www.plurk.com Open in urlscan Pro
2606:4700::6811:4503 Public Scan

URL:
https://www.plurk.com/p/oe8m50
Submission: On June 19 via manual (June 19th 2021, 10:50:41 am UTC) from VN

Summary HTTP 120 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 23 domains to perform 120 HTTP transactions. The main IP is 2606:4700::6811:4503, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.plurk.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 17th 2020. Valid for: 2 years.

This is the only time www.plurk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700::68... 2606:4700::6811:4503	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	65.9.77.9 65.9.77.9	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c01::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4 5	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
11	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
2 6	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 5	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	175.41.232.18 175.41.232.18	16509 (AMAZON-02) (AMAZON-02)
2	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 2	3.124.222.92 3.124.222.92	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
120	37

19 2606:4700::6811:4503 (United States)

ASN13335 (CLOUDFLARENET, US)

www.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatars.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgs.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 65.9.77.9 (United States)

ASN16509 (AMAZON-02, US)

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.162 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.181 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.210.196.208 (Falls Church, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 175.41.232.18 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-232-18.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.180 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.222.92 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-222-92.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.175 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.76.93 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	plurk.com www.plurk.com s.plurk.com avatars.plurk.com imgs.plurk.com assets.plurk.com	274 KB
18	googlesyndication.com 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	81 KB
16	scupio.com img.scupio.com prebid.scupio.com bw.scupio.com rec.scupio.com	229 KB
12	criteo.com 2 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	6 KB
12	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	148 KB
11	2mdn.net s0.2mdn.net	119 KB
5	aralego.com 1 redirects hb.aralego.com sync.aralego.com	1 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	criteo.net static.criteo.net	107 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	google.com adservice.google.com www.google.com	1 KB
4	cloudflare.com cdnjs.cloudflare.com	54 KB
3	holmesmind.com 1 redirects ad.holmesmind.com c.holmesmind.com	981 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	googletagservices.com www.googletagservices.com	86 KB
2	adtriba.com 1 redirects d.adtriba.com	757 B
2	creativecdn.com prebid-asia.creativecdn.com	352 B
2	google.de adservice.google.de www.google.de	960 B
2	google-analytics.com www.google-analytics.com	19 KB
1	facebook.com www.facebook.com	147 B
1	googleapis.com ajax.googleapis.com	95 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
0	appier.net Failed ad2.apx.appier.net Failed
120	23

	Domain	Requested by
11	s0.2mdn.net	www.plurk.com s0.2mdn.net
11	s.plurk.com	www.plurk.com s.plurk.com
10	img.scupio.com	www.plurk.com img.scupio.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	gum.criteo.com	2 redirects static.criteo.net
6	tpc.googlesyndication.com	67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
4	static.criteo.net	img.scupio.com static.criteo.net
4	mug.criteo.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cdnjs.cloudflare.com	www.plurk.com
3	sync.aralego.com	1 redirects img.scupio.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	www.plurk.com 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com tpc.googlesyndication.com
3	assets.plurk.com	cdnjs.cloudflare.com
3	www.googletagservices.com	www.plurk.com securepubads.g.doubleclick.net 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
3	www.plurk.com	cdnjs.cloudflare.com static.cloudflareinsights.com
2	c.holmesmind.com	1 redirects
2	eus.rubiconproject.com	www.plurk.com eus.rubiconproject.com
2	rec.scupio.com	img.scupio.com
2	d.adtriba.com	1 redirects 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.plurk.com
2	bw.scupio.com	img.scupio.com ajax.googleapis.com
2	bidder.criteo.com	img.scupio.com
2	prebid-asia.creativecdn.com	img.scupio.com
2	hb.aralego.com	img.scupio.com
2	prebid.scupio.com	img.scupio.com
2	googleads.g.doubleclick.net	67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com www.plurk.com
2	67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.plurk.com www.google-analytics.com
1	ade.googlesyndication.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	www.facebook.com	img.scupio.com
1	secure-assets.rubiconproject.com	1 redirects
1	ajax.googleapis.com	img.scupio.com
1	ad.holmesmind.com	img.scupio.com
1	www.google.de	www.plurk.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	static.cloudflareinsights.com	www.plurk.com
1	imgs.plurk.com	www.plurk.com
1	avatars.plurk.com	www.plurk.com
0	ad2.apx.appier.net Failed	img.scupio.com
120	45

This site contains links to these domains. Also see Links.

Domain
www.bandatnendongnai.vn

Subject Issuer	Validity	Valid
*.plurk.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-17` - `2022-07-16`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2019-10-15` - `2021-10-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.adtriba.com Amazon	`2021-05-31` - `2022-06-29`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.plurk.com/p/oe8m50
Frame ID: 4110CF45DE7DA7256F4C752F5FA93BAD
Requests: 41 HTTP requests in this frame

Frame: https://img.scupio.com/html/mv.html?v=1.0.91
Frame ID: 51C3279BA0E4B3BF3CE3D2676F46145F
Requests: 15 HTTP requests in this frame

Frame: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 615F17E677EC7BC1AFC369CA9A190709
Requests: 1 HTTP requests in this frame

Frame: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 624B9BC02C55F403590B1C2FA3EDCD9A
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCUxZeTAhiVzrCtATAB&v=APEucNUWKSwyc-QSk2CX754iOq8jUaFtGZ-NKIUcbcoYnpspYlVDc7ock1_7pV-qAx_JO0ItYfdKjipxaGIsX8SSvQtXwCD2897BHnWFyo-fAZo9hRBVUy-hydXOhZotkQLCUZgykpXQHZcijPr0cloTnhVzpOdI-oM0xo97Pc4m6yfnUqzEv-A
Frame ID: B5834C5533AC84AA0103998743446C4E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: EDD89F064AA31E9644CE4D8B879A6EAC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 22E49F4F48433B722840539A7F4BB675
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 54F9F00A68881ECFDD4850709ADEC0DF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10326444/1623847087840/index.html
Frame ID: 3D6FA9DB9FDF65240DF9AF74963125D6
Requests: 10 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.56
Frame ID: 1E26EBE7FBF3A83389819A0CA45496C9
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com
Frame ID: EC6E134E4DA8893916C41DFF6A42BD6C
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 0E1CDC66137EA833502D4E9A5508F97C
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGH796dLswPiesZVUfiXLCY&google_cver=1&google_ula=3918219,0
Frame ID: 7C4778535D378F43124AB16B3AA9F99E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: B68FA9239F908C511A1706E972CDB021
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com
Frame ID: C313821B379706369A688119A7BFAC40
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

120
Requests

99 %
HTTPS

46 %
IPv6

23
Domains

45
Subdomains

37
IPs

7
Countries

1239 kB
Transfer

3300 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bandatnendongnai.vn/tin-tuc/cung-ung-lao-dong/
Title: Cung ứng lao động

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIhKHPWfvogbig9Ww7yPd8&google_cver=1

Request Chain 50

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YM3L75mSYZfwi-W6PayXAwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKX9mfVmm8bPn7779Xn8dg&google_cver=1

Request Chain 51

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAmmpqBwMd_s965DI_YQ_gM&google_cver=1

Request Chain 52

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY3MzA3ODI0ODU5MDg2ODU4Nw%3D%3D

Request Chain 63

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=j25ew3xyWXdiMm5pQXYxR1d4S21VcjlHME01aXpxK1Y1OEJxQ0lXVkV2TC9OZHNXOGVlRlJCQUlvMW9BOVNjdzE4OXV4U1JmaFgySzFRSm5TMWtDb2xhTjBWMnpOelBsTTdDb0NQMHVoTUVkMmhlcUFtem1TeVNRRDdxNGlYNml6NWVWcHV1dURIc09RSk9VeTByT09PWVpaZTZOSHlBa0tKUlB0ZUlSaWtwVEJuUVgzRWExQ0tlVlUrMkk1VzBaRjNiZmo4eTVYS0o1MXZwNVJwS0wwNlhwdzQ1QnlvYnFIUkNMSVlMQXhMdnZONTZzPXw&cppv=2

Request Chain 74

https://d.adtriba.com/collect?atb_ptid=8387be89&atb_dcaid=0621-petfeeder&atb_dpuid=adlicious HTTP 302
https://d.adtriba.com/px.gif

Request Chain 96

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=9nJbGXxUUkRqa1gxS1E5eDlLUG5yTC94STQwdTByRkJnT2tkR3M3ZG8wTVE1cHFadHJpbUNlWGt1dUdtMTRvTjVJUm92ZDkvOUV2TnVienVjbnFzR0JCUVRLbWpvdWI4L0pIOHZ1VjZGNG1nRTJzRmNHQUVoSUM0dHhGUVRxOGRLU1BXeWE1U0NWazEreEhxNnp0ajNnVW1IZ2sxWUlmRlExSWF2enFsbWhOMFNlWXZxbkNQZ1RiSlIzRUtUUXBmOHhMUGxkRENYam5JaWxycDVNbkZVV1owckVXZmFYT1hPbmtRT2ErNWI1b0NFbUpzPXw&cppv=2

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1RBMjAyMTA2MTkxODUwMjQ3MDUyNDI%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGH796dLswPiesZVUfiXLCY&google_cver=1&google_ula=3918219,0

Request Chain 108

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 110

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CTA20210619185024705242 HTTP 302
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

Request Chain 116

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

120 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request oe8m50 Show response
www.plurk.com/p/ 16 KB
5 KB 1371ms
1339ms Document
text/html 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1c02aa103216df218a5a4e12df2a180df67948da45b1b477d68f72d80dcc40e

Request headers

:method: GET
:authority: www.plurk.com
:scheme: https
:path: /p/oe8m50
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-type: text/html; charset=utf-8
set-cookie: plurkcookiea="e1JzA8fqLx83k2/l+1mv7q4ccos5MM7vGtDJyrmkKOc=?from_url=Ii9wL29lOG01MCI=&invitation_from_uid=MTQ4MDc2MzQ="; Domain=.plurk.com; Expires=Sun, 04-Jul-2021 10:50:22 GMT; Max-Age=1296000; Secure; HttpOnly; Path=/
cf-cache-status: DYNAMIC
cf-request-id: 0ac57dad0c0000c27c930c7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 661c32281ac6c27c-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 b857d9cf56d6f856e2b9.js Show response
s.plurk.com/ 64 KB
22 KB 38ms
28ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/b857d9cf56d6f856e2b9.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b90a40bb183f1f7036a6aad2fe03e57e5cf350a6c76779915cca7c1e37e1427f

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 173432
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: GXQH9FQAKVTTKVMG
x-amz-id-2: SNn2yGGKEcUwxtapf6a0mEy+36lybINDnjOConzJHzE1D7cZ2AuuYJUoP6A9gWS4k9h/HkF6vGk=
last-modified: Thu, 17 Jun 2021 10:36:27 GMT
server: cloudflare
etag: W/"08e20746126cfac6c1e1fd1fb365fcef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac57db25c0000c27cd2b2c000000001
cf-ray: 661c32308c50c27c-FRA
expires: Sun, 24 May 2026 10:50:22 GMT

GET
H2 200 e5c9c0eaa191278ef039.js Show response
s.plurk.com/ 172 KB
57 KB 52ms
42ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/e5c9c0eaa191278ef039.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7644af38eab82d36c7e546d9bdac3b27fb22641927eb9368bc5c33c777c6d676

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 796277
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: KS35M2Y4MW0BKDMZ
x-amz-id-2: uV0OrMTBFuJ0hmPkAdpylqcEt7/YXkLx5jFMmox3AonIiyZSL9MxiPnAuwLOvsSDDS9bbruDSLM=
last-modified: Thu, 13 May 2021 05:30:35 GMT
server: cloudflare
etag: W/"79bfcb8b641331b5972ed4136ab1301b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac57db2580000c27c7e811000000001
cf-ray: 661c32308c51c27c-FRA
expires: Sun, 24 May 2026 10:50:22 GMT

GET
H2 200 f98462c57caf3129dd20.js Show response
s.plurk.com/ 2 KB
1 KB 33ms
23ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/f98462c57caf3129dd20.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49832bd9d6e23a7771e130b7a8c75e669a56e10f6ec88afd6872b9e27218f231

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 248848
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 6N0V29DX0WS3FRC2
x-amz-id-2: /P8UkZ9L7QJtv1Vl+pL4RIWJpS4+qc184cL66G+AlujKY8kqqV7+0te2EBc8zsZLXMDrrMg0Skg=
last-modified: Wed, 21 Apr 2021 05:52:35 GMT
server: cloudflare
etag: W/"4d81cd1413f0de03828bf6ec967af7bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac57db25a0000c27c9fa9a000000001
cf-ray: 661c32308c57c27c-FRA
expires: Sun, 24 May 2026 10:50:22 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 35ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7652283
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27433
cf-request-id: 0ac57db260000032335c308000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IgbL5MmtFIXQB3zdRZZtbGlvmpv7ZH7s0cFDa8Jne26eHitXg5JdDTQ5uNHtk3AdM0fl%2FpR1XcUpD4Y0Th%2FzBANhZvkzJONQoz5l6tSAWq%2Ftfzs4jpv2BNWUKfT2ZXK7j13ymhVqGnYVmhSmfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 661c32309be53233-FRA
expires: Thu, 09 Jun 2022 10:50:22 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/ 21 KB
4 KB 39ms
22ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2632300
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4037
cf-request-id: 0ac57db26000003233e79cf000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-55e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lp%2Bl%2BFjtMSpdBMZcdID24KEnQ%2FjOgzzGxRFdCBpX7VZQfi3WkJLR2YYvql%2FIkFM27070qpH1ir8W5%2FYjy%2B6Yn8Ck5E0BevZWogjVe%2Fr9twm06gTbD3fiHMD%2Fkux1lDDWXS0v7CBQ5KH7X45vqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 661c32309be23233-FRA
expires: Thu, 09 Jun 2022 10:50:22 GMT

GET
H2 200 be6490d423cd4fe35add.css
s.plurk.com/ 5 KB
1 KB 36ms
27ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/be6490d423cd4fe35add.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d706fc3e4dbf7484d9143806e2fe9bde08e4089b678a919019771e7a5c2f4f

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1561644
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PF4YGW9DS96VJM18
x-amz-id-2: t15Nrb9MVMpwrpnjO565mREXQ/fCwu70FkdyXCy7JhHbc4J7EWktPDSIBaZsIXbAXBU7FWl4U/A=
last-modified: Tue, 01 Jun 2021 08:58:28 GMT
server: cloudflare
etag: W/"0f7fc8f1ded4854c178b7b313e9a05c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0ac57db2570000c27c9b3e2000000001
cf-ray: 661c32308c4ec27c-FRA
expires: Sun, 24 May 2026 10:50:22 GMT

GET
H2 200 sweetalert.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/ 40 KB
11 KB 33ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1352688
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10494
cf-request-id: 0ac57db2600000323347a46000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff8-9f68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=foNECwQGRDhMp844Iq6ksEs1QYFKF9FiqAF%2Bow3luaeYTIlBMK2cnnESn6SjdparbIgzWYKHmG7jTZUL5NBXAoOByvtwl%2BexW5oU%2B2VQdOKBdYWMZobVBZMZp%2FTGodnbgU18R1So0D%2BneYt8rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 661c32309be63233-FRA
expires: Thu, 09 Jun 2022 10:50:22 GMT

GET
H2 200 handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/ 43 KB
12 KB 60ms
43ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/handlebars.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 132516
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11830
cf-request-id: 0ac57db26000003233062c8000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-ac34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ePm%2BDejoZeAHSvYZkoRr8kB88OQHOgPqNeqPS1iz4JGCIaXo%2FH01j16YOHizk7QtskYWfXHUPHfB%2FOfJ%2BwU3FE0LA3bAVukYpJtIJQ1LgduhPnGET%2BSQWk3NrsIK%2FqRKpfIl9v3w9aG%2F%2F8Y3BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 661c32309be73233-FRA
expires: Thu, 09 Jun 2022 10:50:22 GMT

GET
H2 200 a7e6ae6ad276b216026d.js Show response
s.plurk.com/ 48 KB
13 KB 43ms
34ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/a7e6ae6ad276b216026d.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b52207f42e563d3a8bb56e7203515812c47ba7d8f31573300f06d323ad540f6

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 784988
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: STE62TXP513QB540
x-amz-id-2: lLFNZyZ+mYjANe4YLwKw5LRxh7fIxYueHVU/IdOYDQQVOFqDLsHVT7oTsqAjxvd3pawowkNQmCA=
last-modified: Thu, 10 Jun 2021 08:32:42 GMT
server: cloudflare
etag: W/"8c7550f23efa76de8ea43f661e206763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac57db2590000c27cf61c7000000001
cf-ray: 661c32308c56c27c-FRA
expires: Sun, 24 May 2026 10:50:22 GMT

GET
H2 200 88da4e6060770e741c9a.js Show response
s.plurk.com/ 62 KB
20 KB 30ms
21ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/88da4e6060770e741c9a.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 673cb57b8bcbb6394a6b47f190d86077949725e7c9e4445d2366cbd43b242224

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 173412
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WBBM8CYFC2EWY520
x-amz-id-2: Epd4lEWT4nqgvIRz5OTT1AuwsRRYs7VYLReFy+9b0ABtFonmkyv0lSPJPX0y2lyOLyJYEhDHaBY=
last-modified: Thu, 17 Jun 2021 10:36:25 GMT
server: cloudflare
etag: W/"0df4f1bfaf87bd2c07a425b29ca4071d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac57db2590000c27c0bb5f000000001
cf-ray: 661c32308c54c27c-FRA
expires: Sun, 24 May 2026 10:50:22 GMT

GET
H2 200 31b312ff2cc0494dbf23.css
s.plurk.com/ 39 KB
7 KB 31ms
22ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/31b312ff2cc0494dbf23.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e652bca51f3d99e146d9b1d9b59b275412dc949d345c0a4566dbfb881f46a40b

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 173412
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WBBQKNM9SHW92KB0
x-amz-id-2: 808Jo/jtERi3SqTZCF9kmcbO2LrqQMrfL0jk7BRv0vbKmpSMtLXs2R43awTbPinYz4AKTQQEyqI=
last-modified: Thu, 17 Jun 2021 10:36:25 GMT
server: cloudflare
etag: W/"5586b0ed01f06b4fc36fbf63b6d21e3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0ac57db2570000c27c9693d000000001
cf-ray: 661c32308c4dc27c-FRA
expires: Sun, 24 May 2026 10:50:22 GMT

GET
H2 200 c7613002a6ba4a98b549.js Show response
s.plurk.com/ 242 KB
66 KB 48ms
40ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/c7613002a6ba4a98b549.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6645e2c0a595a3c171a6a0eb57bbdf2abab1e9f813676ac75b2916de4778c45

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 753824
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PWWE8KVN10B49EKE
x-amz-id-2: w0GU086a0INiGF1y7G7DLGv3hzkR7e20B1vHY9pLqHnHxpvYbwkd9gCYT4dR4pHDZwhTb0U90yE=
last-modified: Thu, 10 Jun 2021 17:20:28 GMT
server: cloudflare
etag: W/"18b0b09a12beb11af3e0fc0ab6d29964"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac57db2580000c27c8a1a5000000001
cf-ray: 661c32308c53c27c-FRA
expires: Sun, 24 May 2026 10:50:22 GMT

GET
H2 200 d1d3f8efc01fbbcbabfb.css
s.plurk.com/ 69 KB
13 KB 40ms
32ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/d1d3f8efc01fbbcbabfb.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1ba74945c36d1928d02079f476ac27d123ffa19c6fccfb2a3d14b35614b9218

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 784092
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: YV0KM68RM3MFXFTZ
x-amz-id-2: 3Kd24YF8wt+y4e76QrE9gJfXJ5cZ4IRSg4QKD0WE2Xc8euGtdmXuwEvlTLPHEQ9qA1YA+ZNvFUk=
last-modified: Thu, 10 Jun 2021 08:32:43 GMT
server: cloudflare
etag: W/"3270d2100d8dd64a6c68e5101ef8346b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0ac57db2570000c27cf30e6000000001
cf-ray: 661c32308c4cc27c-FRA
expires: Sun, 24 May 2026 10:50:22 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 41 KB
15 KB 54ms
16ms Script
application/javascript 65.9.77.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: bc7a9223874861c2b9fa970476f94a0013644fcc8c8b26a428549a2f2d050840

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:49:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 08:12:42 GMT
server: nginx/1.12.1
age: 105
etag: W/"60c860fa-a4d5"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: rjjldrImDAgPQYjkyCNu2MFZBspOf7YAv4UePaJxohSpqfRfg5lZtA==
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
expires: Sat, 19 Jun 2021 11:03:37 GMT

GET
H2 200 14807634-medium15092772.gif
avatars.plurk.com/ 1 KB
2 KB 39ms
26ms Image
image/gif 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.plurk.com/14807634-medium15092772.gif
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
cf-cache-status: HIT
age: 717325
cf-polished: origSize=1287
cf-ray: 661c32318e28c27c-FRA
x-amz-storage-class: REDUCED_REDUNDANCY
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1279
x-amz-id-2: OfMGZl2eVQE55TpfKLf0RTliwwlXTzpaE41uVtR8bojYT1eCAJBHf1sl2IQHL6TCLvcb9MC86oc=
last-modified: Wed, 24 Oct 2018 17:48:38 GMT
server: cloudflare
etag: "6c0779ae49111313047639c892eef67c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: Y80ZYR5C82Z7NXNB
expires: Sun, 24 May 2026 10:50:22 GMT
cache-control: public, max-age=155520000
cf-request-id: 0ac57db2f50000c27cde17c000000001
accept-ranges: bytes
content-type: image/gif
cf-bgj: imgq:100,h2pri

GET
H2 200 gI3PjDd4aD1ag7G5pPql0pA96s0_mt.jpg
imgs.plurk.com/QzI/eAh/ 11 KB
11 KB 36ms
25ms Image
image/jpeg 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgs.plurk.com/QzI/eAh/gI3PjDd4aD1ag7G5pPql0pA96s0_mt.jpg
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83fb448a7127fbb044700e42d0917f7fbddd0733b00c8b0d0f062ac975222814

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
cf-cache-status: HIT
age: 63210
cf-polished: origSize=11598
x-amz-meta-source: https://www.bandatnendongnai.vn/wp-content/uploads/2021/02/cung-ung-lao-dong.jpg
x-amz-meta-content-type: image/jpeg
last-modified: Wed, 24 Feb 2021 01:47:16 GMT
content-length: 11174
x-amz-meta-hash: eAhgI3PjDd4aD1ag7G5pPql0pA96s0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: X1JHS51173K1FFB4
x-amz-id-2: X4ZjqiOkRuFAHwDeOw3PFFjVcdZL7oIJmEffnr8/L7yMBwRZgAHX35Ob859Sdlip/NKoXGlWZV4=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "60d8a01febfc85986cac26e54e1cf9ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-request-id: 0ac57db31d0000c27cc1b09000000001
accept-ranges: bytes
cf-ray: 661c3231ce94c27c-FRA
expires: Sun, 19 Jun 2022 10:50:22 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a2c0a3b3510b56be29d68362d3e731986fdc810bb57d6ed461185b278ff89e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "906 / 619 of 1000 / last-modified: 1624054126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21494
x-xss-protection: 0
expires: Sat, 19 Jun 2021 10:50:22 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 15ms
15ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 661c3231d8a84e14-FRA
cf-request-id: 0ac57db32400004e14103c9000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6705
date: Sat, 19 Jun 2021 08:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 19 Jun 2021 10:58:37 GMT

GET
H2 200 background.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
155 B 41ms
27ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/background.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
cf-cache-status: HIT
age: 99767
cf-ray: 661c32313d8bc27c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-amz-id-2: c5HicxTBhNDI7lbeAC43cDlSGOJY4hEwMWjmjPtP8ZJq7Z5CZd0PtSm5CrT2mpbhd+z7s9XuuIs=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4FMF7CRZFAW4FKCT
cache-control: public, max-age=31536000
cf-request-id: 0ac57db2c30000c27ce58cd000000001
accept-ranges: bytes
content-type: text/css
expires: Sun, 19 Jun 2022 10:50:22 GMT

GET
H2 200 timeline.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
378 B 40ms
26ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/timeline.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
cf-cache-status: HIT
age: 99768
cf-ray: 661c32313d89c27c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-amz-id-2: kankFk58IvG9qoQixb0RoQo/+VKBJ+Yzo5hd7oDdR6pIsZ/u6hCyPJqroCJ7ntx9bIAUp3dFxLI=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4FM4V2VA7M8KP4ND
cache-control: public, max-age=31536000
cf-request-id: 0ac57db2c30000c27c0e9b7000000001
accept-ranges: bytes
content-type: text/css
expires: Sun, 19 Jun 2022 10:50:22 GMT

GET
H2 200 dashboard.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
155 B 49ms
36ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/dashboard.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
cf-cache-status: HIT
age: 171413
cf-ray: 661c32313d87c27c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-amz-id-2: ZVkaaFPyV2PiMjrku1SCeY+cKxsmOLcipMBi4QXoPvOPT8e6BFSZgTcc9Gea7XqPC7P7u5HPXMk=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 9QH19QCD2MYX33PQ
cache-control: public, max-age=31536000
cf-request-id: 0ac57db2c20000c27c092a2000000001
accept-ranges: bytes
content-type: text/css
expires: Sun, 19 Jun 2022 10:50:22 GMT

GET
H2 200 pubads_impl_2021061503.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
115 KB 60ms
22ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 21:10:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116743
x-xss-protection: 0
expires: Sat, 19 Jun 2021 10:50:22 GMT

GET
H3-29 200 b903137cf2afd470223d.woff
s.plurk.com/plurkiconfont/fonts/ 21 KB
22 KB 44ms
21ms Font
application/font-woff 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/plurkiconfont/fonts/b903137cf2afd470223d.woff
Requested by: Host: s.plurk.com
URL: https://s.plurk.com/be6490d423cd4fe35add.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1

Request headers

Origin: https://www.plurk.com
Referer: https://s.plurk.com/be6490d423cd4fe35add.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1561642
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: BN69J9BZKRM6SXJG
x-amz-id-2: DIpgxBiRwdGDK4mEuMz07AqInHJ4dcsTMNpsQH1xNTw77Ss2iLlZO3RgdmBkp8I0+573OkwMRZc=
last-modified: Tue, 01 Jun 2021 08:58:27 GMT
server: cloudflare
etag: W/"d4c0955530a8e2c432946c6057221cab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=155520000
cf-request-id: 0ac57db35500004ec1d432a000000001
cf-ray: 661c32321f6e4ec1-FRA
expires: Sun, 24 May 2026 10:50:22 GMT

GET
H2 200 10987.json Show response
img.scupio.com/js/config/ 557 B
943 B 621ms
591ms XHR
application/json 65.9.77.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/10987.json?v=1.0.3813
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 4e17a8b1a3f28afdc3e192a553e862b827e8c23688433711fd60ccea0539fd56

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
last-modified: Wed, 19 May 2021 02:16:46 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-C1
etag: "60a4750e-22d"
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 557
x-amz-cf-id: ROVEWQdfz8Q9HTIWgGgj-YkaeoHocJSoizHE0PDJDVrS5MpPwTe77Q==
expires: Sat, 19 Jun 2021 13:50:22 GMT

GET
H2 200 mv.html Show response
img.scupio.com/html/ Frame 51C3 68 KB
21 KB 33ms
33ms Document
text/html 65.9.77.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/mv.html?v=1.0.91
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 67a06e09f719fde5bf65b689bcbb8284296bd18227b94e8f525a17b334c8c09a

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/mv.html?v=1.0.91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 03 May 2021 06:15:43 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sat, 19 Jun 2021 10:50:22 GMT
expires: Sat, 19 Jun 2021 11:11:17 GMT
cache-control: max-age=1500
etag: W/"608f950f-111cd"
x-cache: Hit from cloudfront
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 3flPJ8nIiYupXm-EuhwYv2ra9BkTMkZze0zcyq_CThgh2arw3cot8w==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.plurk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.plurk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 471ms
439ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3098883277645461&correlator=2901147358572530&output=ldjh&impl=fif&eid=31061040%2C31061422%2C31060400%2C31061150%2C31061424&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210619&iu_parts=75142684%2Cplurk_message_300x250_SB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1624099822&dt=1624099822500&dlt=1624099822153&idt=222&frm=20&biw=1600&bih=1200&oid=3&adxs=1005&adys=102&adks=2862190043&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.plurk.com%2Fp%2Foe8m50&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=346149026.1624099823&ga_sid=1624099823&ga_hid=602255595&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

c5fad5cd5851765c925aaae8c965338fe147e77caf6ee2ade2a66fabea4afa00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7442
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 615F 6 KB
3 KB 47ms
14ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 19 Jun 2021 10:50:22 GMT
expires: Sun, 19 Jun 2022 10:50:22 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=602255595&t=pageview&_s=1&dl=https%3A%2F%2Fwww.plurk.com%2Fp%2Foe8m50&ul=en-us&de=UTF-8&dt=datnendongnai%20-%20C%C3%B4ng%20ty%20cung%20%E1%BB%A9ng%20lao%20%C4%91%E1%BB%99ng%20Ho%C3%A0ng%20Th%C3%A1i%20%C4%90%E1%BA%A1i%20Ph%C3%A1t%20%C4%91%C6%B0%E1%BB%A3c%20c%E1%BA%A5p%20gi%E1%BA%A5y%20ph%C3%A9p%20ho%E1%BA%A1t%20%C4%91%E1%BB%99ng%20cho%20thu%C3%AA%20l%E1%BA%A1i%20lao%20%C4%91%E1%BB%99ng%20s%E1%BB%91%20176%2F2020%2FS%C4%90GN%20chuy%C3%AAn%20cung%20%E1%BB%A9ng%20nhu%20c%E1%BA%A7u%20cho%20thu%C3%AA%20l%E1%BA%A1i%20lao%20%C4%91%E1%BB%99ng%20ph%E1%BB%95%20th%C3%B4ng%2C%20c%C3%B4ng%20nh%C3%A2n%20t%E1%BA%A1i%20khu%20v%E1%BB%B1c%20%C4%90%E1%BB%93ng%20Nai%2C%20Th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh%20v%C3%A0%20B%C3%ACnh%20D%C6%B0%C6%A1ng%20Cung%20%E1%BB%A9ng%20lao%20%C4%91%E1%BB%99ng%20-%20Plurk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=638697151&gjid=2041549214&cid=346149026.1624099823&tid=UA-53436-7&_gid=483302469.1624099823&_r=1&_slc=1&z=2078017528

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 0cd0435740e740eece09.gif
s.plurk.com/ 31 KB
31 KB 48ms
27ms Image
image/gif 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.plurk.com/0cd0435740e740eece09.gif
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e7d43630a261b51e2a419b892c4fa8aed22dcbc1cfc7e5f8a575771d5fbe67c

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
cf-cache-status: HIT
age: 1561642
cf-polished: origSize=35115
cf-ray: 661c32333e669796-FRA
last-modified: Tue, 01 Jun 2021 08:58:27 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31308
x-amz-id-2: bXssO0abYWh/cAydFARa3uN4NJKyGo6Zt83ksdGbOn5nIX368PTf6FmBYpySCYSsOCRgfTQwrKk=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "d236fd746e000431a8e2c6bc787ee7c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BN64HSRJRJYKBXHS
cache-control: public, max-age=155520000
cf-request-id: 0ac57db40200009796d0087000000001
accept-ranges: bytes
content-type: image/gif
expires: Sun, 24 May 2026 10:50:22 GMT

POST
H3-29 200 get Show response
www.plurk.com/Responses/ 104 B
509 B 194ms
164ms XHR
application/json 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plurk.com/Responses/get
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949

Request headers

sec-fetch-mode: cors
origin: https://www.plurk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: plurkcookiea="e1JzA8fqLx83k2/l+1mv7q4ccos5MM7vGtDJyrmkKOc=?from_url=Ii9wL29lOG01MCI=&invitation_from_uid=MTQ4MDc2MzQ="; _ga=GA1.2.346149026.1624099823; _gid=GA1.2.483302469.1624099823; _gat=1
content-length: 38
:path: /Responses/get
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.plurk.com
referer: https://www.plurk.com/p/oe8m50
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://www.plurk.com/p/oe8m50
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
set-cookie: plurkcookiea="e1JzA8fqLx83k2/l+1mv7q4ccos5MM7vGtDJyrmkKOc=?from_url=Ii9wL29lOG01MCI=&invitation_from_uid=MTQ4MDc2MzQ="; Domain=.plurk.com; Expires=Sun, 04-Jul-2021 10:50:22 GMT; Max-Age=1296000; Secure; HttpOnly; Path=/
cf-ray: 661c32335e7e9796-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac57db41600009796d0089000000001

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 51C3 235 KB
85 KB 36ms
36ms Script
application/javascript 65.9.77.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 07:57:27 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-C1
etag: W/"60af50e7-3ac4b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-id: NaC_PcpjuERGUtzVUkWhDl9BM6GVM9AO0YF0k0RcdRCh3xZKesNtUQ==
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
expires: Sat, 19 Jun 2021 16:48:37 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-53436-7&cid=346149026.1624099823&jid=638697151&gjid=2041549214&_gid=483302469.1624099823&_u=IAhAAEAAAAAAAC~&z=1939160151

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 19 Jun 2021 10:50:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-53436-7&cid=346149026.1624099823&jid=638697151&_u=IAhAAEAAAAAAAC~&z=1207604891

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-53436-7&cid=346149026.1624099823&jid=638697151&_u=IAhAAEAAAAAAAC~&z=1207604891

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 rum Show response
www.plurk.com/cdn-cgi/ 0
165 B 12ms
11ms XHR
text/plain 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.plurk.com/cdn-cgi/rum?req_id=661c32281ac6c27c

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.plurk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: plurkcookiea="e1JzA8fqLx83k2/l+1mv7q4ccos5MM7vGtDJyrmkKOc=?from_url=Ii9wL29lOG01MCI=&invitation_from_uid=MTQ4MDc2MzQ="; _ga=GA1.2.346149026.1624099823; _gid=GA1.2.483302469.1624099823; _gat=1
content-length: 10419
:path: /cdn-cgi/rum?req_id=661c32281ac6c27c
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.plurk.com
referer: https://www.plurk.com/p/oe8m50
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.plurk.com/p/oe8m50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 661c3233bea59796-FRA
vary: Origin

GET
H3-29 200 container.html Show response
67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 624B 6 KB
3 KB 20ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 19 Jun 2021 10:50:22 GMT
expires: Sun, 19 Jun 2022 10:50:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Sat, 19 Jun 2021 10:50:23 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 41ms
21ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061503&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1dbbbbe529d7876846f26a7a47d9146f510a5ad22f6a71db96442c76a9f8d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 10:50:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8429
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B583 624 B
592 B 21ms
20ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCUxZeTAhiVzrCtATAB&v=APEucNUWKSwyc-QSk2CX754iOq8jUaFtGZ-NKIUcbcoYnpspYlVDc7ock1_7pV-qAx_JO0ItYfdKjipxaGIsX8SSvQtXwCD2897BHnWFyo-fAZo9hRBVUy-hydXOhZotkQLCUZgykpXQHZcijPr0cloTnhVzpOdI-oM0xo97Pc4m6yfnUqzEv-A

Requested by

Host: 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
URL: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COD5IRCUxZeTAhiVzrCtATAB&v=APEucNUWKSwyc-QSk2CX754iOq8jUaFtGZ-NKIUcbcoYnpspYlVDc7ock1_7pV-qAx_JO0ItYfdKjipxaGIsX8SSvQtXwCD2897BHnWFyo-fAZo9hRBVUy-hydXOhZotkQLCUZgykpXQHZcijPr0cloTnhVzpOdI-oM0xo97Pc4m6yfnUqzEv-A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 19 Jun 2021 10:50:23 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkFlF513AIRevby_5-y_Lo-sFTNM5CV4pwy4YCTgoOd_h7dXGwIjhCh1QMS; expires=Thu, 14-Jul-2022 10:50:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Jun 2021 10:50:23 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 624B 58 KB
24 KB 50ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cn9E5qVkJjG-UMvCmZXZOhvIGXWPgopJTrD9sp_JHZtoRvAxxFK9Ie_YHKgKKrTy7rMJpid_ZhI1si2oVlfsh33bJmd13IEBKFrJecrlHm9D3chAOK_ZHRPs7FeJa5frMzNI7SMZqjeABiedhFBd5nuqONvA&dbm_d=AKAmf-CpzRXrvU7HrWgvmarhaSrSg3zpvMZWYI_T18p5w4ZEx847B0vrU1oOvJ3a2edjQvhZWfzStj3ygsfcoGI3KdqF9iQNmH5wzkroLdkmXo9M4pWlISW-sFQwqXGOjO5fS4glWBMU2vgwUkXodpnButpCQz7gYTRX8dnuzlcf2qlEhbbrD26wjat285_s42iI9V8Hmf9OqZQK5qfCcxtyn0S05qIP_sMnKnJLK2EyIHvrm4EzgVDTB3Rtulfg-TJ9dgesObgy8bpLB3YKNIqRAMdnlTBwGOwd8aGCNpKW2ZYO1OS1uD1L8dOZqx_9CDEhTgBDMJjy7G3Pu4QxyCH5tzrtQGpoD-nHTBnOnjXbB0ATZEqsubcH21U78wnrBexrWik4imjmbK_DEm7JGS4fNGxl7nAKGqOoeY7DdUOuWacJGZ-nYJf1miOTgdQXhit0KBrGGcHMXoPkTj9QD1fDnLTz_EjEwlAaDSuIG3C6MN6agCi5xdKqUt4Q3bkHwweNEhQD3tvTl7Zn9-nA7VRcHfbYqK438VzwRVwhuDqRbxRMPnS3uJlvqckfrq4CMf6syp18DV4QGdCeUROOdvr4W_Q6s2b1DqWyLm8RDdcBLACZkY2sgLHMuzEorG47wl2EY0MMx87TqiyTTAYBxusXKaTzy1RawMfiP2Hi-Rr23W2IxVambgKm5XKCpUH1qcmq_8PIHCK92pyPESrWcHzeAkSAvDhWHdNTmW1NGmQgBskqh5vQLFbFa_XSp_DOmD3x7klDzNbXmq6kaV4jQ14orFlNn88pBF6kR6yOa_EPE1qJD7i85XjczgBz1qUvYjt7mRYOIXDrnWuhEIcnGRmNXl3RTOAtGck_NJj9YO3Jy8iSqfoVn0p5qK92hfxxtJdIJP4T2e8pDvL2d5UUhSZYqXQPTKfyp53aX_zOeL6ngwI8DDG8ido6He6EkI1ThgUaQF9oFAbFJr5Knj76acZcbvz-xeSGCV5CAA5XwW8_o4noVrZrcXSediZAoiyzdMOUluo8fBJUR4lLNo_nQZqRkc2CqOogeVUO-KZSn7_GuHDVTYf5ePmk_PzlRZoYqtbme5G6xiJDCNZ640ylroFJg4oVSrzzeKU4UVYbrLiO-t9vpPBjvhItCOju1PlPuIhYcPP_333SeMGoOv7A15fUzVpd6DEGnfcGD_sxRcS7nY7eTjoXknxGdZUVMzb_nVV7WwleB0BDrjspc09ripRHYM6n4aQyYy2BK3B41nlLtmjxtJ1xnqJOnSQNqFcROmrS5jFBzNcCbD87rQOhc2dqTXcqmxj7gO-90dlGuUv068i5ci7fc4o5d6fysgdid2CYRM2XhUjLiY_9YIZCecvA1V1APTSYFEGE9LKJa-oOhz-B_RDNdw6sulBt_C4SzDn92iYBN5JZ6fAfa71ToOOQTawTkLrHcNrkxPppBy9aLnBnkGMuS1rMDVyXU2Jt20qTGcTx7jWce04oa_opXK2UtBiGS6dpbKCC0UGlYZGizb5xQk9YX6cV90zwqtgOAUOze0yFtvryvODg6p4KUU4bleA_l7YjX-HqVIkk20n0LEn7Yqfqk1cLqSMZ7IO40tkJ0TdHlw242NhlsDMANBEZDJdLysfgQvSHyzZq7gxGxiR7h9ki1mnGnle3S5Oz-AcO306qEPAbJFK8hXlLBX1YJuOn6gs8a869riIvw2g0HgCvH0Rdh8Q_E8FPHLEg05Yd2219X2haGs8nTZbwWuuLmHudzy109_wozyj3If-lYsC73tsA-_hm9m_0Gh_7V1vVe5ChUsegozkBPhJDVnddrSQPSxdKhldKV18r9AjLcSZMi-fYQDjjb4nhZkNm9r9RXaLDg4xC0JhTjEjDaF3VmxKRKpFMhNqsxQcF9dRZZP4wAT2cbh8FdD9Jhrp95-bR7d5lDyjBGC2YD3YqvvKc0bJd9pdSqWd40PsInMsswoEjne5WcQgWuTeCWYDmbga4acyhflgO8mVchn3FFgbjj6ZKjMLfCYYVlPDfuNJjCRUOvtBvqwLvUiOIHzK3UM4yLeuOXvsl-EBr57Efb-6xE7JL4dK1x3SSWYlTojLa6g7hdWYmLdBam4QBk5Qn6RcRpJWs-SbF8vIOTnGoP9VyktRKcL5Zo1L0mba7mcw4THt_5mUyqu06W4zHBgy3qNpX15GwGI_xkH26peSJy6CtsyJvRxo_umZkpPTTT_htR2F1pOL9vgc6A0MqRK26rmqHhn7HBAgSr1xQ5Vui_MfSq5RB3MHpFEaIPJlh14P5_q1peksKkbW5bewyBMLK7lYWGA3Lf2PoRjXOs_VySEsbITL9GZtZRk9WdJ_7AXVOVlSerohX89KORvgq5YcumEOVpg72GDsYnUDIXpXPxwbrClS8nQxchzgkPUXgSOeRS_AiFJ1utHH5a-E0XV5ev3dOc-Hpi0LGo0jTXD3QBGSst87Tg-gwp8NcCllWdjjQ6QsYrQsVjpi-Zhs5LAastGu24z90SmnzzZmy1TtPFJ_qFs7cP0DbYfYeFhcpyR7Ml22-xKG0HdpTW5k1t4Q0733kpUTH14zpz-vH-w6Pfnzh4OeQu4moatj4D9SX4s2oZpTE3SnQagQp4SU22L-X_706txH0f5YKYYqfdYr-OB_wnIUiFRU6MAzLP_1eKKPUk4A9DcB4p86YDJp45G6SaFnaq9fmkgUEvEwhGf3yTZPH1PXI5Ggsv-Hc-S7tFeY45ecItKUEZ-nZo_JVg4oklM5yLxrXrQeyIhYjOGvptIRxaxc1JhmAU0rBYIAUcQOkFVj75V6certGWZTBnip3bdpsbxuEKUt7xNgxE0579uTE4GNruLo9ZjqCvOJJG3PBE1PBU9R6MFGdzEWR-laPa7jzR_fIT06Mad5k6jQRY21M9QLala3ZgCCmS7HortJ5WSHOuyD5Y7F7auiM26BvQNAPMYH35X3IMYJ7trJUBP5vK6LziIgnbH57tZ3QDt-cDZVnwfF62oNRhy3vUfQQKJymahEbxcAYgJYaYQAvM0nb3zSbhbie2Co87FW1vYy10cKCg1t2B3dMlMjWn-NxrUUZDNE2XUI7taYUyB4rPVa7-n0LO7TEVg9wfl0ocrZFQeO2qsTrOk2FieMcvdjBPVQM2ElBHCAiP_VzYZxiPRoBJuMZmYoDYWWIykniaWseBI8ZTWCOXj5K5TkMAavscmd51n7ORiSfSHhM-zqSKArED_kjgsNcZfA4OaYDGFZiiuhUG-bjf-GasJyJCFRpeOX1CUJMJnuF&cid=CAASFeRo8EmXUwxHrBjwmwKuiyDRLmkeag&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a800f051cbfa60ca9a00693feedee0faa1f87d1f95f92c92bc84cccd083cb52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24176
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 624B 42 B
515 B 59ms
38ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CSMIjPJXJHHsmNSY_Bm01kXvAfNf7Ynu_haDDscUAR_ks8NjA6j34GRlOcCGSchjjT76Mj0RwvbTxr-Vqzdw1rWYgp3-uQvnAg12rPt_njkXoeQLo

Requested by

Host: 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
URL: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 624B 3 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
URL: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jul 2021 10:48:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 624B 122 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
URL: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sat, 19 Jun 2021 10:50:23 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 624B 13 KB
6 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
URL: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jul 2021 10:38:28 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 624B 0
0 23ms
21ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMloK1pC8osoxWUrYRG_eulFweDrbgdWs8opshE9jMd82xGR4b4Z3FMkM-QUVUJAI7McEXPuD7lCNqCaL7XvY2v3FI6A
Requested by: Host: 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
URL: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 19 Jun 2021 10:50:23 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B583
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIhKHPWfvogbig9Ww7yPd8&google_cver=1

43 B
1014 B

29ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIhKHPWfvogbig9Ww7yPd8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCUxZeTAhiVzrCtATAB&v=APEucNUWKSwyc-QSk2CX754iOq8jUaFtGZ-NKIUcbcoYnpspYlVDc7ock1_7pV-qAx_JO0ItYfdKjipxaGIsX8SSvQtXwCD2897BHnWFyo-fAZo9hRBVUy-hydXOhZotkQLCUZgykpXQHZcijPr0cloTnhVzpOdI-oM0xo97Pc4m6yfnUqzEv-A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Jun 2021 10:50:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 19 Jun 2021 10:50:23 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIhKHPWfvogbig9Ww7yPd8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B583
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YM3L75mSYZfwi-W6PayXAwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKX9mfVmm8bPn7779Xn8dg&google_cver=1

43 B
894 B

13ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKX9mfVmm8bPn7779Xn8dg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCUxZeTAhiVzrCtATAB&v=APEucNUWKSwyc-QSk2CX754iOq8jUaFtGZ-NKIUcbcoYnpspYlVDc7ock1_7pV-qAx_JO0ItYfdKjipxaGIsX8SSvQtXwCD2897BHnWFyo-fAZo9hRBVUy-hydXOhZotkQLCUZgykpXQHZcijPr0cloTnhVzpOdI-oM0xo97Pc4m6yfnUqzEv-A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Jun 2021 10:50:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 19 Jun 2021 10:50:23 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKX9mfVmm8bPn7779Xn8dg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B583
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAmmpqBwMd_s965DI_YQ_gM&google_cver=1

43 B
1 KB

7ms
7ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAmmpqBwMd_s965DI_YQ_gM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCUxZeTAhiVzrCtATAB&v=APEucNUWKSwyc-QSk2CX754iOq8jUaFtGZ-NKIUcbcoYnpspYlVDc7ock1_7pV-qAx_JO0ItYfdKjipxaGIsX8SSvQtXwCD2897BHnWFyo-fAZo9hRBVUy-hydXOhZotkQLCUZgykpXQHZcijPr0cloTnhVzpOdI-oM0xo97Pc4m6yfnUqzEv-A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Jun 2021 10:50:23 GMT
X-Proxy-Origin: 195.181.174.89; 195.181.174.89; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.87:80
AN-X-Request-Uuid: d89310e4-b4ac-4cf0-820a-99a23e297185
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAmmpqBwMd_s965DI_YQ_gM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B583
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY3MzA3ODI0ODU5MDg2ODU4Nw%3D%3D

170 B
243 B

19ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY3MzA3ODI0ODU5MDg2ODU4Nw%3D%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Jun 2021 10:50:23 GMT
X-Proxy-Origin: 195.181.174.89; 195.181.174.89; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.102:80
AN-X-Request-Uuid: 372eb94f-bf18-4290-a9bd-a9bcae4b0d1e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY3MzA3ODI0ODU5MDg2ODU4Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame EDD8 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 19 Jun 2021 10:48:35 GMT
expires: Sun, 19 Jun 2022 10:48:35 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 22E4 783 B
533 B 16ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a64fd7517191bb403d55ef715b79a4edefb1271fe34cd1c13d1f45dfc0025faf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HeV9IwjSPXGcz5yLg0WoIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

expires: Sat, 19 Jun 2021 10:50:23 GMT
date: Sat, 19 Jun 2021 10:50:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-HeV9IwjSPXGcz5yLg0WoIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 624B 111 KB
39 KB 30ms
5ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 14:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 14:57:31 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/ Frame 624B 8 KB
3 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cn9E5qVkJjG-UMvCmZXZOhvIGXWPgopJTrD9sp_JHZtoRvAxxFK9Ie_YHKgKKrTy7rMJpid_ZhI1si2oVlfsh33bJmd13IEBKFrJecrlHm9D3chAOK_ZHRPs7FeJa5frMzNI7SMZqjeABiedhFBd5nuqONvA&dbm_d=AKAmf-CpzRXrvU7HrWgvmarhaSrSg3zpvMZWYI_T18p5w4ZEx847B0vrU1oOvJ3a2edjQvhZWfzStj3ygsfcoGI3KdqF9iQNmH5wzkroLdkmXo9M4pWlISW-sFQwqXGOjO5fS4glWBMU2vgwUkXodpnButpCQz7gYTRX8dnuzlcf2qlEhbbrD26wjat285_s42iI9V8Hmf9OqZQK5qfCcxtyn0S05qIP_sMnKnJLK2EyIHvrm4EzgVDTB3Rtulfg-TJ9dgesObgy8bpLB3YKNIqRAMdnlTBwGOwd8aGCNpKW2ZYO1OS1uD1L8dOZqx_9CDEhTgBDMJjy7G3Pu4QxyCH5tzrtQGpoD-nHTBnOnjXbB0ATZEqsubcH21U78wnrBexrWik4imjmbK_DEm7JGS4fNGxl7nAKGqOoeY7DdUOuWacJGZ-nYJf1miOTgdQXhit0KBrGGcHMXoPkTj9QD1fDnLTz_EjEwlAaDSuIG3C6MN6agCi5xdKqUt4Q3bkHwweNEhQD3tvTl7Zn9-nA7VRcHfbYqK438VzwRVwhuDqRbxRMPnS3uJlvqckfrq4CMf6syp18DV4QGdCeUROOdvr4W_Q6s2b1DqWyLm8RDdcBLACZkY2sgLHMuzEorG47wl2EY0MMx87TqiyTTAYBxusXKaTzy1RawMfiP2Hi-Rr23W2IxVambgKm5XKCpUH1qcmq_8PIHCK92pyPESrWcHzeAkSAvDhWHdNTmW1NGmQgBskqh5vQLFbFa_XSp_DOmD3x7klDzNbXmq6kaV4jQ14orFlNn88pBF6kR6yOa_EPE1qJD7i85XjczgBz1qUvYjt7mRYOIXDrnWuhEIcnGRmNXl3RTOAtGck_NJj9YO3Jy8iSqfoVn0p5qK92hfxxtJdIJP4T2e8pDvL2d5UUhSZYqXQPTKfyp53aX_zOeL6ngwI8DDG8ido6He6EkI1ThgUaQF9oFAbFJr5Knj76acZcbvz-xeSGCV5CAA5XwW8_o4noVrZrcXSediZAoiyzdMOUluo8fBJUR4lLNo_nQZqRkc2CqOogeVUO-KZSn7_GuHDVTYf5ePmk_PzlRZoYqtbme5G6xiJDCNZ640ylroFJg4oVSrzzeKU4UVYbrLiO-t9vpPBjvhItCOju1PlPuIhYcPP_333SeMGoOv7A15fUzVpd6DEGnfcGD_sxRcS7nY7eTjoXknxGdZUVMzb_nVV7WwleB0BDrjspc09ripRHYM6n4aQyYy2BK3B41nlLtmjxtJ1xnqJOnSQNqFcROmrS5jFBzNcCbD87rQOhc2dqTXcqmxj7gO-90dlGuUv068i5ci7fc4o5d6fysgdid2CYRM2XhUjLiY_9YIZCecvA1V1APTSYFEGE9LKJa-oOhz-B_RDNdw6sulBt_C4SzDn92iYBN5JZ6fAfa71ToOOQTawTkLrHcNrkxPppBy9aLnBnkGMuS1rMDVyXU2Jt20qTGcTx7jWce04oa_opXK2UtBiGS6dpbKCC0UGlYZGizb5xQk9YX6cV90zwqtgOAUOze0yFtvryvODg6p4KUU4bleA_l7YjX-HqVIkk20n0LEn7Yqfqk1cLqSMZ7IO40tkJ0TdHlw242NhlsDMANBEZDJdLysfgQvSHyzZq7gxGxiR7h9ki1mnGnle3S5Oz-AcO306qEPAbJFK8hXlLBX1YJuOn6gs8a869riIvw2g0HgCvH0Rdh8Q_E8FPHLEg05Yd2219X2haGs8nTZbwWuuLmHudzy109_wozyj3If-lYsC73tsA-_hm9m_0Gh_7V1vVe5ChUsegozkBPhJDVnddrSQPSxdKhldKV18r9AjLcSZMi-fYQDjjb4nhZkNm9r9RXaLDg4xC0JhTjEjDaF3VmxKRKpFMhNqsxQcF9dRZZP4wAT2cbh8FdD9Jhrp95-bR7d5lDyjBGC2YD3YqvvKc0bJd9pdSqWd40PsInMsswoEjne5WcQgWuTeCWYDmbga4acyhflgO8mVchn3FFgbjj6ZKjMLfCYYVlPDfuNJjCRUOvtBvqwLvUiOIHzK3UM4yLeuOXvsl-EBr57Efb-6xE7JL4dK1x3SSWYlTojLa6g7hdWYmLdBam4QBk5Qn6RcRpJWs-SbF8vIOTnGoP9VyktRKcL5Zo1L0mba7mcw4THt_5mUyqu06W4zHBgy3qNpX15GwGI_xkH26peSJy6CtsyJvRxo_umZkpPTTT_htR2F1pOL9vgc6A0MqRK26rmqHhn7HBAgSr1xQ5Vui_MfSq5RB3MHpFEaIPJlh14P5_q1peksKkbW5bewyBMLK7lYWGA3Lf2PoRjXOs_VySEsbITL9GZtZRk9WdJ_7AXVOVlSerohX89KORvgq5YcumEOVpg72GDsYnUDIXpXPxwbrClS8nQxchzgkPUXgSOeRS_AiFJ1utHH5a-E0XV5ev3dOc-Hpi0LGo0jTXD3QBGSst87Tg-gwp8NcCllWdjjQ6QsYrQsVjpi-Zhs5LAastGu24z90SmnzzZmy1TtPFJ_qFs7cP0DbYfYeFhcpyR7Ml22-xKG0HdpTW5k1t4Q0733kpUTH14zpz-vH-w6Pfnzh4OeQu4moatj4D9SX4s2oZpTE3SnQagQp4SU22L-X_706txH0f5YKYYqfdYr-OB_wnIUiFRU6MAzLP_1eKKPUk4A9DcB4p86YDJp45G6SaFnaq9fmkgUEvEwhGf3yTZPH1PXI5Ggsv-Hc-S7tFeY45ecItKUEZ-nZo_JVg4oklM5yLxrXrQeyIhYjOGvptIRxaxc1JhmAU0rBYIAUcQOkFVj75V6certGWZTBnip3bdpsbxuEKUt7xNgxE0579uTE4GNruLo9ZjqCvOJJG3PBE1PBU9R6MFGdzEWR-laPa7jzR_fIT06Mad5k6jQRY21M9QLala3ZgCCmS7HortJ5WSHOuyD5Y7F7auiM26BvQNAPMYH35X3IMYJ7trJUBP5vK6LziIgnbH57tZ3QDt-cDZVnwfF62oNRhy3vUfQQKJymahEbxcAYgJYaYQAvM0nb3zSbhbie2Co87FW1vYy10cKCg1t2B3dMlMjWn-NxrUUZDNE2XUI7taYUyB4rPVa7-n0LO7TEVg9wfl0ocrZFQeO2qsTrOk2FieMcvdjBPVQM2ElBHCAiP_VzYZxiPRoBJuMZmYoDYWWIykniaWseBI8ZTWCOXj5K5TkMAavscmd51n7ORiSfSHhM-zqSKArED_kjgsNcZfA4OaYDGFZiiuhUG-bjf-GasJyJCFRpeOX1CUJMJnuF&cid=CAASFeRo8EmXUwxHrBjwmwKuiyDRLmkeag&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jul 2021 10:47:24 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame 624B 22 KB
8 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8638
x-xss-protection: 0
server: cafe
etag: 15675381762197352129
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jul 2021 10:45:24 GMT

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame EDD8 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 10:47:50 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 624B 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
URL: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 02:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 02:29:46 GMT

GET
DATA 200
OK truncated
/ Frame 624B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3940bebbb7199407b2f6710c5c1484fcd111b9ae4e04b565367d4c4d39b9c0e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 68ms
22ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1455
date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 51C3 108 B
499 B 16ms
14ms XHR
application/json 65.9.77.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 754f6a663422e4ab9d3b26427d2ff42e941d9a7d7c1fa02181a17f6768d425aa

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 19 Jun 2021 10:46:10 GMT
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
last-modified: Fri, 18 Jun 2021 19:16:07 GMT
server: nginx/1.12.1
age: 253
etag: "60ccf0f7-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: 3_k9hUF8rkMgUftHfGOzco6Mh5IXkM7-jxyFI3qAL_pdKAIKMYzf0w==
expires: Sat, 19 Jun 2021 13:46:10 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 51C3
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=j25ew3xyWXdiMm5pQXYxR1d4S21VcjlHME01aXpxK1Y1OEJxQ0lXVkV2TC9OZHNXOGVlRlJCQUlvMW9BOVNjdzE4OXV4U1JmaFgySzFRSm5TMWtDb2xhTjBWMnpOelBsTTdDb0NQMHVoTUVkMmhlcUFtem1TeVNRRDdxNG...

345 B
631 B

51ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=j25ew3xyWXdiMm5pQXYxR1d4S21VcjlHME01aXpxK1Y1OEJxQ0lXVkV2TC9OZHNXOGVlRlJCQUlvMW9BOVNjdzE4OXV4U1JmaFgySzFRSm5TMWtDb2xhTjBWMnpOelBsTTdDb0NQMHVoTUVkMmhlcUFtem1TeVNRRDdxNGlYNml6NWVWcHV1dURIc09RSk9VeTByT09PWVpaZTZOSHlBa0tKUlB0ZUlSaWtwVEJuUVgzRWExQ0tlVlUrMkk1VzBaRjNiZmo4eTVYS0o1MXZwNVJwS0wwNlhwdzQ1QnlvYnFIUkNMSVlMQXhMdnZONTZzPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f3de680a043d71c082ec710445ca27567bb44ec53c8a8aa888d8b8fe92a269c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 19 Jun 2021 10:50:23 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2154
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 19 Jun 2021 10:50:23 GMT
location: https://mug.criteo.com/sid?cpp=j25ew3xyWXdiMm5pQXYxR1d4S21VcjlHME01aXpxK1Y1OEJxQ0lXVkV2TC9OZHNXOGVlRlJCQUlvMW9BOVNjdzE4OXV4U1JmaFgySzFRSm5TMWtDb2xhTjBWMnpOelBsTTdDb0NQMHVoTUVkMmhlcUFtem1TeVNRRDdxNGlYNml6NWVWcHV1dURIc09RSk9VeTByT09PWVpaZTZOSHlBa0tKUlB0ZUlSaWtwVEJuUVgzRWExQ0tlVlUrMkk1VzBaRjNiZmo4eTVYS0o1MXZwNVJwS0wwNlhwdzQ1QnlvYnFIUkNMSVlMQXhMdnZONTZzPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1822
content-length: 482
expires: 0

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 51C3 0
285 B 1194ms
297ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9044853800035695
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 19 Jun 2021 10:50:24 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 51C3 0
323 B 462ms
148ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7844B6A6EAE2406AB34AB2A734EE&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&fp=undefined&eids=&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=ce9cbabf-20ef-4c1d-ab81-e6f33b0ad780&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 19 Jun 2021 10:50:23 GMT
access-control-allow-credentials: true
connection: close

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 51C3 0
176 B 765ms
258ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 19 Jun 2021 10:50:23 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST bid
ad2.apx.appier.net/v1/prebid/ Frame 51C3 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 51C3 0
187 B 54ms
18ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0-pre&cb=22400300776
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 19 Jun 2021 10:50:22 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 51C3 0
219 B 770ms
255ms XHR
text/html 175.41.232.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1624099822664&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.232.18 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-232-18.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 19 Jun 2021 10:50:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK videoad.aspx Show response
bw.scupio.com/adpinline/ Frame 51C3 74 B
958 B 1431ms
533ms XHR
text/xml 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/videoad.aspx?cb=0.6739180620380962
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.91
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d

Request headers

Accept: application/json, text/javascript, */*
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 19 Jun 2021 10:50:23 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 185

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 54F9 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 18 Jun 2021 11:12:13 GMT
expires: Sat, 18 Jun 2022 11:12:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 85090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
s0.2mdn.net/10326444/1623847087840/ Frame 3D6F 124 KB
24 KB 20ms
7ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10326444/1623847087840/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92d73c211708864aea2905711f46add8be4317050db77ab793ac310f75f2d79d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /10326444/1623847087840/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 24734
date: Fri, 18 Jun 2021 14:59:45 GMT
expires: Sat, 19 Jun 2021 14:59:45 GMT
last-modified: Wed, 16 Jun 2021 12:38:07 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 71438
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 624B 0
592 B 94ms
56ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugk_b7HIAdz39fS0ulmEAFGgGRo-2MewX6TEJQ2hIHnOzKsJnQTC45kuMbV5Eh4fGut-ZUJL4KWnF0AteGe0ZyxAA0VD8RVa2zFkfSbhm0VXWqcyzzBYV8Dlepix01pynALigSMXkRJ31tHr8JifLpl3ZNAi3MZa0Gd7td0LwgFrvxyTWl8ssUO3KiN_ZIObTqqY09fi8doM-OlkxAQ8jUg1HAP3cDl532UEvCn4U0AawF2NhuVTVNIfwvdpuDtEudP8Ox3F9OcuhA0lLG13D3RIlqIstfQWLd7fdonVABR5EtVQlX1CeoVDfR6SnVq8K9uPxCbTWHt01YidkusxT3cRg6uUm_siHgdom8CC3fNqk5V7xIiQL46f1TP4uPi_NgDhxr8LRFiKPg9uS2eTr8HWbF0WaVK5YPF4sc8O_9uFlJ6Urq4PGahbDksayTPvq8q2JQIPmQid6I2-nH0QIzwYP71VOxNhK6bIR48YVsPj_p90WeBgozd9hQJF_ElI_y-dVhboiaxt2od4FremnfkfZ0knGA2Y5ogWAIKEvh3YC_F1WZJ-ba65vi3RIR99GFV4GJa95jlMNqzqvaQAGiZVDK7WpC3D-yjvqdQRipBDoNOPOPQY03WOg9RYbHW8-upBNxqLeBgVQ5aTBUPdB1B_oBsUFUIPirxvIJLIMKAMKt-cHIbKvKp5j2ISaO0LMQHUqVInldwIWN4il8r-6gK9o9UoS3IxZl_TB78IMcu5FRHnAcRXKzA470-7f5zrqikQpeWwqB9ZUExLzetQ7JlfHQYeNSH0s9rGVW4W_UyNLU9pQTgdFzlbGX2--SHiPLh_S4IXp8l6-sN3Uot9im32nCtW5inwYxdarVSjOuvh-yYA-LHTRZYmbfrwD5odaSytQWqVkPq4m_7LWXOzaGPcG08-0XGRhIemL9bKDwQfOkKW6ztyOU7HHYiZjZjOdyZNH8JiIC8DCJrIyfERLcm8QJ9s6pCM2wNydTgsu2kegESfIiDRS-xFMZe3yKFdAPlJSq-efjiKPtDbsJ1FM6ycQHcBTAv2_6wI0qg6tYNbvzNwY_F65r4j6lbDna347P2I3OAdfw2pqggve7y04oDh8NxWNlNrch7XYKxvYgkXIJHl-f7VjVAreJ1DntkYliYEjx4z12GKG7x2nCGfZmNPnovc0KY7zha2UjhfySRJTPdU05Ct0S4-k&sai=AMfl-YS2SxIAJ6-rb7cU0crHjdzhMxjzmz3gQ5AojzNxE-wueCkJa9Ys_-oZXI6GUJ9CE5UsNJHAJCODpEsnDzWTgQErBkptyeIwl-W6z_mm7iIeVLm8JOAqVhtYEfZMAh0s9j2eUZBu3ptdAT2X9BpV4jrV0IjI2R-RYWyJ-UU&sig=Cg0ArKJSzPsWHaRqjhqOEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=119&cbvp=1&cstd=117&cisv=r20210616.26179&adurl=

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 19 Jun 2021 10:50:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 624B
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=8387be89&atb_dcaid=0621-petfeeder&atb_dpuid=adlicious
https://d.adtriba.com/px.gif

42 B
227 B

8ms
8ms

Image
image/gif

3.124.222.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
URL: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.222.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-222-92.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 10:50:23 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Sat, 19 Jun 2021 10:50:23 GMT
Last-Modified: Sat, 19 Jun 2021 10:50:23 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame 54F9 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 10:47:50 GMT

GET
H3-29 200 DcmEnabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 3D6F 28 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10326444/1623847087840/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10326444/1623847087840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 09:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jun 2021 09:08:52 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 624B 0
23 B 73ms
51ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 10:50:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 50ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 998
date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3-29 200 pfeile.svg
s0.2mdn.net/10326444/1623847087840/ Frame 3D6F 398 B
296 B 17ms
15ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1623847087840/pfeile.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2678820a32abe006e68d2230c138ede900f1017557edc432855710369eec7601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10326444/1623847087840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 14:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 12:38:08 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 19 Jun 2021 14:59:45 GMT

GET
H3-29 200 CTA.svg
s0.2mdn.net/10326444/1623847087840/ Frame 3D6F 5 KB
2 KB 16ms
14ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1623847087840/CTA.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d6806a87630af547e3857d4fc9c4c165144c3ae7a71286ac9524fa58dfa809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10326444/1623847087840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 14:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1690
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 12:38:08 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 19 Jun 2021 14:59:45 GMT

GET
H3-29 200 MEDION_weiss_auf_cyan.svg
s0.2mdn.net/10326444/1623847087840/ Frame 3D6F 3 KB
1 KB 16ms
14ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1623847087840/MEDION_weiss_auf_cyan.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208e860ae7efdfaeeaac23eaab94869818dc1746c8f8777c28a38e5f4dd9e0dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10326444/1623847087840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 14:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1155
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 12:38:08 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 19 Jun 2021 14:59:45 GMT

GET
H3-29 200 Stemple.png
s0.2mdn.net/10326444/1623847087840/ Frame 3D6F 7 KB
7 KB 15ms
14ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1623847087840/Stemple.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9dc75d591768ec80974bb193f348238ab857f8b70112caeb87a6e886c32b754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10326444/1623847087840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 14:59:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 16 Jun 2021 12:38:07 GMT
server: sffe
age: 71438
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7422
x-xss-protection: 0
expires: Sat, 19 Jun 2021 14:59:45 GMT

GET
H3-29 200 Subheadline.svg
s0.2mdn.net/10326444/1623847087840/ Frame 3D6F 26 KB
6 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1623847087840/Subheadline.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b4be6024c6e344a5babd9bc51ace9b5f8f010b3dbf4d256e3f2eaaa6fb4543a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10326444/1623847087840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 14:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6166
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 12:38:08 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 19 Jun 2021 14:59:45 GMT

GET
H3-29 200 Headline.svg
s0.2mdn.net/10326444/1623847087840/ Frame 3D6F 8 KB
2 KB 13ms
11ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1623847087840/Headline.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45d0779e032c66bcc82279563e6d746607c7514dd8d30f237ed79f9565e1ff0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10326444/1623847087840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 14:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2229
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 12:38:07 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 19 Jun 2021 14:59:45 GMT

GET
H3-29 200 Produkt.png
s0.2mdn.net/10326444/1623847087840/ Frame 3D6F 6 KB
6 KB 12ms
10ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1623847087840/Produkt.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9690509d3f25e78b4293e66a4f011c1b78b3c6478a12ea3b2488b2812c91c002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10326444/1623847087840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 14:59:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 16 Jun 2021 12:38:08 GMT
server: sffe
age: 71438
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5851
x-xss-protection: 0
expires: Sat, 19 Jun 2021 14:59:45 GMT

GET
H3-29 200 BG.png
s0.2mdn.net/10326444/1623847087840/ Frame 3D6F 22 KB
22 KB 10ms
8ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10326444/1623847087840/BG.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c26435446acf60bbf10a976abadd562cb3cf5e217126a39594f4dc03f911c1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10326444/1623847087840/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 14:59:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 16 Jun 2021 12:38:08 GMT
server: sffe
age: 71438
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22175
x-xss-protection: 0
expires: Sat, 19 Jun 2021 14:59:45 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061503&jk=3098883277645461&bg=!NTalNnLNAAZktE7iZLQ7ACkAdvg8Wv_Id8_z6oO-IANKNcdXcqhSxiSvNDyVMHEtpdOpTZISTa1riwIAAABxUgAAABZoAQcKAFFX2bO5uWDRFfTrwBUUdfJJbtKsPTb8fdcg9GUJ8zMi1Vqc1Ad5fkaDgz_kC3f7TlWYaQehphR7JGddTccq0MTe2uLK8o0XvxTRmoxdqkeicNeZAmVzZFHac4C1PGVdPkEWm7NCjyMXdQhD_r6u_gRTV2d0beflKLKK6uyIiMPEy0GC6UK8_NHuyt_EmZYYKCy9kBIHJ6NusbjQSoBQZ27IufNhWNtCftE8BjQK4vcbgxuO1ejzdSpmCymIC964LlAFUzR42wEGzwZ9hhd3TqTgUCXg528ZR98BOSPxz-mubB6h3ybxl2e3f-l54O0JUCEpRzChP5GutDVrXqHT9gD0O6zjFxE-f7eEO8p39SHVXqvjlEipF9lQ3FbC6yDC3c8s6G512993KApjiEYyDnMVQZC7u-U14uapDyTB1Q2kBKVE_sAGyv37IWSM3JCXwQv70tVMlJBQ8-Lz9ObvMcw3zhoSkFFuV0JgASlTrkHJe0IOUwlg64DJa07AwoWJUvDLEqupsKiYJZ4CI__D0b5LwSqi00UvWEpiWAWi-fJma8dlFCXXL6_Y9tXvZtCh5hsUyHntJAMe61pQ3wh8XbKRg-pnupFYyidDZHcOFUYg228vDtl7D77t2eTY0TeXJE5uJc8-fTMdyR2OVZauY1i3zwaF-lHj9MuK1tKk5zx-q4-X3J7mo8L5d4hOeO6iCz61nUiVDM2pqjiHQ6xL4r28RqbMIaaf9R4j_E4W6CTys11lxgxnvZSWAEjTlfgYM_Z4RhIgf2fcBwVIFNfbPJiEwO2B-lczUIa_yWwhm2phxpw3yJEdzmO7DYNTHXmURt_sxESTm_Atd2czfZlYUTaJr-m64LXBo9PUVZ_hC1ol8GzpjCwYIGVIJUonlbRnzZAO9b-vkTTAYgOkd4caUaYSIjtcbqXnrnFz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 54F9 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqcRC78vNYKTtApLD7_UPjfOFoAYAAAAAOAHgBAI&bg=!OjmlOX3NAAZktE7iZLQ7ACkAdvg8WpoW91pJAvF213H-uMNgrdgG_FiUr3vNTBat_GD0K3701eTuvgIAAAB_UgAAAAloAQcKAHQcyEFE2QTPymc4S8eL_SUHv7ev8F975wi6RALk7ayhs622BrkXV6ZJk2irqU_oNHGx7kSbuEPCiC58VZB8lG_RP2o6B6BzuzaxhhLhi6R7A0ixYL472U-PZ3oXpO6KwceBi76UAzEyG6TxRY5MHbtGOHysDZkCtXJ5DEa6FVOI9dimKCozKQ4e6JAnflTS3b4diu43NeD0jaxqxlwFozzgVxz-cRaURyoLgWSMzwHnTg29HiQeOYgbEKnqKgaxsfwLbc0W3lBb67-bNCPcwjrFCHrDDyeI0M4eBexiw3k3tfFQIwRdRuCClMi4tx5ZY01z5z8DUR74SxkRtiqG6oZvyC47HrcbUK7ODa8JVeo_VqOAeu5zqP43uTPsGHTzX83bHUL_xrz6Bcmf2pSmglXhI-z1lOfw4Fl6g6EzZKNTe2u-IVrDpm1AbeXmY3Pi25gmHQqOtidiMNgqUel1Uu6pZPGnLuylDNRNE50e7sNbwYOg1XQB-5W9gawxDo_XnycieUYAskccVvltO4t1PY3dxVz6t8PWaWawNIHJTK89dC7TaiAb6fJ_R-PbBxaqNtYYdky02kJ_7gffBXtFJ6zqrwX0Eo56CsjTX6S7jg7knBZi0DEzONmcN8mJ0qe1YgGAAELY_UFQeAon3ntPIJeJ62DTIl4ztx3Ss4oEyFhz-ERPuPb-qDn67QmQccFWcf0ai_IEP4QMEMJ_uOUKQgdhD6Wkzi9_Y6sRNbDb-X5SE_PMxN8Svs0ua0fdIs6yAaQl1r5XXkKtSA1M-aCmU4pHiJ7iZUH5wkI31OFS2KxAAe8UxkdmevlCCWyDUg3Q3K3HXx5rxoPyvHfO8WaunhcbtFbe1lD72LSCTHgjtn5qbVsCZCwqzpKwPCVYIjoWAcJUY3g7uztJBI_QpuuRGxdJftHTaeS0w4nrWcYBH9NkSpIfZH606dgjz9-_IC_6ddURTj-1TGiq3yPjdh6NpioGzcy_w1S7AG-Ja3dg0KVdCt4gCQmZRveljOX2_f76KNY6ENdX-LGAYNHmNez46zV_xgqanbBDNwJX0dFsEcaOe9I9zoKNYKitfWQTbw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 624B 42 B
64 B 54ms
41ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGbroZMpKbOO3Op12khCGEqmkOXk0eybv1qmaP10TJDvVnNoHqfBgLA5wrPm2v4001uaucH5UdU58s57cQWzCaPPtGeDVY8Yc5ycpvnYGZvLHtpMLW-yyGg2qyyA&sai=AMfl-YRWGH-wGAgUWDT9qVuJzYxI1Q8eR6Y2_VpaO2pn0PigbjB7hs9QdD6pUg4GuLuWq78-liDHCBYm_e42gd0qIrvcR1q8196kbb311VEkyAEltvjLjPaE0HcrjkQX11jl&sig=Cg0ArKJSzFmQafO3hucIEAE&cid=CAASFeRo8EmXUwxHrBjwmwKuiyDRLmkeag&id=lidar2&mcvt=1000&p=102,1005,352,1305&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2862190043&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624099822993&dlt=22&rpt=158&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13567.json Show response
img.scupio.com/js/config/ 374 B
762 B 331ms
330ms XHR
application/json 65.9.77.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/13567.json?v=1.0.3813
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 01db7866b8ed97fd6bb8bb535f5785b404153cc7a7d6ce37d586da98d3593ce4

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 19 Jun 2021 10:50:24 GMT
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
last-modified: Wed, 19 May 2021 02:16:47 GMT
server: nginx/1.12.1
x-amz-cf-pop: AMS1-C1
etag: "60a4750f-176"
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 374
x-amz-cf-id: 7-7GNujG-U47b-WLfrTHpWS5SLuGkTVLMx2jLyZBDFpcW_vEjVwuMg==
expires: Sat, 19 Jun 2021 13:50:24 GMT

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 1E26 35 KB
14 KB 18ms
18ms Document
text/html 65.9.77.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.56
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 3dd06f5770208f248296cdb0ed209a423046889337177f4c0394b220f42c5504

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ad.html?v=1.0.56
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CTA20210619185024705242
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 03 May 2021 06:16:34 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sat, 19 Jun 2021 10:00:24 GMT
expires: Sat, 19 Jun 2021 16:00:24 GMT
cache-control: max-age=21600
etag: W/"608f9542-8d2b"
x-cache: Hit from cloudfront
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 0ZNubCwZzm8U9QfTVkDCGDg6-jin7VTZSnteM5-FhUEopHQHBNn5Bg==
age: 3000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 1E26 95 KB
95 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:10:50 GMT
x-content-type-options: nosniff
age: 2374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97163
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 10:10:50 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 1E26 235 KB
85 KB 20ms
20ms Script
application/javascript 65.9.77.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:22 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 07:57:27 GMT
server: nginx/1.12.1
age: 2
etag: W/"60af50e7-3ac4b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Wv6bQ4XQze_oF1Nmzy1rKEDgSrWD85qBNrihUXtlEKYttyySx6mTxw==
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
expires: Sat, 19 Jun 2021 16:48:37 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 22ms
22ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1416
date: Sat, 19 Jun 2021 10:50:24 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 1E26 108 B
489 B 16ms
16ms XHR
application/json 65.9.77.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 754f6a663422e4ab9d3b26427d2ff42e941d9a7d7c1fa02181a17f6768d425aa

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 19 Jun 2021 10:46:10 GMT
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
last-modified: Fri, 18 Jun 2021 19:16:07 GMT
server: nginx/1.12.1
age: 255
etag: "60ccf0f7-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: Qxab5lcO4zZVk-XxRy1QOQEqLAOeZD2SpE_swSZUA0trpVFRbe3afg==
expires: Sat, 19 Jun 2021 13:46:10 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1E26
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=9nJbGXxUUkRqa1gxS1E5eDlLUG5yTC94STQwdTByRkJnT2tkR3M3ZG8wTVE1cHFadHJpbUNlWGt1dUdtMTRvTjVJUm92ZDkvOUV2TnVienVjbnFzR0JCUVRLbWpvdWI4L0pIOHZ1VjZGNG1nRTJzRmNHQUVoSUM0dHhGUV...

352 B
630 B

19ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=9nJbGXxUUkRqa1gxS1E5eDlLUG5yTC94STQwdTByRkJnT2tkR3M3ZG8wTVE1cHFadHJpbUNlWGt1dUdtMTRvTjVJUm92ZDkvOUV2TnVienVjbnFzR0JCUVRLbWpvdWI4L0pIOHZ1VjZGNG1nRTJzRmNHQUVoSUM0dHhGUVRxOGRLU1BXeWE1U0NWazEreEhxNnp0ajNnVW1IZ2sxWUlmRlExSWF2enFsbWhOMFNlWXZxbkNQZ1RiSlIzRUtUUXBmOHhMUGxkRENYam5JaWxycDVNbkZVV1owckVXZmFYT1hPbmtRT2ErNWI1b0NFbUpzPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e07b2dae8d6087dda1424934f2c237d0baa61acc2e091bfb96521bb23c1a8f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 19 Jun 2021 10:50:24 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2450
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 19 Jun 2021 10:50:24 GMT
location: https://mug.criteo.com/sid?cpp=9nJbGXxUUkRqa1gxS1E5eDlLUG5yTC94STQwdTByRkJnT2tkR3M3ZG8wTVE1cHFadHJpbUNlWGt1dUdtMTRvTjVJUm92ZDkvOUV2TnVienVjbnFzR0JCUVRLbWpvdWI4L0pIOHZ1VjZGNG1nRTJzRmNHQUVoSUM0dHhGUVRxOGRLU1BXeWE1U0NWazEreEhxNnp0ajNnVW1IZ2sxWUlmRlExSWF2enFsbWhOMFNlWXZxbkNQZ1RiSlIzRUtUUXBmOHhMUGxkRENYam5JaWxycDVNbkZVV1owckVXZmFYT1hPbmtRT2ErNWI1b0NFbUpzPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1581
content-length: 482
expires: 0

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 1E26 0
285 B 312ms
312ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.3997502819708214
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 19 Jun 2021 10:50:25 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 1E26 0
187 B 85ms
85ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0-pre&cb=325009182
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 19 Jun 2021 10:50:24 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 1E26 0
176 B 256ms
256ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 19 Jun 2021 10:50:25 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 1E26 0
323 B 354ms
156ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7BE8827732D680EA64BB3A493A78B&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&fp=undefined&eids=&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=e8a987d2-662a-4bff-be23-9aa2bb5a1a1c&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 19 Jun 2021 10:50:25 GMT
access-control-allow-credentials: true
connection: close

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 51C3 83 KB
27 KB 70ms
24ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:25 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Jun 2021 10:50:25 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 17ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1035
date: Sat, 19 Jun 2021 10:50:24 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EC6E 2 KB
2 KB 25ms
24ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.plurk.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2063
set-cookie: uid=aa95190f-d811-4309-b05c-4167be98149f; expires=Sun, 19 Jun 2022 10:50:24 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sat, 19 Jun 2021 10:50:24 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 51C3 83 KB
27 KB 7195ms
7152ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:32 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Jun 2021 10:50:32 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 1E26 2 KB
2 KB 298ms
297ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.18631798277683265
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6c0d76f2d6a01d748045295b03ebda0fcd3ad53b17273d0a11b32a852e8931a5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 19 Jun 2021 10:50:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 1469

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 0E1C 1 KB
1 KB 14ms
13ms Document
text/html 65.9.77.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/html/ad.html?v=1.0.56
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CTA20210619185024705242; gx=H4sIAHE8zmAA%2fxNmYGDg4ua4tGD33kPHbloKsAqxcNgLMAEAz9pGPhcAAAA%3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/html/ad.html?v=1.0.56

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sat, 19 Jun 2021 10:19:43 GMT
expires: Sat, 26 Jun 2021 10:19:43 GMT
cache-control: max-age=604800
etag: W/"583295c9-4dc"
x-cache: Hit from cloudfront
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: T0AnGn_50IrzxQ6__lSfQggmoUwc9L584qzVL1N9gyBR0_1OYW1xsA==
age: 1842

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 7C47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1RBMjAyMTA2MTkxODUwMjQ3MDUyNDI%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGH796dLswPiesZVUfiXLCY&google_cver=1&google_ula=3918219,0

0
551 B

1141ms
282ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGH796dLswPiesZVUfiXLCY&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.59.219.175 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 10:50:26 GMT
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGH796dLswPiesZVUfiXLCY&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame B68F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

23ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/oe8m50
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://img.scupio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 19 Jun 2021 10:50:25 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date: Sat, 19 Jun 2021 10:50:25 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
www.facebook.com/tr/ Frame 7C47 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.56&rl=&if=true&ts=1624099825794&cd[SBST]=25&cd[PuID]=plurk

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 19 Jun 2021 10:50:25 GMT

GET
H/1.1

200
OK

uxid.aspx
rec.scupio.com/recweb/ Frame 7C47
Redirect Chain

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CTA20210619185024705242
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

35 B
581 B

1045ms
284ms

Image
image/gif

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.59.219.175 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 10:50:27 GMT
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: image/gif
Content-Length: 35

Redirect headers

location: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
date: Sat, 19 Jun 2021 10:50:26 GMT
connection: close
content-length: 71
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B68F 31 KB
9 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d64348c94f04929c460d579100546e00a88a168f48ce74772a2bf7dd89e1392f

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 10:50:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 16:13:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81766
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9274
Expires: Sun, 20 Jun 2021 09:33:11 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame B68F 284 B
536 B 33ms
10ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 1E26 83 KB
27 KB 27ms
27ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:25 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Jun 2021 10:50:25 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C313 2 KB
2 KB 28ms
28ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.plurk.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=aa95190f-d811-4309-b05c-4167be98149f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 3536
set-cookie: uid=aa95190f-d811-4309-b05c-4167be98149f; expires=Sun, 19 Jun 2022 10:50:25 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sat, 19 Jun 2021 10:50:25 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 1E26 83 KB
27 KB 23ms
23ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:25 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Jun 2021 10:50:25 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 51C3
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
507 B

124ms
124ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:27 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Sat, 19 Jun 2021 10:50:27 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 51C3 35 B
266 B 301ms
104ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:27 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 1E26 35 B
266 B 311ms
108ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Falls Church, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:50:28 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H2 200 dc_oe=ChMI5KChqMOj8QIVkuG7CB2NeQFkEAAYACCKvPBIQhMIgqaEqMOj8QIVYICDBx233QHU;met=1;&timestamp=1624099833306;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 624B 42 B
515 B 86ms
49ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5KChqMOj8QIVkuG7CB2NeQFkEAAYACCKvPBIQhMIgqaEqMOj8QIVYICDBx233QHU;met=1;&timestamp=1624099833306;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 10:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/v1/prebid/bid

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.plurk.com/	1970-01-19 19:08:19	Name: _gat Value: 1
.plurk.com/	1970-01-19 19:09:46	Name: _gid Value: GA1.2.483302469.1624099823
.plurk.com/	1970-01-20 12:39:31	Name: _ga Value: GA1.2.346149026.1624099823
.plurk.com/	1970-01-19 19:29:55	Name: plurkcookiea Value: "e1JzA8fqLx83k2/l+1mv7q4ccos5MM7vGtDJyrmkKOc=?from_url=Ii9wL29lOG01MCI=&invitation_from_uid=MTQ4MDc2MzQ="

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	log	URL: https://s0.2mdn.net/10326444/1623847087840/index.html(Line 193) Message: GWD-adlib: Running in DCM mode
console-api	log	URL: https://s0.2mdn.net/10326444/1623847087840/index.html(Line 193) Message: WARN: "Google Ad > Exit ad" action was found (use adlib Exit if you plan to host in d3sv). eventTarget=LP-taparea, eventName=action

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

67f3b20151e8e39e40636a1be7c3012f.safeframe.googlesyndication.com
ad.holmesmind.com
ad2.apx.appier.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.plurk.com
avatars.plurk.com
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
d.adtriba.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.aralego.com
ib.adnxs.com
img.scupio.com
imgs.plurk.com
mug.criteo.com
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
rec.scupio.com
s.plurk.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.aralego.com
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.plurk.com
ad2.apx.appier.net
103.132.192.30
104.109.78.125
142.250.184.194
142.250.185.226
142.250.186.34
162.210.196.208
175.41.232.18
178.250.0.157
178.250.0.165
2.18.234.21
2.19.35.65
210.59.219.175
210.59.219.180
210.59.219.181
216.58.212.162
2606:4700::6810:135e
2606:4700::6810:5e41
2606:4700::6811:4503
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c01::9d
2a02:2638::1c
2a02:2638::3
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.222.92
35.201.76.93
37.252.172.250
65.9.77.9
69.173.144.139
01db7866b8ed97fd6bb8bb535f5785b404153cc7a7d6ce37d586da98d3593ce4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1e7d43630a261b51e2a419b892c4fa8aed22dcbc1cfc7e5f8a575771d5fbe67c
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
208e860ae7efdfaeeaac23eaab94869818dc1746c8f8777c28a38e5f4dd9e0dd
2678820a32abe006e68d2230c138ede900f1017557edc432855710369eec7601
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae
3940bebbb7199407b2f6710c5c1484fcd111b9ae4e04b565367d4c4d39b9c0e5
3dd06f5770208f248296cdb0ed209a423046889337177f4c0394b220f42c5504
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116
45d0779e032c66bcc82279563e6d746607c7514dd8d30f237ed79f9565e1ff0b
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49832bd9d6e23a7771e130b7a8c75e669a56e10f6ec88afd6872b9e27218f231
49d706fc3e4dbf7484d9143806e2fe9bde08e4089b678a919019771e7a5c2f4f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e17a8b1a3f28afdc3e192a553e862b827e8c23688433711fd60ccea0539fd56
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
673cb57b8bcbb6394a6b47f190d86077949725e7c9e4445d2366cbd43b242224
67a06e09f719fde5bf65b689bcbb8284296bd18227b94e8f525a17b334c8c09a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0d76f2d6a01d748045295b03ebda0fcd3ad53b17273d0a11b32a852e8931a5
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
754f6a663422e4ab9d3b26427d2ff42e941d9a7d7c1fa02181a17f6768d425aa
7644af38eab82d36c7e546d9bdac3b27fb22641927eb9368bc5c33c777c6d676
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fb448a7127fbb044700e42d0917f7fbddd0733b00c8b0d0f062ac975222814
84d6806a87630af547e3857d4fc9c4c165144c3ae7a71286ac9524fa58dfa809
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a800f051cbfa60ca9a00693feedee0faa1f87d1f95f92c92bc84cccd083cb52
8b4be6024c6e344a5babd9bc51ace9b5f8f010b3dbf4d256e3f2eaaa6fb4543a
8b52207f42e563d3a8bb56e7203515812c47ba7d8f31573300f06d323ad540f6
92d73c211708864aea2905711f46add8be4317050db77ab793ac310f75f2d79d
938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9690509d3f25e78b4293e66a4f011c1b78b3c6478a12ea3b2488b2812c91c002
9a2c0a3b3510b56be29d68362d3e731986fdc810bb57d6ed461185b278ff89e2
9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a64fd7517191bb403d55ef715b79a4edefb1271fe34cd1c13d1f45dfc0025faf
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b90a40bb183f1f7036a6aad2fe03e57e5cf350a6c76779915cca7c1e37e1427f
baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1
bc7a9223874861c2b9fa970476f94a0013644fcc8c8b26a428549a2f2d050840
c1c02aa103216df218a5a4e12df2a180df67948da45b1b477d68f72d80dcc40e
c1dbbbbe529d7876846f26a7a47d9146f510a5ad22f6a71db96442c76a9f8d48
c26435446acf60bbf10a976abadd562cb3cf5e217126a39594f4dc03f911c1c3
c5fad5cd5851765c925aaae8c965338fe147e77caf6ee2ade2a66fabea4afa00
cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d64348c94f04929c460d579100546e00a88a168f48ce74772a2bf7dd89e1392f
d6645e2c0a595a3c171a6a0eb57bbdf2abab1e9f813676ac75b2916de4778c45
d9dc75d591768ec80974bb193f348238ab857f8b70112caeb87a6e886c32b754
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e07b2dae8d6087dda1424934f2c237d0baa61acc2e091bfb96521bb23c1a8f37
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e1ba74945c36d1928d02079f476ac27d123ffa19c6fccfb2a3d14b35614b9218
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e652bca51f3d99e146d9b1d9b59b275412dc949d345c0a4566dbfb881f46a40b
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949
f3de680a043d71c082ec710445ca27567bb44ec53c8a8aa888d8b8fe92a269c6
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

www.plurk.com Open in urlscan Pro 2606:4700::6811:4503 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

120 Requests

99 %HTTPS

46 %IPv6

23 Domains

45 Subdomains

37 IPs

7 Countries

1239 kBTransfer

3300 kBSize

4 Cookies

1 Outgoing links

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.plurk.com Open in urlscan Pro
2606:4700::6811:4503 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

99 %
HTTPS

46 %
IPv6

23
Domains

45
Subdomains

37
IPs

7
Countries

1239 kB
Transfer

3300 kB
Size

4
Cookies

120 HTTP transactions
1 data transactions