EFvOy0KSfsmnib66Wp97MfS0bf21XFrvtbcpsDqvihfDonptYw0T4inv5GXg4UeziVhf6dn33xGI82zeC40baP6bx1QA2NkDmrivQjz-MWs8Lk5eyU0wTETDxRvIvRMihppHQuEAWqP7aYL3KO7aM-WI86nKs5-pKXNFy7aOBKlTjF1QZi1Ver6CtyDKUs9V2VmYg2VNhJDRmAfyG1-3PAfPBM4HvlwBcFAlKwbf4EE2HhKFWIV-Cd05MFIkl4HpixDhM2T7Yfi_tvYE2GJF0whpK06TXcNdH2qOVeMuLh9bqqSWRwJ93lsQ600MBsY2V28H-ylVKVHjqX_Fl13_6Jy05NoLdk9qhvWBJvLIMk77XciqR0w2BqAaoek4J_HyJl5yzvNqKX9yeVHu20b2BTTyeA2uizIcZ0UWapw4JC4RzFg6_MAg_rzo1J3UNxtWlddNHYB0d6njmu2us64wf3k903e0mjNu3LqoJBe5CAIFHJzV77G0wvtJyVj-JnP_BETlCBnCHxJAQ6EzGgJICy7iLi9QaW1lQEy_0LXEtAE8YZe_cXR6xHd_4b_qzyHTD2lKFCmXNR1J9cNYNs3QUCHOC1nJWrvzWWu7yChUJERihaK7KAIqeSV6glb5f5WqJvNA1v08-uMpr8mBchXB5gfOYitO1hMWjQPatI0EVjHZhbGCA1j8dQFztHFtOh7gopUSMxsjebjllr31CljRNnZThFXa37MWbnABKQyihe5sshviHaU9pzKWnw4qrs6yM_JILZvlc4E88HlkYb0wxDNqoQIAKusxUGopDai0RDfQu1JJ4p1sWA4_d6Kf-7VEBpHqMUKfnckLMPSFVLS-8io6mslwH-qaYlNv9subP7CX1Bo8T3gWEzZ4s4CwC4gy3JqG8OzOK010R6qp-JZanaRVPEGv9IoZchAT4l87sS2dHs48rpkbSLoGjdMGgerCeb_m7EWPDUc6q0-vu6u9oMebPyi98MR295vw8dsB9R6Qpni2j7ulcDmSgpPTqNsORDctg7uFci59ZMSLVdsgvRBW3rkq1YkzwAct_ewXETiYThMdz9YpsWQDsZInfufHn8f1-0jDxz851bjqCLJESKebKjmM_0ElSB07d6KEUh_HoJU4jUGSW_cD35aDCKJ1iIgALXnSmbTwhU3g6ClGMKtECBCHl4oh3TnZEu_cuPBLnqEd62qw8ZwBLSwYER0by_6rZk61G8JKDhMrvmDGZfDEq5c9Nv__HduUIxmEb0KBZ1xrauGayt1MMLw9r4dQTHoCq-kMDziQYfWBf_Zqkp5IWuqLribnlWIQj6qhlKd24951kwfBdT7_Lsxu4v6UEWUezmYicgM51k3IGH1yb3Yht3ewwNrpv98y0i5EhYA6H-FXd-jguau7JVogPw3Nd_k4aK6Cjmk4RzQyCenEiBpFG_jIkyyLbeYoZJYm1x922A4Lv5x5pOLfxP6c5A0yzm&cid=CAASFeRoBcZk0X6NgxJVXuYsiV3YXn0Cjg&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8638
x-xss-protection: 0
server: cafe
etag: 15675381762197352129
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 03:34:13 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CF18 41 KB
15 KB 11ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:57:31 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 7625 170 B
243 B 98ms
48ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNVSR5d0OqGv0S_bOjXbdsSLPhtbrF9QVDqtqv1tMToJqBiYb7b4VaV683DqW9XwbsVRPjEDlDJhg3C_J8WMTuGnRLB86g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7625
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnlUHzBhsJUUvxhUyqZPvU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnlUHzBhsJUUvxhUyqZPvU&google_cver=1&C=1

43 B
1014 B

39ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnlUHzBhsJUUvxhUyqZPvU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNVSR5d0OqGv0S_bOjXbdsSLPhtbrF9QVDqtqv1tMToJqBiYb7b4VaV683DqW9XwbsVRPjEDlDJhg3C_J8WMTuGnRLB86g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:44:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 20 Jun 2021 03:44:56 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:44:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnlUHzBhsJUUvxhUyqZPvU&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sun, 20 Jun 2021 03:44:55 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7625
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YM65t-oR6RM6GeeKIRkPGQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnlUHzBhsJUUvxhUyqZPvU&google_cver=1

43 B
894 B

35ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnlUHzBhsJUUvxhUyqZPvU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY4aXhOjAB&v=APEucNVSR5d0OqGv0S_bOjXbdsSLPhtbrF9QVDqtqv1tMToJqBiYb7b4VaV683DqW9XwbsVRPjEDlDJhg3C_J8WMTuGnRLB86g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:44:56 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 20 Jun 2021 03:44:56 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMnlUHzBhsJUUvxhUyqZPvU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EDCB 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 18 Jun 2021 11:17:20 GMT
expires: Sat, 18 Jun 2022 11:17:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 145655
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 8570 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 20 Jun 2021 02:55:39 GMT
expires: Mon, 20 Jun 2022 02:55:39 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2756 783 B
530 B 16ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fd5e8cb49fa368e842b2fde520355ac140d73dd59e6365bde4c9197776833457

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3Or+LcWkyXHkQbayg/0Fcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

expires: Sun, 20 Jun 2021 03:44:55 GMT
date: Sun, 20 Jun 2021 03:44:55 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-3Or+LcWkyXHkQbayg/0Fcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK fmcs5wnh4tfi Show response
hal9000.redintelligence.net/zone/ Frame CF18 11 KB
4 KB 95ms
23ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/fmcs5wnh4tfi?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR7m1t7nOYNfqFJT8gAeC4rGQBuS0qoNXmuHOw60K8C4QASD0l4I1YPWVzoHgBMgBCakC4gdi_nbnsz6oAwGqBNoBT9Cqu945Yevc0-A0D3iA8ioUa5iycHkHTzJcpl_2jntsztBGUlohXYTd_J3iU2z1yTm3CQNYRVfHgFyaRFmEZJbbArwD0yMLiV_XWVAzoB222rFFp4W8Wnk_AEhTVKEDodX0ZL2CDIqdZtPzMapwiu6q0f2gECmUSrnSCnQVPWGCC15h7AqdZ-vVQwHHWf0SG9D1eOd18xOp91yPUcGTl-dMV791EOk24SEZqFAnxWmVfRdjdqriIGNs1z-gygu4hoPl_areo_uVdzfLboPcv6Qj31HO1J-0VRvABOWU39HOAeAEA5AGAaAGTYAH6-foXqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB2ACgOYCwHICwGADAGwE4XAtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoBcZk0X6NgxJVXuYsiV3YXn0Cjg%26sig%3DAOD64_2Y359vG-ic4DrcaYBgOfyZQON1aA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BDEEgw1BWcJ-vxd73fEZr1xD7NY_4gKcawRWib9BJ-Ec8Eg3eCLhpdBL3cwWRQPTruvZwDVhUmmm0Z0u2IzDx4YzUXDqagsNvS4cRoQt4Pfluq6yvRPdXef3SCzSAnQlDKvae0DIpTMNsAhv123_OW5hugIg%26cry%3D1%26dbm_d%3DAKAmf-BWntkBxTbqFlSXraaR5V2lOcGz12Z5yFgpSN7WF2hrBre5UX1WEjVUZ8xPx3O0uWvNLtqVEre4dxLKBl0v_w3voZwLhfEMMMZDNuZEtOhJRDROf-r5OzbjXY496u-btu_kaL6BfW1OFg-8rCwANKiJTAAf_4x-_Nw8-Sw4jzoZsmF6kIBiWcZ6xOhatA_vkc22bd85PfbIOjhSXlpqdz6h9MkVBvuIHNmk0vdQgMUIWY1KZJ1nSz76NLfx304BUNGojKATSZ1BJba2AfImvuzBzOXZUOl9LeOtUpgzRX9TNzU65c0sKzx2TxW0pKYoeAZTgXjrXmApw8hg4kdDoDmIEnHSZApA2leaVSjQOvxlJSsprFHEuctjjdejJ-g53l-za5jX44ZEcmYUBg1wXsIVSxCNxd2XsRA4krdTXtEaMwm8KfuFh3jwbsNlsGeVLkzAxrGb%26adurl%3D
Requested by: Host: 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com
URL: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6bb98401c198e251c1ff47f12f07d24677ef45cf9f434557ee94dee4d4e4c0b6

Request headers

Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:44:55 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3883
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js Show response
pagead2.googlesyndication.com/bg/ Frame EDCB 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 21:30:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 21:30:39 GMT

GET
H3-29 200 euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8570 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 21:30:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 21:30:39 GMT

GET
H/1.1

200
OK

request.php Show response
hal900024.redintelligence.net/ Frame CF18
Redirect Chain

https://hal900024.redintelligence.net/request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=e6aac604c4&subid=&uid=a21d5b209e9d62a0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900024.redintelligence.net/request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=e6aac604c4&subid=&uid=a21d5b209e9d62a0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
936 B

122ms
79ms

Script
application/x-javascript

138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=e6aac604c4&subid=&uid=a21d5b209e9d62a0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR7m1t7nOYNfqFJT8gAeC4rGQBuS0qoNXmuHOw60K8C4QASD0l4I1YPWVzoHgBMgBCakC4gdi_nbnsz6oAwGqBNoBT9Cqu945Yevc0-A0D3iA8ioUa5iycHkHTzJcpl_2jntsztBGUlohXYTd_J3iU2z1yTm3CQNYRVfHgFyaRFmEZJbbArwD0yMLiV_XWVAzoB222rFFp4W8Wnk_AEhTVKEDodX0ZL2CDIqdZtPzMapwiu6q0f2gECmUSrnSCnQVPWGCC15h7AqdZ-vVQwHHWf0SG9D1eOd18xOp91yPUcGTl-dMV791EOk24SEZqFAnxWmVfRdjdqriIGNs1z-gygu4hoPl_areo_uVdzfLboPcv6Qj31HO1J-0VRvABOWU39HOAeAEA5AGAaAGTYAH6-foXqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB2ACgOYCwHICwGADAGwE4XAtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoBcZk0X6NgxJVXuYsiV3YXn0Cjg%26sig%3DAOD64_2Y359vG-ic4DrcaYBgOfyZQON1aA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BDEEgw1BWcJ-vxd73fEZr1xD7NY_4gKcawRWib9BJ-Ec8Eg3eCLhpdBL3cwWRQPTruvZwDVhUmmm0Z0u2IzDx4YzUXDqagsNvS4cRoQt4Pfluq6yvRPdXef3SCzSAnQlDKvae0DIpTMNsAhv123_OW5hugIg%26cry%3D1%26dbm_d%3DAKAmf-BWntkBxTbqFlSXraaR5V2lOcGz12Z5yFgpSN7WF2hrBre5UX1WEjVUZ8xPx3O0uWvNLtqVEre4dxLKBl0v_w3voZwLhfEMMMZDNuZEtOhJRDROf-r5OzbjXY496u-btu_kaL6BfW1OFg-8rCwANKiJTAAf_4x-_Nw8-Sw4jzoZsmF6kIBiWcZ6xOhatA_vkc22bd85PfbIOjhSXlpqdz6h9MkVBvuIHNmk0vdQgMUIWY1KZJ1nSz76NLfx304BUNGojKATSZ1BJba2AfImvuzBzOXZUOl9LeOtUpgzRX9TNzU65c0sKzx2TxW0pKYoeAZTgXjrXmApw8hg4kdDoDmIEnHSZApA2leaVSjQOvxlJSsprFHEuctjjdejJ-g53l-za5jX44ZEcmYUBg1wXsIVSxCNxd2XsRA4krdTXtEaMwm8KfuFh3jwbsNlsGeVLkzAxrGb%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=2120126000355&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com
URL: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 57b62bb677420f12d12a7181b27a1af6fd5574b482b28fd6237c14b930411dc5

Request headers

Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:44:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 63891900012273100710156011631024
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 330
Expires: Sun, 20 Jun 2021 04:44:56 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:44:56 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=e6aac604c4&subid=&uid=a21d5b209e9d62a0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR7m1t7nOYNfqFJT8gAeC4rGQBuS0qoNXmuHOw60K8C4QASD0l4I1YPWVzoHgBMgBCakC4gdi_nbnsz6oAwGqBNoBT9Cqu945Yevc0-A0D3iA8ioUa5iycHkHTzJcpl_2jntsztBGUlohXYTd_J3iU2z1yTm3CQNYRVfHgFyaRFmEZJbbArwD0yMLiV_XWVAzoB222rFFp4W8Wnk_AEhTVKEDodX0ZL2CDIqdZtPzMapwiu6q0f2gECmUSrnSCnQVPWGCC15h7AqdZ-vVQwHHWf0SG9D1eOd18xOp91yPUcGTl-dMV791EOk24SEZqFAnxWmVfRdjdqriIGNs1z-gygu4hoPl_areo_uVdzfLboPcv6Qj31HO1J-0VRvABOWU39HOAeAEA5AGAaAGTYAH6-foXqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB2ACgOYCwHICwGADAGwE4XAtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoBcZk0X6NgxJVXuYsiV3YXn0Cjg%26sig%3DAOD64_2Y359vG-ic4DrcaYBgOfyZQON1aA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BDEEgw1BWcJ-vxd73fEZr1xD7NY_4gKcawRWib9BJ-Ec8Eg3eCLhpdBL3cwWRQPTruvZwDVhUmmm0Z0u2IzDx4YzUXDqagsNvS4cRoQt4Pfluq6yvRPdXef3SCzSAnQlDKvae0DIpTMNsAhv123_OW5hugIg%26cry%3D1%26dbm_d%3DAKAmf-BWntkBxTbqFlSXraaR5V2lOcGz12Z5yFgpSN7WF2hrBre5UX1WEjVUZ8xPx3O0uWvNLtqVEre4dxLKBl0v_w3voZwLhfEMMMZDNuZEtOhJRDROf-r5OzbjXY496u-btu_kaL6BfW1OFg-8rCwANKiJTAAf_4x-_Nw8-Sw4jzoZsmF6kIBiWcZ6xOhatA_vkc22bd85PfbIOjhSXlpqdz6h9MkVBvuIHNmk0vdQgMUIWY1KZJ1nSz76NLfx304BUNGojKATSZ1BJba2AfImvuzBzOXZUOl9LeOtUpgzRX9TNzU65c0sKzx2TxW0pKYoeAZTgXjrXmApw8hg4kdDoDmIEnHSZApA2leaVSjQOvxlJSsprFHEuctjjdejJ-g53l-za5jX44ZEcmYUBg1wXsIVSxCNxd2XsRA4krdTXtEaMwm8KfuFh3jwbsNlsGeVLkzAxrGb%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=2120126000355&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 20 Jun 2021 04:44:56 +0200

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061503&jk=3212548032221611&bg=!f3ylfDjNAAZktE7iZLQ7ACkAdvg8WmkaCKX05lwNxIc7XJ-7huRXy_0vJdZguPGwflaHT8mXP-OawgIAAAB8UgAAAApoAQcKAAygQNL5WlsvlOeQ-zyZAm1uTOs-CdSyRhUGtTnKpS7VL1dQRP-V0PkEW4yUn1zLSvYcebGL4ZgjM01ZHUB3d_KuuFgNt4dViYT-NqknMAKrtHmYJIRyNs1Vf1dcXiuxqanbJXSFrKvRGyjdDgPb_dcNsxc2GRyMBbtcZk1dZY4EZpzOJ2ecQltTm_FSxKNs1ixz8x8cy67vswuQ7MIBHp-8RzcwY3VMIbnSwy8p2rlSB0YwWGSeff-60T0ddlfOdHkiExocx9Z5M_poytQ_r64IRhhs5AVzFgd_ppeA5GEtlRjemr3sb0j-3HUd28tGj7psr30uReHyEmISZ53WYMOrf6TdUgfqoI17Sz4Th9yobKAs-QhI69p14hhZ7LiGvXwMrAOocWRoJ5xDB-nwT46vJF8EMALyw3Gn0cx0ocrVMm6vF1Z-xK0dn3wvpMo3SzLZbuFx_KfC00gsw2Xbjgdvn30j1HHomob--IznzV5zXK1tgE-T4rJAMUAuulQbikXEFQit0nrDsh256FpoCBddGN4dmimFeBD_4pRwaThyhUDKCkm0jOYZcxwpN3KYzbngiYwF8JcmRm_6JigcGDMZpJbtVBy-Br08kwxVru4xpCta1o_IrJPSP8Bs2Qljfc7VLMdm-3DyfIrNR26xRXm45QUyZCfG8sziSUGNapx6R09mQlc5UbiNXSduYMiZ6e5QMXM43EautxBKfctcdNMAa402SGoMnhMd_pD-jAsa1B3-sTC_it7u9-VXYu8yp_GKx6CyRwbxkTt1tKPxg3Z_e59FgMp7WPSt0JlK1KoeD97dU0Nh3lSou5j8BIUjNs4Sxs_MpvgquZ6iFY8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EDCB 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAXNst7nOYIv_LtiY3gPH1rTYDAAAAAA4AeAEAg&bg=!kZKlktbNAAZktE7iZLQ7ACkAdvg8Wtp54DtnfN1p7C6kJjelDO-dAon52KQbhBXrr0Af8O4qFU5CAQIAAACYUgAAAAxoAQeZAr8bAuvkJz_alnm5ylWxDtCeQR_9LgI-jPZEkScFhzKXCg78XJ3efNC1Prvz54ujXY90IUi6HOcPvyYsKcMRvl38B7PEy4m_1Pc535WxvGCCXbptD-YoJnfJhXUDlDeVxKNBg8k5ULeA510U0cezhfVFPfiWXBNGoDDssDYCXXu47tFDUejKHy-n1yMr_m51syXSZvU52DOEphi3LKb-g_km8CTOCbr10zko96OECU1JqIRVAi1UNSivk-NBEIkpVvN227uLDURNn4HhZ2JYHTIN5s7w3mLigx4e8uhjhizO2RnShftdfNez2jAPuFKb9SkRoeKxApVpRRS-p04Ca3oygc2dzGNc0ldqQpdITolpnLZVNZo7N5UGjnJnTPKbDfK46sfmJY8fYGt9FjJlLhHPjt9fORkjEVXyqDa9xgPSp2ng3W3AJ_z7vywEt-p0N3BPKQzoFRmnKe_5qaVaYCxVNkPwN-mfhoaRGAb9FByIVIuyvVOyO5goZrs9URsJkDVjQTjiYJmnQScmRFyTugi3T91zvFbjVJQ0UG21JK8mkfHtndnP1l3AApDRXCk4Lo8RBY1MZ2WgaQ6DPNgAHwEh2KGbtOzBxPzP128wM0QSxG--bqP1P5YZhM-hOmHgHQDZXUeiGa4CpFfGFYr7uwmGPBeay3ef_Ns8HXpkVrAnVxkZLXACTosNXCZiOXVHVKUfF0OU7O6_8wuZ0goh3A0ZC7XvKTXZimoFyOXj4aujRP-KktGghNx6ZFNhiYgcaPgK6T7_-1F7jaIGxL2AhxWMVq6Cv_O8CeDqsXjaRdrvvxWcqfEG5Wm_UyRbiczcCyj6rqDczITVlTOppFGtefgYv5gqLLUBpORuk4q2nb7ICzpAlARmJTzrM-cP_Ud3LCW-qYhfybDKGiZJ4i_Ea1VNTgzhqRo5s_XkO475Y8Q-

Requested by

Host: 1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com
URL: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900024.redintelligence.net/ Frame 42CA 7 KB
3 KB 65ms
23ms Document
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request_content.php?s=63891900012273100710156011631024&a=d34923af
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=fmcs5wnh4tfi&nw=20&renderingType=javascript&namespace=e6aac604c4&subid=&uid=a21d5b209e9d62a0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCR7m1t7nOYNfqFJT8gAeC4rGQBuS0qoNXmuHOw60K8C4QASD0l4I1YPWVzoHgBMgBCakC4gdi_nbnsz6oAwGqBNoBT9Cqu945Yevc0-A0D3iA8ioUa5iycHkHTzJcpl_2jntsztBGUlohXYTd_J3iU2z1yTm3CQNYRVfHgFyaRFmEZJbbArwD0yMLiV_XWVAzoB222rFFp4W8Wnk_AEhTVKEDodX0ZL2CDIqdZtPzMapwiu6q0f2gECmUSrnSCnQVPWGCC15h7AqdZ-vVQwHHWf0SG9D1eOd18xOp91yPUcGTl-dMV791EOk24SEZqFAnxWmVfRdjdqriIGNs1z-gygu4hoPl_areo_uVdzfLboPcv6Qj31HO1J-0VRvABOWU39HOAeAEA5AGAaAGTYAH6-foXqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiIYRABGB2ACgOYCwHICwGADAGwE4XAtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoBcZk0X6NgxJVXuYsiV3YXn0Cjg%26sig%3DAOD64_2Y359vG-ic4DrcaYBgOfyZQON1aA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BDEEgw1BWcJ-vxd73fEZr1xD7NY_4gKcawRWib9BJ-Ec8Eg3eCLhpdBL3cwWRQPTruvZwDVhUmmm0Z0u2IzDx4YzUXDqagsNvS4cRoQt4Pfluq6yvRPdXef3SCzSAnQlDKvae0DIpTMNsAhv123_OW5hugIg%26cry%3D1%26dbm_d%3DAKAmf-BWntkBxTbqFlSXraaR5V2lOcGz12Z5yFgpSN7WF2hrBre5UX1WEjVUZ8xPx3O0uWvNLtqVEre4dxLKBl0v_w3voZwLhfEMMMZDNuZEtOhJRDROf-r5OzbjXY496u-btu_kaL6BfW1OFg-8rCwANKiJTAAf_4x-_Nw8-Sw4jzoZsmF6kIBiWcZ6xOhatA_vkc22bd85PfbIOjhSXlpqdz6h9MkVBvuIHNmk0vdQgMUIWY1KZJ1nSz76NLfx304BUNGojKATSZ1BJba2AfImvuzBzOXZUOl9LeOtUpgzRX9TNzU65c0sKzx2TxW0pKYoeAZTgXjrXmApw8hg4kdDoDmIEnHSZApA2leaVSjQOvxlJSsprFHEuctjjdejJ-g53l-za5jX44ZEcmYUBg1wXsIVSxCNxd2XsRA4krdTXtEaMwm8KfuFh3jwbsNlsGeVLkzAxrGb%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=2120126000355&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 17e1d26a541557e1c5061c96b17e2b091f6fa6482765b2ab6d0938bb634fee11

Request headers

Host: hal900024.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=d34a26fa0ce3c48f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/

Response headers

Date: Sun, 20 Jun 2021 03:44:56 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 20 Jun 2021 04:44:56 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2293
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame CF18 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d95d291d52c5d15cd66f27673ec99240b421d43905d4bbf9b42e60089c92c77

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 42CA 89 KB
32 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=63891900012273100710156011631024&a=d34923af

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 10:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jun 2022 10:12:50 GMT

GET
H/1.1 200
OK 300x250_OMAC_2016_Launch%20(3).jpg
cdn.contentspread.net/24i/advertiser/33019/creativesup/ Frame 42CA 52 KB
52 KB 87ms
26ms Image
image/jpeg 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/33019/creativesup/300x250_OMAC_2016_Launch%20(3).jpg
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=63891900012273100710156011631024&a=d34923af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3133977.ip-51-75-147.eu
Software: nginx /
Resource Hash: 23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614

Request headers

Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:44:56 GMT
Last-Modified: Tue, 21 Jun 2016 09:41:45 GMT
Server: nginx
ETag: "57690bd9-ce63"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 52835

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame 42CA 0
150 B 73ms
25ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/viewability?s=63891900012273100710156011631024&a=22dd2d5a&vb=m
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=63891900012273100710156011631024&a=d34923af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900024.redintelligence.net/request_content.php?s=63891900012273100710156011631024&a=d34923af
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:44:56 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 42CA 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 13567.json Show response
img.scupio.com/js/config/ 374 B
765 B 27ms
27ms XHR
application/json 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/13567.json?v=1.0.3813
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 01db7866b8ed97fd6bb8bb535f5785b404153cc7a7d6ce37d586da98d3593ce4

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 20 Jun 2021 03:42:04 GMT
via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
last-modified: Wed, 19 May 2021 02:16:47 GMT
server: nginx/1.12.1
age: 173
etag: "60a4750f-176"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 374
x-amz-cf-id: csO6UwMuXihDBxUbEq63JMLqOWHGwHNXm_98ypZXEx5cKmnPfkPkig==
expires: Sun, 20 Jun 2021 06:42:04 GMT

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 34F0 35 KB
14 KB 25ms
25ms Document
text/html 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.56
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 3dd06f5770208f248296cdb0ed209a423046889337177f4c0394b220f42c5504

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ad.html?v=1.0.56
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CIA20210620114456330355
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 03 May 2021 06:16:34 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 20 Jun 2021 03:17:29 GMT
expires: Sun, 20 Jun 2021 09:17:29 GMT
cache-control: max-age=21600
etag: W/"608f9542-8d2b"
x-cache: Hit from cloudfront
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: KpTe5fUBgHKDo5H7MxwCLYiyJaYhM5gCwD1fTYOvh4xPAB3O22a5kA==
age: 1648

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 34F0 95 KB
33 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:02:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Jun 2022 00:02:25 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 34F0 235 KB
85 KB 24ms
24ms Script
application/javascript 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:40:08 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 07:57:27 GMT
server: nginx/1.12.1
age: 466
etag: W/"60af50e7-3ac4b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 8KRCR6JwimYg1twadaCsUXYlOxBaO_AOjFAIBGwGR-cnGFerk3EZZg==
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Sun, 20 Jun 2021 09:37:11 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 13ms
13ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1241
date: Sun, 20 Jun 2021 03:44:56 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 34F0 108 B
488 B 24ms
24ms XHR
application/json 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 754f6a663422e4ab9d3b26427d2ff42e941d9a7d7c1fa02181a17f6768d425aa

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Jun 2021 03:40:34 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
last-modified: Sat, 19 Jun 2021 19:15:54 GMT
server: nginx/1.12.1
age: 308
etag: "60ce426a-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: 3Xl3MtbkPh-RJyRZEOaRVTIAiYiZuVVOg4vLalrwxlBiSrU57s7e4Q==
expires: Sun, 20 Jun 2021 06:39:48 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 34F0
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=lmNeCHxBbFBTcFd5T05WQWJKcnYrQzdML1Q1MkJBRXVFcStRakNLUWdGdTI1dXd6cU56SHlESE5OVjliTjB4MmJOelRvQVNzcWl3ai91c1lhQlRGYlkvcnZ0Vy9xdDVmdi9NckpDNmg1aEJhbERyRGxKUk9TOW9QR3o0K3...

358 B
636 B

27ms
27ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=lmNeCHxBbFBTcFd5T05WQWJKcnYrQzdML1Q1MkJBRXVFcStRakNLUWdGdTI1dXd6cU56SHlESE5OVjliTjB4MmJOelRvQVNzcWl3ai91c1lhQlRGYlkvcnZ0Vy9xdDVmdi9NckpDNmg1aEJhbERyRGxKUk9TOW9QR3o0K3lBMXNxSjdlK3pWdmtUeTdnU0UwMXdkc3BaQ2E0RjZxV2JSaG5XWXNwOXBOT0lqK0tUY045TTZDbGFLalkzelQ5Z1BkQnVCQkdXa2V4SlcvMXd4dGx4NTRxWDNHTXhFWFJYcmdhR1BWTmdadE83OGQxd3ZrPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1e13ef0ad5c40fda3f12303dcec33de8a849ef1eee1c3042f14b03d6e7e8cf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 20 Jun 2021 03:44:56 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2056
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 20 Jun 2021 03:44:56 GMT
location: https://mug.criteo.com/sid?cpp=lmNeCHxBbFBTcFd5T05WQWJKcnYrQzdML1Q1MkJBRXVFcStRakNLUWdGdTI1dXd6cU56SHlESE5OVjliTjB4MmJOelRvQVNzcWl3ai91c1lhQlRGYlkvcnZ0Vy9xdDVmdi9NckpDNmg1aEJhbERyRGxKUk9TOW9QR3o0K3lBMXNxSjdlK3pWdmtUeTdnU0UwMXdkc3BaQ2E0RjZxV2JSaG5XWXNwOXBOT0lqK0tUY045TTZDbGFLalkzelQ5Z1BkQnVCQkdXa2V4SlcvMXd4dGx4NTRxWDNHTXhFWFJYcmdhR1BWTmdadE83OGQxd3ZrPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1786
content-length: 482
expires: 0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 34F0 0
323 B 376ms
155ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7BE8827732D680EA64BB3A493A78B&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&fp=undefined&eids=&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=ee0956fa-1e1b-4267-810c-5030380d45ef&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:44:57 GMT
access-control-allow-credentials: true
connection: close

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 34F0 0
50 B 292ms
292ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.6860678703819003
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Jun 2021 03:44:56 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://img.scupio.com
cache-control: private
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 34F0 0
176 B 171ms
171ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:44:57 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 34F0 0
187 B 26ms
26ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0-pre&cb=92651092741
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:44:57 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF18 42 B
64 B 29ms
16ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUPsPY6miStTFzkUF2ihaIM4cYwiq42zrEuAMSb_io-NdRGXguen0_3f0XnVNOO4127j5jXzkAungElpX5rDlE7xYQ9yT4Hn4jb3gzB18kcg&sai=AMfl-YSY_Fu3sr3cOE9dUh1ykooxukg7OSsz5AZTeXQSgmE1bOySEzIijT865iHDaciIR5nl5Pyzfe3avSu79YXPPN9EdsvTLQjvrmeC0oAnWq3H7ImO_MiOi0pRiW-eGuo&sig=Cg0ArKJSzEynjXdnQ1zzEAE&cid=CAASFeRoBcZk0X6NgxJVXuYsiV3YXn0Cjg&id=lidar2&mcvt=1011&p=102,1005,356,1305&mtos=0,1011,1011,1011,1011&tos=0,1011,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2862190043&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624160695731&dlt=20&rpt=502&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 27ms
27ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1836
date: Sun, 20 Jun 2021 03:44:56 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame 42CA 0
150 B 72ms
25ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/viewability?s=63891900012273100710156011631024&a=22dd2d5a&vb=v
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=63891900012273100710156011631024&a=d34923af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900024.redintelligence.net/request_content.php?s=63891900012273100710156011631024&a=d34923af
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:44:57 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame A0E7 83 KB
27 KB 50ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:57 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Jun 2021 03:44:57 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 70B5 2 KB
2 KB 13ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.plurk.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1937
set-cookie: uid=6d012a80-e637-47c3-8124-dfdc5f15900f; expires=Mon, 20 Jun 2022 03:44:57 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sun, 20 Jun 2021 03:44:56 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame A0E7 83 KB
27 KB 40ms
14ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:57 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Jun 2021 03:44:57 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 34F0 2 KB
2 KB 299ms
299ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.9389425664127948
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cdf8ba7852dc12402543618a3c5adf80d6127f355abef481c1e677aa54e13ae9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 20 Jun 2021 03:44:56 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 1469

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 1EFE 1 KB
1 KB 25ms
24ms Document
text/html 65.9.77.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/html/ad.html?v=1.0.56
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CIA20210620114456330355; gx=H4sIADkqz2AA%2fxNmYGDg4uY4dHbz858vb1oKsAqxcNgLMAEAxHUCFhcAAAA%3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/html/ad.html?v=1.0.56

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 20 Jun 2021 03:36:37 GMT
expires: Sun, 27 Jun 2021 03:26:37 GMT
cache-control: max-age=604800
etag: W/"583295c9-4dc"
x-cache: Hit from cloudfront
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: MGKhe8iHQsI7LfCYkrhEvTqJZcyALC47rfb5M3055dPY00thtJDAcA==
age: 1100

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 012D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0lBMjAyMTA2MjAxMTQ0NTYzMzAzNTU%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEARRnRzLuFXJT_7mlsM-y60&google_cver=1&google_ula=3918219,0

0
551 B

1163ms
295ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEARRnRzLuFXJT_7mlsM-y60&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:44:58 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEARRnRzLuFXJT_7mlsM-y60&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 65A0
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

55ms
17ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of9v7w
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://img.scupio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Jun 2021 03:44:58 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date: Sun, 20 Jun 2021 03:44:57 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
www.facebook.com/tr/ Frame 012D 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.56&rl=&if=true&ts=1624160697928&cd[SBST]=25&cd[PuID]=plurk

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 20 Jun 2021 03:44:57 GMT

GET
H/1.1

200
OK

uxid.aspx
rec.scupio.com/recweb/ Frame 012D
Redirect Chain

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CIA20210620114456330355
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

35 B
581 B

1029ms
289ms

Image
image/gif

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:44:58 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: image/gif
Content-Length: 35

Redirect headers

Location: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Date: Sun, 20 Jun 2021 03:44:58 GMT
Connection: close
Content-Length: 71
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 34F0 83 KB
27 KB 15ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:58 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Jun 2021 03:44:58 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 068D 2 KB
2 KB 15ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.plurk.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=6d012a80-e637-47c3-8124-dfdc5f15900f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 4840
set-cookie: uid=6d012a80-e637-47c3-8124-dfdc5f15900f; expires=Mon, 20 Jun 2022 03:44:57 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sun, 20 Jun 2021 03:44:57 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 34F0 83 KB
27 KB 15ms
14ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:58 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Jun 2021 03:44:58 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 65A0 31 KB
9 KB 19ms
19ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 31b642f3d722942829e13699ab3ee280e0b2213d098096ca138cc315d50d1c2b

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:44:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 16:13:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=20907
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9274
Expires: Sun, 20 Jun 2021 09:33:25 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 65A0 284 B
921 B 73ms
18ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H/1.1

200
OK

rubiconid.aspx
bw.scupio.com/adpinline/ Frame 65A0
Redirect Chain

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=KQ4NCF8Z-B-GQBI

0
620 B

297ms
296ms

Image
application/javascript

210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bw.scupio.com/adpinline/rubiconid.aspx?uid=KQ4NCF8Z-B-GQBI
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:44:58 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: application/javascript
Content-Length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://bw.scupio.com/adpinline/rubiconid.aspx?uid=KQ4NCF8Z-B-GQBI
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: c80248407eff6cf595ce43a76c04e23f
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 65A0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=daa460ce-b9b9-4400-bc19-c5637362bda8

42 B
678 B

40ms
18ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=daa460ce-b9b9-4400-bc19-c5637362bda8
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

Date: Sun, 20 Jun 2021 03:44:54 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=daa460ce-b9b9-4400-bc19-c5637362bda8
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 20 Jun 2021 03:44:53 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 65A0
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTExZWZiNDY2NmRmZWFhZWZjZWUxODY3Y2EzNzgzN2E5NDBmNzI3NQ

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTExZWZiNDY2NmRmZWFhZWZjZWUxODY3Y2EzNzgzN2E5NDBmNzI3NQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTExZWZiNDY2NmRmZWFhZWZjZWUxODY3Y2EzNzgzN2E5NDBmNzI3NQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 65A0
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/Wu4cwySDZwrnPW21ika2EA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5534814456925838830

42 B
678 B

17ms
17ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5534814456925838830
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

date: Sun, 20 Jun 2021 03:44:58 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5534814456925838830
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 65A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEApiIqOPHTArgSMNzkIEcpg&google_cver=1

42 B
678 B

70ms
17ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEApiIqOPHTArgSMNzkIEcpg&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEApiIqOPHTArgSMNzkIEcpg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 65A0
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1E0TkNGOFotQi1HUUJJ

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1E0TkNGOFotQi1HUUJJ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1E0TkNGOFotQi1HUUJJ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 65A0 70 B
265 B 130ms
42ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 65A0
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQ4NCF8Z-B-GQBI&sigv=1&esig=2~8146a96c66e917d48152c5064c1c83b8f18b9195

0
446 B

25ms
6ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQ4NCF8Z-B-GQBI&sigv=1&esig=2~8146a96c66e917d48152c5064c1c83b8f18b9195

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:58 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQ4NCF8Z-B-GQBI&sigv=1&esig=2~8146a96c66e917d48152c5064c1c83b8f18b9195
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 65A0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YM65ugABsftDaABg
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YM65ugABsftDaABg&_test=YM65ugABsftDaABg

42 B
678 B

17ms
17ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YM65ugABsftDaABg&_test=YM65ugABsftDaABg
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:44:58 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1624160698.430906,VS0,VE0
x-served-by: cache-hhn4024-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YM65ugABsftDaABg&_test=YM65ugABsftDaABg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame A0E7 35 B
266 B 338ms
115ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:44:59 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2

200

cm
c.holmesmind.com/ Frame A0E7
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
508 B

127ms
127ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:44:59 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Sun, 20 Jun 2021 03:44:59 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 34F0 35 B
266 B 320ms
108ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:45:00 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/v1/prebid/bid

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.plurk.com/	1970-01-19 19:09:20	Name: _gat Value: 1
.plurk.com/	1970-01-19 19:10:47	Name: _gid Value: GA1.2.932906789.1624160695
.plurk.com/	1970-01-20 12:40:32	Name: _ga Value: GA1.2.1172499367.1624160695
.plurk.com/	1970-01-19 19:30:56	Name: plurkcookiea Value: "8s3y1Kz+9K+r8tPGciYK2NpaqaR/rBOgd0TeCoKNAgw=?from_url=Ii9wL29mOXY3dyI=&invitation_from_uid=MTQ4MDc2MzQ="

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1188f5ba5222a8e80f13f49b351e2c67.safeframe.googlesyndication.com
ad.holmesmind.com
ad2.apx.appier.net
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.plurk.com
avatars.plurk.com
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
cdn.contentspread.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900024.redintelligence.net
hb.aralego.com
img.scupio.com
imgs.plurk.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
rec.scupio.com
s.plurk.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.aralego.com
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.plurk.com
ad2.apx.appier.net
103.132.192.30
104.109.78.125
13.248.242.197
138.201.84.252
142.250.185.226
142.250.186.162
151.101.114.49
162.210.196.208
178.250.0.157
178.250.0.165
185.29.133.52
192.96.200.41
2.18.234.21
2.19.35.65
210.59.219.175
210.59.219.180
210.59.219.181
2606:4700::6810:135e
2606:4700::6810:5e41
2606:4700::6811:4503
2606:4700::6811:4603
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:802::200e
2a00:1450:4001:808::200a
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2004
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c04::9a
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f11c:8183:face:b00c:0:25de
35.201.76.93
51.75.147.170
54.178.71.123
65.9.77.82
69.173.144.139
69.173.158.64
01db7866b8ed97fd6bb8bb535f5785b404153cc7a7d6ce37d586da98d3593ce4
03743c23eb96e2878a63d0c4d4407f972e30ac032672b8e8c7b5083146bba96b
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17e1d26a541557e1c5061c96b17e2b091f6fa6482765b2ab6d0938bb634fee11
1e13ef0ad5c40fda3f12303dcec33de8a849ef1eee1c3042f14b03d6e7e8cf7b
1e7d43630a261b51e2a419b892c4fa8aed22dcbc1cfc7e5f8a575771d5fbe67c
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae
31b642f3d722942829e13699ab3ee280e0b2213d098096ca138cc315d50d1c2b
3583293c465d882beef2613412ecd5ddca9b8940d344e94ebbbd4ebef13d42d8
3dd06f5770208f248296cdb0ed209a423046889337177f4c0394b220f42c5504
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49832bd9d6e23a7771e130b7a8c75e669a56e10f6ec88afd6872b9e27218f231
49d706fc3e4dbf7484d9143806e2fe9bde08e4089b678a919019771e7a5c2f4f
4d95d291d52c5d15cd66f27673ec99240b421d43905d4bbf9b42e60089c92c77
4e17a8b1a3f28afdc3e192a553e862b827e8c23688433711fd60ccea0539fd56
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
57b62bb677420f12d12a7181b27a1af6fd5574b482b28fd6237c14b930411dc5
5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
673cb57b8bcbb6394a6b47f190d86077949725e7c9e4445d2366cbd43b242224
67a06e09f719fde5bf65b689bcbb8284296bd18227b94e8f525a17b334c8c09a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bb98401c198e251c1ff47f12f07d24677ef45cf9f434557ee94dee4d4e4c0b6
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
754f6a663422e4ab9d3b26427d2ff42e941d9a7d7c1fa02181a17f6768d425aa
7644af38eab82d36c7e546d9bdac3b27fb22641927eb9368bc5c33c777c6d676
7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b52207f42e563d3a8bb56e7203515812c47ba7d8f31573300f06d323ad540f6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d
9a2c0a3b3510b56be29d68362d3e731986fdc810bb57d6ed461185b278ff89e2
9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4db10250289137b89b36de606ec2765d85404fa52a0c058e9e954c5322e7ed9
b90a40bb183f1f7036a6aad2fe03e57e5cf350a6c76779915cca7c1e37e1427f
ba91cfa00a3293d20f04e3f4e56c23c3d192035e8379f079a6825bcaa2d2bd42
baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1
bc7a9223874861c2b9fa970476f94a0013644fcc8c8b26a428549a2f2d050840
cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe
cdf8ba7852dc12402543618a3c5adf80d6127f355abef481c1e677aa54e13ae9
d067cc74b07828e65b2cea7b153f63f3fdcb040b86f122ea02835f662d4c097f
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d6645e2c0a595a3c171a6a0eb57bbdf2abab1e9f813676ac75b2916de4778c45
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e1ba74945c36d1928d02079f476ac27d123ffa19c6fccfb2a3d14b35614b9218
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e652bca51f3d99e146d9b1d9b59b275412dc949d345c0a4566dbfb881f46a40b
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949
fb18058302f67c3f2c45a9b273a9536bcd4e3589c07d041d68d999740f778790
fd5e8cb49fa368e842b2fde520355ac140d73dd59e6365bde4c9197776833457

www.plurk.com Open in urlscan Pro 2606:4700::6811:4503 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

119 Requests

99 %HTTPS

50 %IPv6

26 Domains

50 Subdomains

42 IPs

9 Countries

1127 kBTransfer

3065 kBSize

4 Cookies

1 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.plurk.com Open in urlscan Pro
2606:4700::6811:4503 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

99 %
HTTPS

50 %
IPv6

26
Domains

50
Subdomains

42
IPs

9
Countries

1127 kB
Transfer

3065 kB
Size

4
Cookies

119 HTTP transactions
2 data transactions