urlscan.io logo urlscan.io
SecurityTrails logo

www.plurk.com Open in urlscan Pro
104.16.2.31  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.plurk.com/nhacai123bhealth
Submission: On July 07 via manual from US — Scanned from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 15 domains to perform 84 HTTP transactions. The main IP is 104.16.2.31, located in and belongs to CLOUDFLARENET, US. The main domain is www.plurk.com. The Cisco Umbrella rank of the primary domain is 284271.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2023. Valid for: a year.
This is the only time www.plurk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 104.16.2.31 13335 (CLOUDFLAR...)
4 104.17.25.14 13335 (CLOUDFLAR...)
12 104.16.3.31 13335 (CLOUDFLAR...)
1 142.250.186.168 15169 (GOOGLE)
1 2 142.250.186.100 15169 (GOOGLE)
1 142.250.186.163 15169 (GOOGLE)
2 172.217.23.98 15169 (GOOGLE)
2 142.250.185.170 15169 (GOOGLE)
1 104.16.57.101 13335 (CLOUDFLAR...)
2 142.250.181.226 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
2 142.250.186.161 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
1 74.125.133.156 15169 (GOOGLE)
1 216.58.212.131 15169 (GOOGLE)
2 142.250.185.194 15169 (GOOGLE)
13 142.250.184.226 15169 (GOOGLE)
7 142.250.184.225 15169 (GOOGLE)
3 4 172.217.18.98 15169 (GOOGLE)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
3 4 37.252.171.84 29990 (ASN-APPNEX)
1 78.46.111.106 24940 (HETZNER-AS)
1 5 176.9.26.250 24940 (HETZNER-AS)
1 142.250.186.170 15169 (GOOGLE)
1 88.99.69.161 24940 (HETZNER-AS)
84 26
19    104.16.2.31 (None, )

ASN13335 (CLOUDFLARENET, US)
www.plurk.com
s.plurk.com
avatars.plurk.com
assets.plurk.com
4    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    104.16.3.31 (None, )

ASN13335 (CLOUDFLARENET, US)
s.plurk.com
www.plurk.com
avatars.plurk.com
1    142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
www.googletagmanager.com
2    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
1    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
www.gstatic.com
2    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
www.googletagservices.com
2    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
maps.googleapis.com
1    104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
adservice.google.com
2    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net
stats.g.doubleclick.net
1    216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f3.1e100.net
www.google.pt
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads.g.doubleclick.net
13    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pagead2.googlesyndication.com
7    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
tpc.googlesyndication.com
4    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    37.252.171.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de
hal9000.redintelligence.net
5    176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal900014.redintelligence.net
1    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
ajax.googleapis.com
1    88.99.69.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.69.99.88.clients.your-server.de
cdn.contentspread.net
Apex Domain
Subdomains		 Transfer
31 plurk.com
www.plurk.com — Cisco Umbrella Rank: 284271
s.plurk.com — Cisco Umbrella Rank: 738296
avatars.plurk.com — Cisco Umbrella Rank: 632582
assets.plurk.com
532 KB
22 googlesyndication.com
9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
119 KB
9 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
149 KB
6 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38273
hal900014.redintelligence.net — Cisco Umbrella Rank: 394956
11 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
4 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
3 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 113
region1.analytics.google.com — Cisco Umbrella Rank: 2556
2 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274
54 KB
3 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 399
ajax.googleapis.com — Cisco Umbrella Rank: 433
95 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
82 KB
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 73733
24 KB
1 google.pt
www.google.pt — Cisco Umbrella Rank: 11970
408 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1174
7 KB
1 gstatic.com
www.gstatic.com
62 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
90 KB
84 15
Domain Requested by
20 s.plurk.com www.plurk.com
s.plurk.com
13 pagead2.googlesyndication.com 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 tpc.googlesyndication.com 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
5 hal900014.redintelligence.net 1 redirects 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
hal900014.redintelligence.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 avatars.plurk.com www.plurk.com
4 cdnjs.cloudflare.com www.plurk.com
4 www.plurk.com cdnjs.cloudflare.com
static.cloudflareinsights.com
3 assets.plurk.com cdnjs.cloudflare.com
2 googleads.g.doubleclick.net 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
2 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 maps.googleapis.com www.plurk.com
maps.googleapis.com
2 www.googletagservices.com www.plurk.com
9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
2 www.google.com 1 redirects tpc.googlesyndication.com
1 cdn.contentspread.net hal900014.redintelligence.net
1 ajax.googleapis.com hal900014.redintelligence.net
1 hal9000.redintelligence.net 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
1 www.google.pt www.plurk.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 adservice.google.com securepubads.g.doubleclick.net
1 static.cloudflareinsights.com www.plurk.com
1 www.gstatic.com www.plurk.com
1 www.googletagmanager.com www.plurk.com
84 27

This site contains links to these domains. Also see Links.

Domain
123b.health
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.pt
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
redintelligence.net
R3		 2023-06-09 -
2023-09-07		 3 months crt.sh
contentspread.net
R3		 2023-06-21 -
2023-09-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.plurk.com/nhacai123bhealth
Frame ID: ACEFCC2E0CFBB061D6D61037B40F97F9
Requests: 50 HTTP requests in this frame

Frame: https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4EE291933CD757C4893F64758F22F1F0
Requests: 1 HTTP requests in this frame

Frame: https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7AD4697FB868EACD237BB7E1018BDD09
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi2u9DGATAB&v=APEucNWqYhb9GMA1Y-u0y40zHlRErKYqMKNOkHXKtiAXlRSXHvtmMkcjOhcJQkbLpzLYusWHMgt_IMZHhbzh8y6sHqXMH5lf_kMNnbPietO-RSKcIt7kpM0nG3Tpc2GTJ4VNQ5vxLXUQuv7vICJWEWhFGJEhSVKKfk1t7jAoRm03-PNQqSdT5-o
Frame ID: A83AA2FA32B89B85528841E44292AE3A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5EDAB4BF453C816D3F27CFD81865A27A
Requests: 3 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=88188500013087504452094012378014&a=bc3a887e
Frame ID: 48378FDB336E39A94C3EEED356BD6C5B
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 623C9ED6201F88E150226E085464F198
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 48D3F87639696953F7CF7BE09EA2CB63
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

nhacai123bhealth - Plurk

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

93 %
HTTPS

0 %
IPv6

15
Domains

27
Subdomains

26
IPs

4
Countries

1226 kB
Transfer

3076 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.google.com/jsapi HTTP 301
  • https://www.gstatic.com/charts/loader.js
Request Chain 54
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0vcYLnzCPiv_43SQjUbhs&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0vcYLnzCPiv_43SQjUbhs&google_cver=1&C=1
Request Chain 55
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKeT6YY1Ybj.S6B2bOU6cgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0vcYLnzCPiv_43SQjUbhs&google_cver=1&google_hm=2
Request Chain 56
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDVwM3-DwKxxthrzaLbnwwQ&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDVwM3-DwKxxthrzaLbnwwQ%26google_cver%3D1
Request Chain 57
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1NDU0NzI5MzQ1NDgwNDAxMw%3D%3D
Request Chain 65
  • https://hal900014.redintelligence.net/request.php?zone=jbzgseo1l670&nw=20&renderingType=javascript&namespace=e52907cac5&subid=&uid=2540d50eb31e5d30&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpTIx6JOnZNS_FM6EjuwPy-C82A2e2ZahaaGbofvbD_AuEAEg9JeCNWDthICAvBvIAQmpAg2p9GjZRbI-qAMBqgTmAU_QH-Nkw3ecMC3ol6cItysDUtz4GzBCz8ryV1HUrmzthsv60EpTt-hAcoghSPe2c6lPhbg69VOkLugmrRlfII28vexJkF0mPaa2J0wftZqN5H1UqrKjFdd_y2jOkHjMyIYXGP9JnztrCJeA1OOx684f2q6OoEDZntNOo5jngXDxOFd5VP4MRXf3w8GRnaY6Bchy93LpxSCgiYRWoUrp7nH0zi3YNOYaPtnl0QMoj6PE7P389vkbRFPjOueU0sp-ziSMN-Qs--tYrryfzK5tLpTqwa9Ymn8oObMUtp4OY15tmlUsexZAwATX9ZbS8wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJW4_pLeBR0i7BBqPn6_6nykS0kw5nN_3UjasmWmiUGS8cOgHkmg7-6Es3NoIkJJqMZ2eaaSFeTrrz_JFTG-QTFoktp0Mtj0gcYAQ%26sig%3DAOD64_0RMnGSVsWKZrW_ec4it5q0t6iYpg%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BPkLf-QGwfI34Jx56OYpzZeE43mMO06MjQXNweqD4SVweXE1Jr4DoyhoCax7jRoRzRjnI6wrXR32jt_8r5Qhsxub6_x-dKqDIDH4oHe9C9VkjFMIvOGlfCIDt76dXhpZHmvI8ZRhY4WN1KtiSVzsyQOdtDxaqZfT9OXf3SpRFYg123iBY%26cry%3D1%26dbm_d%3DAKAmf-BQg7sxh-LLEbas1CeVzQBTOLYmdm1yrW4S4TomJ0gyQfWo02wxsizSHsmOlZ-B-LmWrNVz8huFyPaNIh0NiLwC44DkYE_yZ5A3Yrv_bQkj-x6QmyivSHTFfJrZugzo2dE3aWfvDm_8dlL2vxPIbjZ5BiLATYkV0XOEhh46cay7SOfP7oTlhMDTeFMA_kFBNDFBliH5k7AuTpgxSV7RCtalRDjgwInxNJgFK6eGMv8QSINMn7d4Ulwwqku1LIXLsc5FtNrTmvTC4AkhG8d9EcbmPgiv5kcJAqX7Uc1sj--7BvwjZrdETePhlp9Ql7DLMley1bZrwaJ59Iduyy3lEX_Z5tnWczVR26yiaGkl7pI4p3SFTeq0zhnFljATjlDTZu7rkmtpAp9BjZDae3TiCuu8swjcO-CtiOy96iFBgusGbHqrtalnfJUbNx7FO9MLzAyf_DZyIr4P7YyM2vb7egldbKSSF3kUc8tJpJuLBt4ciPmxwMkidbGJDeGhp3QZ_Qt0th4iOatsc433p0vEtFYgEd0iRdLOpv4evntixE5hSmwuWvx6oTBT08cQlbvCm52sgQQ5%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=9988267160874&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900014.redintelligence.net/request.php?zone=jbzgseo1l670&nw=20&renderingType=javascript&namespace=e52907cac5&subid=&uid=2540d50eb31e5d30&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpTIx6JOnZNS_FM6EjuwPy-C82A2e2ZahaaGbofvbD_AuEAEg9JeCNWDthICAvBvIAQmpAg2p9GjZRbI-qAMBqgTmAU_QH-Nkw3ecMC3ol6cItysDUtz4GzBCz8ryV1HUrmzthsv60EpTt-hAcoghSPe2c6lPhbg69VOkLugmrRlfII28vexJkF0mPaa2J0wftZqN5H1UqrKjFdd_y2jOkHjMyIYXGP9JnztrCJeA1OOx684f2q6OoEDZntNOo5jngXDxOFd5VP4MRXf3w8GRnaY6Bchy93LpxSCgiYRWoUrp7nH0zi3YNOYaPtnl0QMoj6PE7P389vkbRFPjOueU0sp-ziSMN-Qs--tYrryfzK5tLpTqwa9Ymn8oObMUtp4OY15tmlUsexZAwATX9ZbS8wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJW4_pLeBR0i7BBqPn6_6nykS0kw5nN_3UjasmWmiUGS8cOgHkmg7-6Es3NoIkJJqMZ2eaaSFeTrrz_JFTG-QTFoktp0Mtj0gcYAQ%26sig%3DAOD64_0RMnGSVsWKZrW_ec4it5q0t6iYpg%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BPkLf-QGwfI34Jx56OYpzZeE43mMO06MjQXNweqD4SVweXE1Jr4DoyhoCax7jRoRzRjnI6wrXR32jt_8r5Qhsxub6_x-dKqDIDH4oHe9C9VkjFMIvOGlfCIDt76dXhpZHmvI8ZRhY4WN1KtiSVzsyQOdtDxaqZfT9OXf3SpRFYg123iBY%26cry%3D1%26dbm_d%3DAKAmf-BQg7sxh-LLEbas1CeVzQBTOLYmdm1yrW4S4TomJ0gyQfWo02wxsizSHsmOlZ-B-LmWrNVz8huFyPaNIh0NiLwC44DkYE_yZ5A3Yrv_bQkj-x6QmyivSHTFfJrZugzo2dE3aWfvDm_8dlL2vxPIbjZ5BiLATYkV0XOEhh46cay7SOfP7oTlhMDTeFMA_kFBNDFBliH5k7AuTpgxSV7RCtalRDjgwInxNJgFK6eGMv8QSINMn7d4Ulwwqku1LIXLsc5FtNrTmvTC4AkhG8d9EcbmPgiv5kcJAqX7Uc1sj--7BvwjZrdETePhlp9Ql7DLMley1bZrwaJ59Iduyy3lEX_Z5tnWczVR26yiaGkl7pI4p3SFTeq0zhnFljATjlDTZu7rkmtpAp9BjZDae3TiCuu8swjcO-CtiOy96iFBgusGbHqrtalnfJUbNx7FO9MLzAyf_DZyIr4P7YyM2vb7egldbKSSF3kUc8tJpJuLBt4ciPmxwMkidbGJDeGhp3QZ_Qt0th4iOatsc433p0vEtFYgEd0iRdLOpv4evntixE5hSmwuWvx6oTBT08cQlbvCm52sgQQ5%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=9988267160874&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nhacai123bhealth
www.plurk.com/ 		19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86363036643f30e057563570a7d0eb00c5d5b4fbb4dd3e9e131c42823a052ed1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e2d5405689503b2-LIS
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 07 Jul 2023 04:26:15 GMT
link
<https://images.plurk.com>;rel=preconnect,<https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js>;integrity=sha512-+NqPlbbtM1QqiK8ZAo4Yrj2c4lNQoGv8P79DPtKzj++l5jnN39rHA/xsqn8zE9l0uSoxaCdrOgFs6yjyfbBxSg==;rel=preload;as=script;crossorigin=anonymous,<https://s.plurk.com/plurkiconfont/fonts/e67b183966200f68093e.woff2>;rel=preload;as=font;type=font/woff2;crossorigin=anonymous
referrer-policy
origin
server
cloudflare
vary
Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plurk.com/
Origin
https://www.plurk.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1831726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27433
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Z60ix9zP0IoTPl5UwQIBlEQqFq%2BBbvUNQ8YtPHpoJbvn7dggxe6eJJj%2B7cVzSZGvwGBF6xmd6kaZeD032eqGql6pSlAH%2FUmBvUI%2FyTdAgUt4q3QrjfckZ3IhkkPTuyZ15o1CNZ0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e2d54071e9748a4-LIS
expires
Wed, 26 Jun 2024 04:26:15 GMT
e67b183966200f68093e.woff2
s.plurk.com/plurkiconfont/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/plurkiconfont/fonts/e67b183966200f68093e.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.3.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002885d15671018d6cbea9225dc9ece35a412108c16c533924d127bcc8e8bfdf

Request headers

Referer
https://www.plurk.com/
Origin
https://www.plurk.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
cf-cache-status
HIT
x-amz-request-id
0BRH6QA22KJMX5VY
age
1781
alt-svc
h3=":443"; ma=86400
content-length
17324
x-amz-id-2
LDca8sgv9KssI+rC4QsMe6MU0+ABOn5B+Otzee78Y44nb9VTus+LPeim1064Nv/uWgmDJEgixxM=
last-modified
Fri, 10 Mar 2023 01:01:44 GMT
server
cloudflare
etag
"c3b7fb5936c54759a60414339661ee5a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=155520000
accept-ranges
bytes
cf-ray
7e2d54067a5d489e-LIS
expires
Sat, 10 Jun 2028 04:26:15 GMT
ab9eea6d2a8045e9f91d.js
s.plurk.com/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/ab9eea6d2a8045e9f91d.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d1bfaed1a228c9771d6bfd802871e12e0739faba53d638f409dc04fc9cf7a3

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Jun 2023 07:24:01 GMT
server
cloudflare
x-amz-request-id
EEPKNHW74QV34780
age
25020
etag
W/"24713cbc0f42d9de3697f2a05bde0994"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
7e2d5406790e03b2-LIS
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5F5IYi6RP8/F6Q+kL5oDCGvTxecgtbz5LXt1TpaWK8fQVvxJ2IePcJ733qeMGaGgQK3eUyQQnwc=
expires
Sat, 10 Jun 2028 04:26:15 GMT
37037c71228ffa5eb4e6.js
s.plurk.com/ 		126 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/37037c71228ffa5eb4e6.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd623daf8299579e9ca5a3eed490f9a4a325047805da0e593c0cfd9b022b4fdd

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Mar 2023 14:36:35 GMT
server
cloudflare
x-amz-request-id
AMZNH84QZS2B1SW5
age
1359987
etag
W/"e4ee4dcfa8080118c11d2e054b47e206"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
7e2d5406790f03b2-LIS
alt-svc
h3=":443"; ma=86400
x-amz-id-2
qqYrzLxMfL7CJBqxYOa7lQCYh4L/cQLlqz/5ZpHH3IlgJh8ulzYRtWsW9CzThyOoDZBxRym9Y8A=
expires
Sat, 10 Jun 2028 04:26:15 GMT
5ec8d6764d9332ff52f7.js
s.plurk.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/5ec8d6764d9332ff52f7.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63351d6104df613cc0893c60e1c6ffb2bfd303221d58c97eacc77e087bc06746

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Feb 2023 05:25:22 GMT
server
cloudflare
x-amz-request-id
KAPD9CEWYNNK0JN4
age
1359987
etag
W/"836570a66727e738c371b030279561e7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
7e2d5406791003b2-LIS
alt-svc
h3=":443"; ma=86400
x-amz-id-2
A/YN+sFSBzMwB5DpOI4/pMONX/2ZaPtLfxhMhQrGdSO0LiH5ptcsP4molAQs688ajkpfgg8RVRs=
expires
Sat, 10 Jun 2028 04:26:15 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plurk.com/
Origin
https://www.plurk.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3701416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4037
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-55e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxDWV8z70mxKZeJFH3otXru0T7P8kzHsD1Cq1hm7d0bN0r33euab%2B6AT%2B%2FNpDGRcaN6WWwHqK%2BpG9jKg4wvwoDw9iIcU%2BkUmeYrw2zYY0gPyWQByTZLAizpmwvDLBWxczwHHGBTV"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e2d54071e9648a4-LIS
expires
Wed, 26 Jun 2024 04:26:15 GMT
46d3bef67382eb7440b7.css
s.plurk.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/46d3bef67382eb7440b7.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a20e81ebd7dbf6e6b87e350b031dfbaaa06b15e4137b6e2aa1dba7ae2b2b34

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Mar 2023 16:46:52 GMT
server
cloudflare
x-amz-request-id
4JQCQ93PFMET3PQA
age
1361923
etag
W/"5bce36e7cb61f44056ef622de385bb86"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-ray
7e2d5406791103b2-LIS
alt-svc
h3=":443"; ma=86400
x-amz-id-2
J8SSMuz6GvMVdOh6Yp4OrZydKO599zCj3qX2QhJF0xWKEO2LPnqQLyvsYeL/+WYI8t8YLs9/Nt4=
expires
Sat, 10 Jun 2028 04:26:15 GMT
sweetalert.min.js
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plurk.com/
Origin
https://www.plurk.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
941151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10494
last-modified
Mon, 04 May 2020 16:16:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ff8-9f68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tINI8tVPEoJ8slkoqT1dd%2BAQUKJCOVTSZGiEWJN0U9tHuPiU8otUOfnX%2F7coqZrEUMHPvjAXw%2FO6Xqj0vTlZKi1bOBm4h0UpakYYgAJT7eEkv7dzsbp5pWdAbt3i8%2FWMe2rwJgZN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e2d54071e9848a4-LIS
expires
Wed, 26 Jun 2024 04:26:15 GMT
handlebars.min.js
cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/handlebars.min.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plurk.com/
Origin
https://www.plurk.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2661437
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11830
last-modified
Mon, 04 May 2020 16:10:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e72-ac34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIkJ%2FsW2MwVQdhycicjtdu8jxT2eRfv6oTG3z8tGfF64DLK4j4eDIxDwtflZ%2BTO1ZSK9iMEvRLY3wNO42TENrY8NUPwwcBGusSq4By3xAu%2FSP6ZOKbajK7bcd2IIpDl0g%2F0bwM2T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e2d54071e9948a4-LIS
expires
Wed, 26 Jun 2024 04:26:15 GMT
621a5cbd66c1ad116e38.js
s.plurk.com/ 		62 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/621a5cbd66c1ad116e38.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.3.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e51a7e6710418fa43758820b5791171303d7e460a69ba4b5b849119aff4e1054

Request headers

Referer
https://www.plurk.com/
Origin
https://www.plurk.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
PK972DY5QBTP4Q5Z
age
4596
alt-svc
h3=":443"; ma=86400
x-amz-id-2
PProgYOjpejyUK+t1cBZktIlnwR5TRQ9USRHDOCuuHMqDDRkHUUdmUvYz0mVBuDww1gBILBVulA=
last-modified
Wed, 07 Jul 2021 09:09:37 GMT
server
cloudflare
etag
W/"acf7002c465032291acb81fe622bfa78"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
7e2d54068a66489e-LIS
expires
Sat, 10 Jun 2028 04:26:15 GMT
js
www.googletagmanager.com/gtag/ 		269 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-15X0DLSVWS
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
15f748eb9a9753b69b45bd0e8be0dfa1aeb35dbf6e7d13a9b288298351d7ddb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91457
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 07 Jul 2023 04:26:16 GMT
a91a57c38e93aaec1b98.js
s.plurk.com/ 		159 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/a91a57c38e93aaec1b98.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c8e3e4314b9fec162c02d2174a3aae000ab8dc2bfe79ea9d3a9a707c8ed6568

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Jun 2023 10:10:37 GMT
server
cloudflare
x-amz-request-id
88B6XWQK3G485068
age
669913
etag
W/"4825f3755f7268ae76a21131b3642dcc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
7e2d5406891603b2-LIS
alt-svc
h3=":443"; ma=86400
x-amz-id-2
P44DZ1vA1szBspjYjZZThZgl2vxvmkymkeDYfk5RR2LtTjOgXZss4n4oL9Y4obMEz75ze6ezPlY=
expires
Sat, 10 Jun 2028 04:26:15 GMT
c929292c1f412ee660c7.js
s.plurk.com/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/c929292c1f412ee660c7.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ecd8880061627cb0d50e6b607f4516aae823e994328e9b6f5b563c22facc235

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Jun 2023 10:10:37 GMT
server
cloudflare
x-amz-request-id
KCZ0BERTNEJB5PFS
age
669913
etag
W/"a596398c0ec5f74e29361f7561c7d76f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
7e2d5406891803b2-LIS
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nz/UJfbU41dNX+DPBHqEAswtDJwC8DmnFUUClB0IxUAWwexK9grmcsetv9eQxXWIKZcZRhV6WBw=
expires
Sat, 10 Jun 2028 04:26:15 GMT
0d4b5a2434b3bcc964ce.css
s.plurk.com/ 		43 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/0d4b5a2434b3bcc964ce.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a95027767d809704f436741936fe8ca5f89c5852bd48f5a85cee64c45778e879

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Jun 2023 10:12:09 GMT
server
cloudflare
x-amz-request-id
GHRJF5DEJP3MKMAS
age
1413751
etag
W/"8b7ccd9c86ac454edb022e73e12ce0ac"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-ray
7e2d5406791203b2-LIS
alt-svc
h3=":443"; ma=86400
x-amz-id-2
qCNlWQEKVRmHRevPhyZYp1g6zrhVN4q8gWgq2g/6jqB5HtatsJuxiKxYXQmg1ylBH17e3G9gwn0=
expires
Sat, 10 Jun 2028 04:26:15 GMT
00e988c2fd13276f39be.css
s.plurk.com/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/00e988c2fd13276f39be.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c57f3d8a8f62bfde2ede957ffce8acb6d5054a1c9500048eb9de3f143f8d98

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Jun 2023 02:16:58 GMT
server
cloudflare
x-amz-request-id
V03Q93EG3BYRY7VS
age
818921
etag
W/"c1e11dbb0bacb5c52ced60bb571658d4"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-ray
7e2d5406791303b2-LIS
alt-svc
h3=":443"; ma=86400
x-amz-id-2
TDOZqDUnApwsDsBdeXz6EO2GWjQpVujU/Iy2HbQvHG39D0yxU1aCe5/IZrLwo5zFBv6Z4baGWiQ=
expires
Sat, 10 Jun 2028 04:26:15 GMT
5b72e1392f5de66eb200.js
s.plurk.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/5b72e1392f5de66eb200.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acc80ce4169f5c924563b7e74c6a580fbf498fc5d3c95410dba9a3c43617eb1b

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Jun 2023 10:10:22 GMT
server
cloudflare
x-amz-request-id
AJHYH56J4BRMP7FJ
age
669913
etag
W/"df01a083bad8c2aaec39b533a26f9866"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
7e2d5406c92c03b2-LIS
alt-svc
h3=":443"; ma=86400
x-amz-id-2
FC6UxV8up0dMWAwT4U9O7olgi004LymS6Gu0oMaCXeSFVCCVDfepZTcfQN36/8UdwF+s20HGEfA=
expires
Sat, 10 Jun 2028 04:26:15 GMT
4a4e9920082355d20cd6.css
s.plurk.com/ 		3 KB
1013 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/4a4e9920082355d20cd6.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0361f506b535951b1107528370a1d245d14ffdd9a220f941bba1bca36c9f46ed

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Mar 2023 06:21:03 GMT
server
cloudflare
x-amz-request-id
H1HBBWF7WJNAK63N
age
1264078
etag
W/"187fd8c85a8d9b05dc4fccac3f293536"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-ray
7e2d5406791403b2-LIS
alt-svc
h3=":443"; ma=86400
x-amz-id-2
l1f6DIegMNgKEhauJigSHHdOXP+O3rqNy5SNq6PA4OaY1L9elplV1hcjdsDzmgZrpzgwhUwURBY=
expires
Sat, 10 Jun 2028 04:26:15 GMT
abd3ac0abe551d5f3ce2.js
s.plurk.com/ 		255 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/abd3ac0abe551d5f3ce2.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e726e9bab3cb1d819f5fad8dc0354ac90f3037656183b2f5832795f94723211d

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Jun 2023 10:10:37 GMT
server
cloudflare
x-amz-request-id
88BF3SSBSJ4365PZ
age
195624
etag
W/"32c74c9b7fc3283defd5e899cfa41239"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
7e2d5406c92d03b2-LIS
alt-svc
h3=":443"; ma=86400
x-amz-id-2
liFva5nl0/FQjSnQRGvzfuubDvSdS2JpSxMDiqDhfGXBcF8ngcO6fOV+p5CSb/WdUvUXS/BgGmE=
expires
Sat, 10 Jun 2028 04:26:15 GMT
cf6f26562cccf2a205e9.css
s.plurk.com/ 		100 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/cf6f26562cccf2a205e9.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9d53004c0926ed6690999b80eece2343816ed0218da7fa260a47bd5d256eb0e

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Jun 2023 09:11:08 GMT
server
cloudflare
x-amz-request-id
M9JT1672XJ0VEJH1
age
758152
etag
W/"3c0cbab96464aaea8f4c0a3be6bb6719"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-ray
7e2d5406891503b2-LIS
alt-svc
h3=":443"; ma=86400
x-amz-id-2
LmdE+9Sg6obHCfNdJFLt+BHlitcfPC5ElQBhIFIA79zSXoHZr6C9sq0J9YuYCbnIr4KagbURxLo=
expires
Sat, 10 Jun 2028 04:26:15 GMT
77af2ef93db2f24dbfd3.js
s.plurk.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/77af2ef93db2f24dbfd3.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ba48c6a14035cfbbadba55c209a5e1ee982398e87bad960b0e7b4176259da9

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 May 2023 06:21:31 GMT
server
cloudflare
x-amz-request-id
60XBXMC5B3ZKKWVR
age
1341112
etag
W/"19f90dd8436e97984914fc0cedb1b26b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
7e2d5406c92e03b2-LIS
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CXIIVdRA/HMGTl3/MyQiLqpREIi8loIGILLnpasQkdXCeb31Tfhp9zmkfUm5PQvSGIihvY3YA6Q=
expires
Sat, 10 Jun 2028 04:26:15 GMT
loader.js
www.gstatic.com/charts/
Redirect Chain
  • https://www.google.com/jsapi
  • https://www.gstatic.com/charts/loader.js
61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:06:07 GMT
x-content-type-options
nosniff
age
1208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62428
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 17:52:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="gviz"
vary
Accept-Encoding, Origin
report-to
{"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Fri, 07 Jul 2023 05:06:07 GMT

Redirect headers

date
Fri, 07 Jul 2023 04:00:03 GMT
x-content-type-options
nosniff
server
sffe
age
1572
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/charts/loader.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 07 Jul 2023 04:30:03 GMT
gpt.js
www.googletagservices.com/tag/js/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
061b4f619a9f23d38351007a56b27d471ebb78d42ad8810fadf3c95bad1a19cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25968
x-xss-protection
0
server
cafe
etag
963 / 19545 / m202306280101 / config-hash: 154671031251390638
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 07 Jul 2023 04:26:15 GMT
16967328-big63844945.jpg
avatars.plurk.com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.plurk.com/16967328-big63844945.jpg
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3744e981846206ecc518b51a3e9965f56483c66d15860afdccab5de8de365f81

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
cf-cache-status
HIT
x-amz-request-id
4MYZC8FMW4VTW69Q
age
1781
alt-svc
h3=":443"; ma=86400
content-length
13552
x-amz-id-2
GavhPkBnPYuCeNdUn7I42xtLSf5nGYdVl0JyT69/JxUlkfgR4+ErwhcI3l1GLKIeCcZF/TJX2O4=
last-modified
Tue, 13 Jun 2023 12:37:16 GMT
server
cloudflare
etag
"e46132c49698ef499b2316890919b32d"
vary
Accept-Encoding
content-type
binary/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7e2d540b5a6d03b2-LIS
expires
Sat, 06 Jul 2024 04:26:16 GMT
75fca7046dde512ebba1.gif
s.plurk.com/ 		315 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.plurk.com/75fca7046dde512ebba1.gif
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9311217cd0145627e75dccfd9b5bcfa9a7af11488d2bbccf86547661960e78

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
cf-cache-status
HIT
x-amz-request-id
Y114NEC0YHJA4ZMW
age
932851
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
315
x-amz-id-2
CSRNoGk5ITkdnFJ6phvjokQYTM09sy0aByuZOnjIuBf1nczj8YbTNQVlbGGMdasc3/TDc74vDcg=
cf-bgj
imgq:100,h2pri
last-modified
Fri, 17 Mar 2023 15:09:23 GMT
server
cloudflare
etag
"7f5c4282d2e9accfdae99cc6abb6c9bb"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=155520000
accept-ranges
bytes
cf-ray
7e2d540b8a7a03b2-LIS
expires
Sat, 10 Jun 2028 04:26:16 GMT
js
maps.googleapis.com/maps/api/ 		189 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyD5WxpgsmFXVC600sFWJnVMYpJBB4Qaa50&callback=Function.prototype
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
c59e26189a3b34cdb45a23f9764ca9801b5de69d08bfa1ae2921e366952f9ff9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64019
x-xss-protection
0
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
https://www.plurk.com/
Origin
https://www.plurk.com
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7e2d540c1cf594ef-LIS
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ 		392 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 06 Jul 2023 23:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
18855
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127514
x-xss-protection
0
server
cafe
etag
13498126467117012333
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 05 Jul 2024 23:12:00 GMT
background.css
assets.plurk.com/static/theme/v5/default2018-theme/ 		119 B
370 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.plurk.com/static/theme/v5/default2018-theme/background.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1252f0bcffb7fd804f437707c8ecf7ea4142074f53bcbb1207f413f633961bc0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
T18V1SB2JZC4NSAM
age
1781
alt-svc
h3=":443"; ma=86400
x-amz-id-2
29iQPhmVpalyBbkJ+ZB7S0QgSSl024fuJMdw84lmO6nxFUhsvyqZ6cHRSmVlN78fcAiTA2m/GbA=
last-modified
Thu, 02 Jun 2022 17:07:56 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1654149640/ctime:1654149638/gid:100/gname:users/md5:69453e16f6c35aec5b29603c3f53288e/mode:33188/mtime:1654149638/uid:1004/uname:qbane
etag
W/"69453e16f6c35aec5b29603c3f53288e"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
7e2d540b8a7d03b2-LIS
expires
Sat, 06 Jul 2024 04:26:16 GMT
timeline.css
assets.plurk.com/static/theme/v5/default2018-theme/ 		0
146 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.plurk.com/static/theme/v5/default2018-theme/timeline.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
cf-cache-status
HIT
x-amz-request-id
RB6HM35Y1C2RHNYX
age
1781
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-id-2
LCL+6h060hiRoxSD2YdRTr4SFIMxpSgV6a0A9dMpZ5jnVSJDra5Vp7UElvqmrbRicnAmy90Nsvk=
last-modified
Thu, 02 Jun 2022 17:07:57 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1654189665/ctime:1610948354/gid:100/gname:users/md5:d41d8cd98f00b204e9800998ecf8427e/mode:33188/mtime:1610948354/uid:1004/uname:qbane
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7e2d540b8a7c03b2-LIS
expires
Sat, 06 Jul 2024 04:26:16 GMT
dashboard.css
assets.plurk.com/static/theme/v5/default2018-theme/ 		0
341 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.plurk.com/static/theme/v5/default2018-theme/dashboard.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.2.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
cf-cache-status
HIT
x-amz-request-id
T18ZGHKSDPWGT9G0
age
1781
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-id-2
JI8xTmXVJokCMcQgI5BlC2O2HFQvsbozmPaEbnL9icBXF0DiNWWKzou/3E4v4bRFOX9Enc856NU=
last-modified
Thu, 02 Jun 2022 17:07:56 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1654189665/ctime:1610948354/gid:100/gname:users/md5:d41d8cd98f00b204e9800998ecf8427e/mode:33188/mtime:1610948354/uid:1004/uname:qbane
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7e2d540b8a7b03b2-LIS
expires
Sat, 06 Jul 2024 04:26:16 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.plurk.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1199395227337751&correlator=1137207162326083&eid=31075760%2C21065724&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=75142684%2Cplurk_home_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=2499139215&didk=1643571950&sfv=1-0-40&eri=2&sc=1&cookie_enabled=1&abxe=1&dt=1688703976257&lmt=1688703976&dlt=1688703975414&idt=781&adxs=436&adys=77&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.plurk.com%2Fnhacai123bhealth&frm=20&vis=1&psz=980x0&msz=980x0&fws=4&ohw=1600&ga_vid=2031898007.1688703976&ga_sid=1688703976&ga_hid=1838789061&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
20a61a885b7c47ce2119ca7e9931de570f3ab1e4b1708148a5bf295ed34210b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10480
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.plurk.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4EE2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 07 Jul 2023 04:26:16 GMT
expires
Sat, 06 Jul 2024 04:26:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD5WxpgsmFXVC600sFWJnVMYpJBB4Qaa50&callback=Function.prototype
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.plurk.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
getzone
www.plurk.com/p/ 		2 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.plurk.com/p/getzone?zone=43
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.3.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
*/*
Referer
https://www.plurk.com/
X-Requested-With
XMLHttpRequest
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cf-ray
7e2d540cab504892-LIS
alt-svc
h3=":443"; ma=86400
0cd0435740e740eece09.gif
s.plurk.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.plurk.com/0cd0435740e740eece09.gif
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.3.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e7d43630a261b51e2a419b892c4fa8aed22dcbc1cfc7e5f8a575771d5fbe67c

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
cf-cache-status
HIT
x-amz-request-id
M2NEFDMQPG3056N8
age
2132327
cf-polished
origSize=35115
alt-svc
h3=":443"; ma=86400
content-length
31308
x-amz-id-2
Yp711Hpv1AiCSw6WLFN3X4VufUYk4ULUUhqglyWM7Xxqnvl2NF6Ut7jZsV+YnjJ+0x2GbgilXhU=
cf-bgj
imgq:100,h2pri
last-modified
Wed, 26 Oct 2022 23:02:50 GMT
server
cloudflare
etag
"d236fd746e000431a8e2c6bc787ee7c5"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=155520000
accept-ranges
bytes
cf-ray
7e2d540cbb534892-LIS
expires
Sat, 10 Jun 2028 04:26:16 GMT
72e28d113423eccdc548.png
s.plurk.com/creatures/big/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.plurk.com/creatures/big/72e28d113423eccdc548.png
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.3.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219de54043e38e0164af923d39852649a67ba02a9d652f6004e331e3f65ea1e7

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
cf-cache-status
HIT
x-amz-request-id
QMJS5G7FGJTXRHT2
age
490025
cf-polished
origSize=24363
alt-svc
h3=":443"; ma=86400
content-length
5359
x-amz-id-2
LIqoTXa/r3Gf5wyKQJ33SLfgpdIYbrWKoW/vYwZ5kull5ioN1cV+toYZRBp5ExAS5mtEIK2eHEs=
cf-bgj
imgq:100,h2pri
last-modified
Mon, 10 Apr 2023 04:36:52 GMT
server
cloudflare
etag
"9b28c73ce0755296d6909b45426b4b52"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=155520000
accept-ranges
bytes
cf-ray
7e2d540ccb644892-LIS
expires
Sat, 10 Jun 2028 04:26:16 GMT
7e4fc709f1b99dc88a71.gif
s.plurk.com/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.plurk.com/7e4fc709f1b99dc88a71.gif
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.3.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2be5ccecae9a8d7bf5a98a12487e876daa5c78f5a95a073092338a94ef653ba2

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
cf-cache-status
HIT
x-amz-request-id
WVDE9CRST0RG65PK
age
1773501
cf-polished
origSize=61245
alt-svc
h3=":443"; ma=86400
content-length
59956
x-amz-id-2
Z8REBFMyOzQ3l1y8UVhzlxpm1mO/mbgeW2ql6B3qLznVxZrYugww02HOQDwyEJmO8uQLhZ+HMYc=
cf-bgj
imgq:100,h2pri
last-modified
Mon, 20 Feb 2023 15:04:37 GMT
server
cloudflare
etag
"55f2972fe974280b898be8cfa592d4ea"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=155520000
accept-ranges
bytes
cf-ray
7e2d540ccb664892-LIS
expires
Sat, 10 Jun 2028 04:26:16 GMT
16977642-medium64223388.gif
avatars.plurk.com/ 		660 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.plurk.com/16977642-medium64223388.gif
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.3.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3821145db827769b9c0d8b7cb077c2b5c1ea0a924cb77ec8a841082c8c92287

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
cf-cache-status
HIT
x-amz-request-id
4MYGAYRPH01VC54B
age
1781
alt-svc
h3=":443"; ma=86400
content-length
660
x-amz-id-2
RP+dPgs/safpkOA+8I3EzypyWhznfKI8GF3ZVNbZFoP6lSs1GZ3wkbRO5FxLuwrEBGlIHfOV9YE=
last-modified
Mon, 26 Jun 2023 15:59:26 GMT
server
cloudflare
etag
"5055d42f44d9e85fc37093a71b73363a"
vary
Accept-Encoding
content-type
binary/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7e2d540cdb694892-LIS
expires
Sat, 06 Jul 2024 04:26:16 GMT
16980382-medium64328056.gif
avatars.plurk.com/ 		701 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.plurk.com/16980382-medium64328056.gif
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.3.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96fa4420031d35e58ed4ae65c71128ad4d765df6a0db6a8d24bceeabf98398a3

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
cf-cache-status
HIT
x-amz-request-id
4MYGVESNTEDRWJ8W
age
1781
alt-svc
h3=":443"; ma=86400
content-length
701
x-amz-id-2
ps7yu/SP3YcaGlb9voOXQa6MwfmFjBL20kuOTweohMXfQ3IJ+4H0HA+AYHMVdfRCy0DilNPQRfc=
last-modified
Fri, 30 Jun 2023 07:12:51 GMT
server
cloudflare
etag
"5f9142f1d0126be9119abaa93030d662"
vary
Accept-Encoding
content-type
binary/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7e2d540cdb6b4892-LIS
expires
Sat, 06 Jul 2024 04:26:16 GMT
fetchFriends
www.plurk.com/Users/ 		1007 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.plurk.com/Users/fetchFriends
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.3.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04d4619483e485e2f6a71fd76c8fad320f50e28e190e6ee0ba13b49aa995908

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.plurk.com/
X-Requested-With
XMLHttpRequest
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cf-ray
7e2d540cdb6c4892-LIS
alt-svc
h3=":443"; ma=86400
781a2d28dda58209317a.png
s.plurk.com/badges_sprite/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.plurk.com/badges_sprite/781a2d28dda58209317a.png
Requested by
Host: s.plurk.com
URL: https://s.plurk.com/cf6f26562cccf2a205e9.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.3.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73fc59edba6f816a30480db5282fc4e56568f7be798caf4acc94b6105eea7c83

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://s.plurk.com/cf6f26562cccf2a205e9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
cf-cache-status
HIT
x-amz-request-id
1WSMCAXA077QW6RW
age
1343847
cf-polished
origSize=114736
alt-svc
h3=":443"; ma=86400
content-length
114319
x-amz-id-2
xOJtdfBYCljZNDkp4J7sF4oE/60FfIAIYK6ajGM/Rj41rkeYSGwO1nNQIcmeyB1ZKEmAfclkYEQ=
cf-bgj
imgq:100,h2pri
last-modified
Wed, 07 Jun 2023 02:16:59 GMT
server
cloudflare
etag
"8832d4baa8e96e5544eefb7773479cdb"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=155520000
accept-ranges
bytes
cf-ray
7e2d540cdb704892-LIS
expires
Sat, 10 Jun 2028 04:26:16 GMT
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-15X0DLSVWS&gtm=45je3750&_p=1838789061&_gaz=1&cid=2031898007.1688703976&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688703976&sct=1&seg=0&dl=https%3A%2F%2Fwww.plurk.com%2Fnhacai123bhealth&dt=nhacai123bhealth%20-%20Plurk&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15X0DLSVWS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.plurk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-15X0DLSVWS&cid=2031898007.1688703976&gtm=45je3750&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-15X0DLSVWS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.plurk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.pt/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.pt/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-15X0DLSVWS&cid=2031898007.1688703976&gtm=45je3750&aip=1&z=957278867
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7AD4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 07 Jul 2023 04:26:16 GMT
expires
Sat, 06 Jul 2024 04:26:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
16967328-small63844945.gif
avatars.plurk.com/ 		390 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.plurk.com/16967328-small63844945.gif
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/nhacai123bhealth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.3.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0edab90b9aef07767aeab207e3203c5c4d4273e0d67a8cc34fbb5ecf3300c33d

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
cf-cache-status
HIT
x-amz-request-id
4MYWJN39W6WZ5K87
age
1781
alt-svc
h3=":443"; ma=86400
content-length
390
x-amz-id-2
FjywjgupyCLl84odywhXhEFrZyX8p+hK0zjW6DVkxLv1BIQo22J0cYQIt6yu6UhPHE/IAr22x+Y=
last-modified
Tue, 13 Jun 2023 12:37:17 GMT
server
cloudflare
etag
"98221eb9a6c7737a02090a1220b86a11"
vary
Accept-Encoding
content-type
binary/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7e2d540e6c644892-LIS
expires
Sat, 06 Jul 2024 04:26:16 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A83A 		624 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi2u9DGATAB&v=APEucNWqYhb9GMA1Y-u0y40zHlRErKYqMKNOkHXKtiAXlRSXHvtmMkcjOhcJQkbLpzLYusWHMgt_IMZHhbzh8y6sHqXMH5lf_kMNnbPietO-RSKcIt7kpM0nG3Tpc2GTJ4VNQ5vxLXUQuv7vICJWEWhFGJEhSVKKfk1t7jAoRm03-PNQqSdT5-o
Requested by
Host: 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
URL: https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 07 Jul 2023 04:26:16 GMT
expires
Fri, 07 Jul 2023 04:26:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7AD4 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
URL: https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
372ee4f606f66d460727f0502b688f2049ce405679f274e8fb1ed175417479a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29790
x-xss-protection
0
server
cafe
etag
4661881725859498467
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 07 Jul 2023 04:26:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AD4 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AhzT5PPCeLdYldoKgbW7maEPXjpyzCTA4itlafVgXoeZpmsP99yUvvHBKg_56FG8x9OUyG7I-_nvT674wVlYizsp6c3pgOsK_MCrvwgGdg7xcLLa0
Requested by
Host: 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
URL: https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AD4 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8217242902694974580&x=1&ct=77
Requested by
Host: 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
URL: https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 7AD4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
URL: https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 20:54:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
27089
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 Jul 2023 20:54:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 7AD4 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
URL: https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 17:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
40026
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 Jul 2023 17:19:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7AD4 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
URL: https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1688579601580341"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Jul 2023 04:26:16 GMT
rum
dsum-sec.casalemedia.com/ Frame A83A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0vcYLnzCPiv_43SQjUbhs&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0vcYLnzCPiv_43SQjUbhs&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0vcYLnzCPiv_43SQjUbhs&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi2u9DGATAB&v=APEucNWqYhb9GMA1Y-u0y40zHlRErKYqMKNOkHXKtiAXlRSXHvtmMkcjOhcJQkbLpzLYusWHMgt_IMZHhbzh8y6sHqXMH5lf_kMNnbPietO-RSKcIt7kpM0nG3Tpc2GTJ4VNQ5vxLXUQuv7vICJWEWhFGJEhSVKKfk1t7jAoRm03-PNQqSdT5-o
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 Jul 2023 04:26:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 07 Jul 2023 04:26:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESED0vcYLnzCPiv_43SQjUbhs&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame A83A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKeT6YY1Ybj.S6B2bOU6cgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0vcYLnzCPiv_43SQjUbhs&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0vcYLnzCPiv_43SQjUbhs&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi2u9DGATAB&v=APEucNWqYhb9GMA1Y-u0y40zHlRErKYqMKNOkHXKtiAXlRSXHvtmMkcjOhcJQkbLpzLYusWHMgt_IMZHhbzh8y6sHqXMH5lf_kMNnbPietO-RSKcIt7kpM0nG3Tpc2GTJ4VNQ5vxLXUQuv7vICJWEWhFGJEhSVKKfk1t7jAoRm03-PNQqSdT5-o
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 Jul 2023 04:26:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED0vcYLnzCPiv_43SQjUbhs&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame A83A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDVwM3-DwKxxthrzaLbnwwQ&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDVwM3-DwKxxthrzaLbnwwQ%26google_cver%3D1
43 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDVwM3-DwKxxthrzaLbnwwQ%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi2u9DGATAB&v=APEucNWqYhb9GMA1Y-u0y40zHlRErKYqMKNOkHXKtiAXlRSXHvtmMkcjOhcJQkbLpzLYusWHMgt_IMZHhbzh8y6sHqXMH5lf_kMNnbPietO-RSKcIt7kpM0nG3Tpc2GTJ4VNQ5vxLXUQuv7vICJWEWhFGJEhSVKKfk1t7jAoRm03-PNQqSdT5-o
Protocol
H2
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:17 GMT
an-x-request-uuid
31a86711-3940-4133-959a-dbc9079b140a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.158.248.94; 195.158.248.94; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:17 GMT
an-x-request-uuid
b9c011ec-fdb9-440a-ac24-e27f1c659420
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDVwM3-DwKxxthrzaLbnwwQ%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
195.158.248.94; 195.158.248.94; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A83A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1NDU0NzI5MzQ1NDgwNDAxMw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1NDU0NzI5MzQ1NDgwNDAxMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi2u9DGATAB&v=APEucNWqYhb9GMA1Y-u0y40zHlRErKYqMKNOkHXKtiAXlRSXHvtmMkcjOhcJQkbLpzLYusWHMgt_IMZHhbzh8y6sHqXMH5lf_kMNnbPietO-RSKcIt7kpM0nG3Tpc2GTJ4VNQ5vxLXUQuv7vICJWEWhFGJEhSVKKfk1t7jAoRm03-PNQqSdT5-o
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:17 GMT
an-x-request-uuid
570e2107-5238-4163-9739-7bd1ff32a5da
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1NDU0NzI5MzQ1NDgwNDAxMw%3D%3D
x-proxy-origin
195.158.248.94; 195.158.248.94; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AD4 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9577986828736&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AD4 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9577986828736&version=m202306200101&ct=77&x=1&cor=8217242902694974000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7AD4 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClsdxIpSCKMAkqsmIWds8b66p2S47vXJbZG9cesmghR4deWtalCOaeiml2ngeSc46VlEE0Gp720InbSlc9-fQAB2l1IwN7i0BI67jno3d5Qtb0ysqxHFH-TAjke9J6RcP_l45sZdM9RaWoc0pfNohpq0ZrJPUSnBxh8UFya-zeIUl5iCw&cry=1&dbm_d=AKAmf-Ds8bew9ngmOML9KSKM4F1eyZhB8GLigMadgsj-AwQtD2-wpWiJb6FtubD4DkhFscT50y7_xgGYvtzB2IkoJhSOWHKhJ7Vobpr3WQIVhdREZSysdu2fMTeHtWdJ0gkpcXP27KuV8LMsOdn3UbK-bUkUMNFYkxBJIhc4Cv1SJXaDJxUvEySPU63WFaBhk4hs0iPPxi2QiWdTqziX-AMhf6SRfXZuec2nIXbgxzbC30sVDk_q6RR_80-VkvIlv8rYyAJXyiF3RMs7Auwng7j1ARsSYQFTgJJoes9XGcAu-TOUXN8Kl_XHZkgP4W6aWY18CbpsUx_6zIJSlCzDrGvcbtKadlXCZA1R0HItCYk1Tq1Oi8fRuumwi71DlUiU2TYqqTzD60lCcBdgguq9cgD45H6qlSpaAm_XYMhx4L0-eeWCHqitpu89hoDg3IAWWQUvjiMKqAK7H2UIskqhVQWIy0Jw0JvHDiUgk6aavgl-mW7aIqqJW8kcoizuQX6UlkAtv6yhzS7l97nAurkXD21a0JeLOQ9ncFMCW-m1evxJTETus9Tc1j0Nhj7VXEJ15TjeMX5mBCJQ8ztVSODKmkE33xfXnABd6e3nTLnJFLxdcjP5ZyGr2hXONNHGvwEsVN3p0_YVjdLq3cODq7pQVW_NVfrf39TXN46PCyhSoBjH9qk9Cu5OHX2MVf4oWL-Lp-Kw82B51jthg_CoCI_DaqRkOOO-6zsMUsGZfO9BTL1tAuSWRA4LP_70648EuonVvGU4s-SUnOE3q3MWP2rD9ltJIKR8R32mtxYEGpoidhPhXeqbdSAwYib-iqg_GJlY09Rfo4NbsGdBuAnwPK7YyaP7qz6zlYJodj3-sgmKgqoFqCfdw85Q5YbTJfjDSq1Ohf4Hzx_ptSajrLCdLdds77iovxE1lYwTZnCLFxbthTPcWBhDiCLWuPBbYRdGIcLpa7frPeCO3PYR5OKCN3ZEia_7TV3zMZOej8k0ncqIZeoY1G9E8KkXxWIVQgXvsH6P6PceeV_SDw5WxAz6eKHFQ44pDKOGYiwL-c03nC931cwDhwxmu44I431YH0yR6vgtx44T1m2wdHrsRS5Av_4OKTiPSJNN-f1Q4EPDP1pBT6v0fjgIvYzEptj9nRVTfJYAwlfVdwskJfNkJrbj4zM1MmyHUtIY6XQwZobeqG0rfZhrwhEnP4ouQj6tYnGc7KpgZ7a2MRhIFTFgV4WW7WmErlp2IijKSb3intA5Szjkvkq_xMjaXbYJzTaBv_EAB7ZhbSA3XLyH-uu8Ju5LFr28MOuyxTFmCfm6G5Dd2sCmYc4FWcmUCj5OgUh1J6FZQN2vJwtN95vgG1gUKJsKFVLr_6nRXkRrvGR0jWi6h70guCtIoHlhmbS9zPE-M3Id8nqAfS64mxns8MtVJgByrHI4fvGauD2b-j3O40-q38R21jrizxTvpeqL6XSNTmgCzjsiyhXe5slFxrq8Snais9OH3BeAjbwFN7Y66dktaJvpXrin9Ego6hv6oc1n8kRQcDAQlDAoLH88S40BRujYz87vSDTKorbdwlreyWt9cxkOloM7-LktEWpmFEEXh1G9kkT6m2k-L4QlMWNqwbJWLL8wvfEAyjEhTbaeDF7RyOSIIRNE1LhGzd68nZOtUQiCGPYOhRCNvI8Uz7CL62sULoz9QYVklFhEn_EhJkmf7tObkcq7dSLHhWu2d0XPS0VdMK70xFwUYLQ-QLGQ3QOubEmYNARiC74YW2eg9Ek5hBa4ap3sLIAR7yjrmQ8veqggiJMoehDDW2ZqbDxRPTRqFqCVdDofE-4RS4khbacLbNkH062Xc2m0nJfQMmENfRkL8ogsKoeBnQ9wtkruvPHKXHqJuZOcqrSmWYrDGThmInfqMnS_RXomdbIau8KUsSQtX-TM7PBKzrNeYBhOkkOm1cLK2RH0zzQk53COVsvLFWveqSlhO475yHev7o6qVIViR9F1fnb272L25LqnM_KpZ41jkoUeGTa9CkeXr4wIzgVi_CbGn4FPQgVTypwWXxYJwzKBHuMBuQnvictrtS-TDzYRBFy1_5UjxQox7-NfXNa44id9I9bBTTmQjrpPXS4umAoufTJOYU-Z3YGR6lV2Iyu9S3OcQWPjt8Kcr5dD0-oBiwzmMNwRUsdMnhURtafdhQoTNdPQEYpthLZZ5bwdJS76g1whyOFdv76AhxonM90XZfmXOxgo0rAIlxedPzUoOsalk_5g5j4ZF--ZA3sq7sPNRFy43oilAyu2aDt5YHDCSk22-5HvX1ZKmWFaWZcWN53HM6khuvuDArs1hR-9BqIxEbNDpS8OzIGuoRsmurePlWyxY7w9e1Rcpx1YDN0_z6SugPN_BAxVftrGiL0mf1JNgPs9W9Y9CUI9ysGNqiL7xTWvAdSz4n5l8ceJbaGnZkJO86Hcf4QOaVydgvl7O3jkHbnMvAM0H3rViLjxkwZIYUDBMT_t4qs6VSX6d5YmpGOlvvVpA-7B16BzWJOBOmwCJ9k_LS9Z-B-8hmjC6JmtOvGqBVYbMJxYUNPKFEvPkn1ZtqnEKJdTfJNTajyks7A6CGMIMJ7oJRjn1XbcctozI5fmcJCpFlsf37VIIQuCCyP8ap5d1aFelKzJ2PeBjeLLZvUJpmvliCMmi1il6WPhNICyNfODjjIB2MM_30lK6_Quif3oL3HALrwy88OgO8wa2w6OtETMAFirMPPRzcPPiPUVjgpweCXqmOxYl1g6-JgZYOt-U4e32LaajMa00ErKQEMrV0jSBnfNnOISanRM41Un5Z0vqOeO0J06vv4jjqVxdLWQ4-dkGlmSCG4WQvP0oYjcCpij7ClSPmSdj8Ou_9mRmgSZhRND3kd1yRJKa8GFDeWAFB0JC6UpPhyHWEaIiDHCioW4doc--TDfPW2hesdcvO3odpNPf174HTju0_SQdKkkLNqN5omdS8lhKk8eckuU9iMnQrAnWloeKFd0QfOSUSu_W-DfxYMkbxL8vbswIJSMdaLNc8njTD9Iw6SH7cE8JN3KMdRXrhXajXVRyyGHBLHQMzU5xuUuWcTQU2kUtjELR2vGL-UUwboEzAxxi9Z3w5y0OqMBjM2Vn_aAy81RquZZb_6yhmAqMBmQjwTlTEhe_Y1zfCY2Exzj6rxRBQl7dpvsBBdPDIhcXbDmA0q0I5s06_yZ-6kmUXoxHSTcftpbBSSbgBpUxGZwTpVxY8muueAztllG51dOzzS6jQa3wqhvx8kfmkfLItIAc67Epc5To9XmZnqugV6ThwQwGXO-fWpkvIDxJ7azy617ODrev0aMC-RxAw8Ha-znvFskSsnuCuSmug4-5ZUJOHwlj-vcte21H82ci8F4dXHtFHPB_ITdkh0dTEkixQkJUsZutIKaID1iigTk7SGl7nlwRZOMxtR0tO1OGVp1itMSGR5gjOc8lmPunKkUduVkdKZf9tyG1wXHsKKqTYWs6XGNoL62KySnZk9ekqR3AY-nu-x7Ny3F_lBwkrRpTddcZcuS78MTi7osp3kSR-5LZuTrBplDJcy9aHIg-NE86EsIHa_gSNFarnTUJv6DQenPioChMKG-MwnqHTDWwkY5ThS3D9Ewx2TS7s1UWW5c6IaNuhKMR2aWi3PvHBycxAxrr9PX8Dibd1R5nriHbgTdYdm2j7alNU28jDMdz8SUl6X_d6-_ILoytyvEt74&cid=CAQSTABpAlJW4_pLeBR0i7BBqPn6_6nykS0kw5nN_3UjasmWmiUGS8cOgHkmg7-6Es3NoIkJJqMZ2eaaSFeTrrz_JFTG-QTFoktp0Mtj0gcYAQ&dc_eid=31075530&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.plurk.com%2F&ds=l&xdt=1&iif=1&cor=8217242902694974000&adk=356101037&idt=359&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
884889f50ba45deef28e847245f22d8a47c5a28e7b267b9c50e035212d1d6981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11853
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7AD4 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClsdxIpSCKMAkqsmIWds8b66p2S47vXJbZG9cesmghR4deWtalCOaeiml2ngeSc46VlEE0Gp720InbSlc9-fQAB2l1IwN7i0BI67jno3d5Qtb0ysqxHFH-TAjke9J6RcP_l45sZdM9RaWoc0pfNohpq0ZrJPUSnBxh8UFya-zeIUl5iCw&cry=1&dbm_d=AKAmf-Ds8bew9ngmOML9KSKM4F1eyZhB8GLigMadgsj-AwQtD2-wpWiJb6FtubD4DkhFscT50y7_xgGYvtzB2IkoJhSOWHKhJ7Vobpr3WQIVhdREZSysdu2fMTeHtWdJ0gkpcXP27KuV8LMsOdn3UbK-bUkUMNFYkxBJIhc4Cv1SJXaDJxUvEySPU63WFaBhk4hs0iPPxi2QiWdTqziX-AMhf6SRfXZuec2nIXbgxzbC30sVDk_q6RR_80-VkvIlv8rYyAJXyiF3RMs7Auwng7j1ARsSYQFTgJJoes9XGcAu-TOUXN8Kl_XHZkgP4W6aWY18CbpsUx_6zIJSlCzDrGvcbtKadlXCZA1R0HItCYk1Tq1Oi8fRuumwi71DlUiU2TYqqTzD60lCcBdgguq9cgD45H6qlSpaAm_XYMhx4L0-eeWCHqitpu89hoDg3IAWWQUvjiMKqAK7H2UIskqhVQWIy0Jw0JvHDiUgk6aavgl-mW7aIqqJW8kcoizuQX6UlkAtv6yhzS7l97nAurkXD21a0JeLOQ9ncFMCW-m1evxJTETus9Tc1j0Nhj7VXEJ15TjeMX5mBCJQ8ztVSODKmkE33xfXnABd6e3nTLnJFLxdcjP5ZyGr2hXONNHGvwEsVN3p0_YVjdLq3cODq7pQVW_NVfrf39TXN46PCyhSoBjH9qk9Cu5OHX2MVf4oWL-Lp-Kw82B51jthg_CoCI_DaqRkOOO-6zsMUsGZfO9BTL1tAuSWRA4LP_70648EuonVvGU4s-SUnOE3q3MWP2rD9ltJIKR8R32mtxYEGpoidhPhXeqbdSAwYib-iqg_GJlY09Rfo4NbsGdBuAnwPK7YyaP7qz6zlYJodj3-sgmKgqoFqCfdw85Q5YbTJfjDSq1Ohf4Hzx_ptSajrLCdLdds77iovxE1lYwTZnCLFxbthTPcWBhDiCLWuPBbYRdGIcLpa7frPeCO3PYR5OKCN3ZEia_7TV3zMZOej8k0ncqIZeoY1G9E8KkXxWIVQgXvsH6P6PceeV_SDw5WxAz6eKHFQ44pDKOGYiwL-c03nC931cwDhwxmu44I431YH0yR6vgtx44T1m2wdHrsRS5Av_4OKTiPSJNN-f1Q4EPDP1pBT6v0fjgIvYzEptj9nRVTfJYAwlfVdwskJfNkJrbj4zM1MmyHUtIY6XQwZobeqG0rfZhrwhEnP4ouQj6tYnGc7KpgZ7a2MRhIFTFgV4WW7WmErlp2IijKSb3intA5Szjkvkq_xMjaXbYJzTaBv_EAB7ZhbSA3XLyH-uu8Ju5LFr28MOuyxTFmCfm6G5Dd2sCmYc4FWcmUCj5OgUh1J6FZQN2vJwtN95vgG1gUKJsKFVLr_6nRXkRrvGR0jWi6h70guCtIoHlhmbS9zPE-M3Id8nqAfS64mxns8MtVJgByrHI4fvGauD2b-j3O40-q38R21jrizxTvpeqL6XSNTmgCzjsiyhXe5slFxrq8Snais9OH3BeAjbwFN7Y66dktaJvpXrin9Ego6hv6oc1n8kRQcDAQlDAoLH88S40BRujYz87vSDTKorbdwlreyWt9cxkOloM7-LktEWpmFEEXh1G9kkT6m2k-L4QlMWNqwbJWLL8wvfEAyjEhTbaeDF7RyOSIIRNE1LhGzd68nZOtUQiCGPYOhRCNvI8Uz7CL62sULoz9QYVklFhEn_EhJkmf7tObkcq7dSLHhWu2d0XPS0VdMK70xFwUYLQ-QLGQ3QOubEmYNARiC74YW2eg9Ek5hBa4ap3sLIAR7yjrmQ8veqggiJMoehDDW2ZqbDxRPTRqFqCVdDofE-4RS4khbacLbNkH062Xc2m0nJfQMmENfRkL8ogsKoeBnQ9wtkruvPHKXHqJuZOcqrSmWYrDGThmInfqMnS_RXomdbIau8KUsSQtX-TM7PBKzrNeYBhOkkOm1cLK2RH0zzQk53COVsvLFWveqSlhO475yHev7o6qVIViR9F1fnb272L25LqnM_KpZ41jkoUeGTa9CkeXr4wIzgVi_CbGn4FPQgVTypwWXxYJwzKBHuMBuQnvictrtS-TDzYRBFy1_5UjxQox7-NfXNa44id9I9bBTTmQjrpPXS4umAoufTJOYU-Z3YGR6lV2Iyu9S3OcQWPjt8Kcr5dD0-oBiwzmMNwRUsdMnhURtafdhQoTNdPQEYpthLZZ5bwdJS76g1whyOFdv76AhxonM90XZfmXOxgo0rAIlxedPzUoOsalk_5g5j4ZF--ZA3sq7sPNRFy43oilAyu2aDt5YHDCSk22-5HvX1ZKmWFaWZcWN53HM6khuvuDArs1hR-9BqIxEbNDpS8OzIGuoRsmurePlWyxY7w9e1Rcpx1YDN0_z6SugPN_BAxVftrGiL0mf1JNgPs9W9Y9CUI9ysGNqiL7xTWvAdSz4n5l8ceJbaGnZkJO86Hcf4QOaVydgvl7O3jkHbnMvAM0H3rViLjxkwZIYUDBMT_t4qs6VSX6d5YmpGOlvvVpA-7B16BzWJOBOmwCJ9k_LS9Z-B-8hmjC6JmtOvGqBVYbMJxYUNPKFEvPkn1ZtqnEKJdTfJNTajyks7A6CGMIMJ7oJRjn1XbcctozI5fmcJCpFlsf37VIIQuCCyP8ap5d1aFelKzJ2PeBjeLLZvUJpmvliCMmi1il6WPhNICyNfODjjIB2MM_30lK6_Quif3oL3HALrwy88OgO8wa2w6OtETMAFirMPPRzcPPiPUVjgpweCXqmOxYl1g6-JgZYOt-U4e32LaajMa00ErKQEMrV0jSBnfNnOISanRM41Un5Z0vqOeO0J06vv4jjqVxdLWQ4-dkGlmSCG4WQvP0oYjcCpij7ClSPmSdj8Ou_9mRmgSZhRND3kd1yRJKa8GFDeWAFB0JC6UpPhyHWEaIiDHCioW4doc--TDfPW2hesdcvO3odpNPf174HTju0_SQdKkkLNqN5omdS8lhKk8eckuU9iMnQrAnWloeKFd0QfOSUSu_W-DfxYMkbxL8vbswIJSMdaLNc8njTD9Iw6SH7cE8JN3KMdRXrhXajXVRyyGHBLHQMzU5xuUuWcTQU2kUtjELR2vGL-UUwboEzAxxi9Z3w5y0OqMBjM2Vn_aAy81RquZZb_6yhmAqMBmQjwTlTEhe_Y1zfCY2Exzj6rxRBQl7dpvsBBdPDIhcXbDmA0q0I5s06_yZ-6kmUXoxHSTcftpbBSSbgBpUxGZwTpVxY8muueAztllG51dOzzS6jQa3wqhvx8kfmkfLItIAc67Epc5To9XmZnqugV6ThwQwGXO-fWpkvIDxJ7azy617ODrev0aMC-RxAw8Ha-znvFskSsnuCuSmug4-5ZUJOHwlj-vcte21H82ci8F4dXHtFHPB_ITdkh0dTEkixQkJUsZutIKaID1iigTk7SGl7nlwRZOMxtR0tO1OGVp1itMSGR5gjOc8lmPunKkUduVkdKZf9tyG1wXHsKKqTYWs6XGNoL62KySnZk9ekqR3AY-nu-x7Ny3F_lBwkrRpTddcZcuS78MTi7osp3kSR-5LZuTrBplDJcy9aHIg-NE86EsIHa_gSNFarnTUJv6DQenPioChMKG-MwnqHTDWwkY5ThS3D9Ewx2TS7s1UWW5c6IaNuhKMR2aWi3PvHBycxAxrr9PX8Dibd1R5nriHbgTdYdm2j7alNU28jDMdz8SUl6X_d6-_ILoytyvEt74&cid=CAQSTABpAlJW4_pLeBR0i7BBqPn6_6nykS0kw5nN_3UjasmWmiUGS8cOgHkmg7-6Es3NoIkJJqMZ2eaaSFeTrrz_JFTG-QTFoktp0Mtj0gcYAQ&dc_eid=31075530&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.plurk.com%2F&ds=l&xdt=1&iif=1&cor=8217242902694974000&adk=356101037&idt=359&cac=0&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
225222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jul 2024 13:52:35 GMT
jbzgseo1l670
hal9000.redintelligence.net/zone/ Frame 7AD4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/jbzgseo1l670?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpTIx6JOnZNS_FM6EjuwPy-C82A2e2ZahaaGbofvbD_AuEAEg9JeCNWDthICAvBvIAQmpAg2p9GjZRbI-qAMBqgTmAU_QH-Nkw3ecMC3ol6cItysDUtz4GzBCz8ryV1HUrmzthsv60EpTt-hAcoghSPe2c6lPhbg69VOkLugmrRlfII28vexJkF0mPaa2J0wftZqN5H1UqrKjFdd_y2jOkHjMyIYXGP9JnztrCJeA1OOx684f2q6OoEDZntNOo5jngXDxOFd5VP4MRXf3w8GRnaY6Bchy93LpxSCgiYRWoUrp7nH0zi3YNOYaPtnl0QMoj6PE7P389vkbRFPjOueU0sp-ziSMN-Qs--tYrryfzK5tLpTqwa9Ymn8oObMUtp4OY15tmlUsexZAwATX9ZbS8wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJW4_pLeBR0i7BBqPn6_6nykS0kw5nN_3UjasmWmiUGS8cOgHkmg7-6Es3NoIkJJqMZ2eaaSFeTrrz_JFTG-QTFoktp0Mtj0gcYAQ%26sig%3DAOD64_0RMnGSVsWKZrW_ec4it5q0t6iYpg%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BPkLf-QGwfI34Jx56OYpzZeE43mMO06MjQXNweqD4SVweXE1Jr4DoyhoCax7jRoRzRjnI6wrXR32jt_8r5Qhsxub6_x-dKqDIDH4oHe9C9VkjFMIvOGlfCIDt76dXhpZHmvI8ZRhY4WN1KtiSVzsyQOdtDxaqZfT9OXf3SpRFYg123iBY%26cry%3D1%26dbm_d%3DAKAmf-BQg7sxh-LLEbas1CeVzQBTOLYmdm1yrW4S4TomJ0gyQfWo02wxsizSHsmOlZ-B-LmWrNVz8huFyPaNIh0NiLwC44DkYE_yZ5A3Yrv_bQkj-x6QmyivSHTFfJrZugzo2dE3aWfvDm_8dlL2vxPIbjZ5BiLATYkV0XOEhh46cay7SOfP7oTlhMDTeFMA_kFBNDFBliH5k7AuTpgxSV7RCtalRDjgwInxNJgFK6eGMv8QSINMn7d4Ulwwqku1LIXLsc5FtNrTmvTC4AkhG8d9EcbmPgiv5kcJAqX7Uc1sj--7BvwjZrdETePhlp9Ql7DLMley1bZrwaJ59Iduyy3lEX_Z5tnWczVR26yiaGkl7pI4p3SFTeq0zhnFljATjlDTZu7rkmtpAp9BjZDae3TiCuu8swjcO-CtiOy96iFBgusGbHqrtalnfJUbNx7FO9MLzAyf_DZyIr4P7YyM2vb7egldbKSSF3kUc8tJpJuLBt4ciPmxwMkidbGJDeGhp3QZ_Qt0th4iOatsc433p0vEtFYgEd0iRdLOpv4evntixE5hSmwuWvx6oTBT08cQlbvCm52sgQQ5%26adurl%3D
Requested by
Host: 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
URL: https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
ca1c17876e8f3e8e314798d432307a10f62026fbec7bbeac904f4b6471119c92

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 Jul 2023 04:26:17 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4104
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5EDA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
46407
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jul 2023 15:32:50 GMT
expires
Fri, 05 Jul 2024 15:32:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame 5EDA 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 09:16:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
68963
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jul 2024 09:16:54 GMT
request.php
hal900014.redintelligence.net/ Frame 7AD4
Redirect Chain
  • https://hal900014.redintelligence.net/request.php?zone=jbzgseo1l670&nw=20&renderingType=javascript&namespace=e52907cac5&subid=&uid=2540d50eb31e5d30&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900014.redintelligence.net/request.php?zone=jbzgseo1l670&nw=20&renderingType=javascript&namespace=e52907cac5&subid=&uid=2540d50eb31e5d30&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request.php?zone=jbzgseo1l670&nw=20&renderingType=javascript&namespace=e52907cac5&subid=&uid=2540d50eb31e5d30&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpTIx6JOnZNS_FM6EjuwPy-C82A2e2ZahaaGbofvbD_AuEAEg9JeCNWDthICAvBvIAQmpAg2p9GjZRbI-qAMBqgTmAU_QH-Nkw3ecMC3ol6cItysDUtz4GzBCz8ryV1HUrmzthsv60EpTt-hAcoghSPe2c6lPhbg69VOkLugmrRlfII28vexJkF0mPaa2J0wftZqN5H1UqrKjFdd_y2jOkHjMyIYXGP9JnztrCJeA1OOx684f2q6OoEDZntNOo5jngXDxOFd5VP4MRXf3w8GRnaY6Bchy93LpxSCgiYRWoUrp7nH0zi3YNOYaPtnl0QMoj6PE7P389vkbRFPjOueU0sp-ziSMN-Qs--tYrryfzK5tLpTqwa9Ymn8oObMUtp4OY15tmlUsexZAwATX9ZbS8wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJW4_pLeBR0i7BBqPn6_6nykS0kw5nN_3UjasmWmiUGS8cOgHkmg7-6Es3NoIkJJqMZ2eaaSFeTrrz_JFTG-QTFoktp0Mtj0gcYAQ%26sig%3DAOD64_0RMnGSVsWKZrW_ec4it5q0t6iYpg%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BPkLf-QGwfI34Jx56OYpzZeE43mMO06MjQXNweqD4SVweXE1Jr4DoyhoCax7jRoRzRjnI6wrXR32jt_8r5Qhsxub6_x-dKqDIDH4oHe9C9VkjFMIvOGlfCIDt76dXhpZHmvI8ZRhY4WN1KtiSVzsyQOdtDxaqZfT9OXf3SpRFYg123iBY%26cry%3D1%26dbm_d%3DAKAmf-BQg7sxh-LLEbas1CeVzQBTOLYmdm1yrW4S4TomJ0gyQfWo02wxsizSHsmOlZ-B-LmWrNVz8huFyPaNIh0NiLwC44DkYE_yZ5A3Yrv_bQkj-x6QmyivSHTFfJrZugzo2dE3aWfvDm_8dlL2vxPIbjZ5BiLATYkV0XOEhh46cay7SOfP7oTlhMDTeFMA_kFBNDFBliH5k7AuTpgxSV7RCtalRDjgwInxNJgFK6eGMv8QSINMn7d4Ulwwqku1LIXLsc5FtNrTmvTC4AkhG8d9EcbmPgiv5kcJAqX7Uc1sj--7BvwjZrdETePhlp9Ql7DLMley1bZrwaJ59Iduyy3lEX_Z5tnWczVR26yiaGkl7pI4p3SFTeq0zhnFljATjlDTZu7rkmtpAp9BjZDae3TiCuu8swjcO-CtiOy96iFBgusGbHqrtalnfJUbNx7FO9MLzAyf_DZyIr4P7YyM2vb7egldbKSSF3kUc8tJpJuLBt4ciPmxwMkidbGJDeGhp3QZ_Qt0th4iOatsc433p0vEtFYgEd0iRdLOpv4evntixE5hSmwuWvx6oTBT08cQlbvCm52sgQQ5%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=9988267160874&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
URL: https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
b4c0614e213420ece5dd52c755571dd266575a57cf5a2bbc59afd47690af5cb0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 Jul 2023 04:26:18 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
88188500013087504452094012378014
Connection
close
Content-Length
330
Expires
Fri, 07 Jul 2023 05:26:18 +0200

Redirect headers

Pragma
no-cache
Date
Fri, 07 Jul 2023 04:26:17 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=jbzgseo1l670&nw=20&renderingType=javascript&namespace=e52907cac5&subid=&uid=2540d50eb31e5d30&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpTIx6JOnZNS_FM6EjuwPy-C82A2e2ZahaaGbofvbD_AuEAEg9JeCNWDthICAvBvIAQmpAg2p9GjZRbI-qAMBqgTmAU_QH-Nkw3ecMC3ol6cItysDUtz4GzBCz8ryV1HUrmzthsv60EpTt-hAcoghSPe2c6lPhbg69VOkLugmrRlfII28vexJkF0mPaa2J0wftZqN5H1UqrKjFdd_y2jOkHjMyIYXGP9JnztrCJeA1OOx684f2q6OoEDZntNOo5jngXDxOFd5VP4MRXf3w8GRnaY6Bchy93LpxSCgiYRWoUrp7nH0zi3YNOYaPtnl0QMoj6PE7P389vkbRFPjOueU0sp-ziSMN-Qs--tYrryfzK5tLpTqwa9Ymn8oObMUtp4OY15tmlUsexZAwATX9ZbS8wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJW4_pLeBR0i7BBqPn6_6nykS0kw5nN_3UjasmWmiUGS8cOgHkmg7-6Es3NoIkJJqMZ2eaaSFeTrrz_JFTG-QTFoktp0Mtj0gcYAQ%26sig%3DAOD64_0RMnGSVsWKZrW_ec4it5q0t6iYpg%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BPkLf-QGwfI34Jx56OYpzZeE43mMO06MjQXNweqD4SVweXE1Jr4DoyhoCax7jRoRzRjnI6wrXR32jt_8r5Qhsxub6_x-dKqDIDH4oHe9C9VkjFMIvOGlfCIDt76dXhpZHmvI8ZRhY4WN1KtiSVzsyQOdtDxaqZfT9OXf3SpRFYg123iBY%26cry%3D1%26dbm_d%3DAKAmf-BQg7sxh-LLEbas1CeVzQBTOLYmdm1yrW4S4TomJ0gyQfWo02wxsizSHsmOlZ-B-LmWrNVz8huFyPaNIh0NiLwC44DkYE_yZ5A3Yrv_bQkj-x6QmyivSHTFfJrZugzo2dE3aWfvDm_8dlL2vxPIbjZ5BiLATYkV0XOEhh46cay7SOfP7oTlhMDTeFMA_kFBNDFBliH5k7AuTpgxSV7RCtalRDjgwInxNJgFK6eGMv8QSINMn7d4Ulwwqku1LIXLsc5FtNrTmvTC4AkhG8d9EcbmPgiv5kcJAqX7Uc1sj--7BvwjZrdETePhlp9Ql7DLMley1bZrwaJ59Iduyy3lEX_Z5tnWczVR26yiaGkl7pI4p3SFTeq0zhnFljATjlDTZu7rkmtpAp9BjZDae3TiCuu8swjcO-CtiOy96iFBgusGbHqrtalnfJUbNx7FO9MLzAyf_DZyIr4P7YyM2vb7egldbKSSF3kUc8tJpJuLBt4ciPmxwMkidbGJDeGhp3QZ_Qt0th4iOatsc433p0vEtFYgEd0iRdLOpv4evntixE5hSmwuWvx6oTBT08cQlbvCm52sgQQ5%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=9988267160874&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Fri, 07 Jul 2023 05:26:17 +0200
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5EDA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZPRW6ZOnZMmGC9LL7_UPgsmnkAoAAAAAOAHgBAI&bg=!k5ClkMTNAAb90kgr3dI7ADkAdvg8WpTfYWrFVr4hMvJslY1mMgDIe4VDj651vr0186d4vvh1PDVet5B62BOKBTb9xO2o_gZIByoCAAAAZFIAAAAlaAEHCgAdsakjlGEqIKe1A8V9OK4o0cWn5h1dq2TPXoHFUXGZAvbM-Eyva9jsjER-KoAzoc3OvHlLeKxete0VPD0iiGYbfJeWtuEFJ0mvxjNXS2_VTF5E5K8VuvUlG0pJYVpWPa2B4Di7RevultQ9CBEGq4uukUYPtnAXT9DQnG0Gnz0tjCepRxE0zACIdfqM2jY-ahBpFWZl7FTlelOiOjK1VI7nNLAY-3nMwfGPc3-uIq0lxi2atU02lSQyOcXmkjeKGz5k8W9iJT-1P6vSGvp9wP6Fizmt4xP1sYp4rx_78LLO3R_64oE44IUAOn3V7GcqwB1U_QlXDXiMMhXuraT2MPzY6CvujAoP-CoIN0KYrmmKMToORZXjb7IrMF5pAZGDS14Xrl5ykVw2v-UoLn0hIbrTOC7Rweqt0nZghMuWvEnTfY_bRnY57NPzaobd5v_pyNC-eTCPI9k4NT4jt3maXqGwZM_uHs8ZsaW_n9Ecqkf6PZKxZ2Rk8TQMQDcXpnFlzdsnQqb8pm3Gfk5kyoIcrLVNkBqmEplx8TO7f_CoZYnovqDU-Lxo4H-FQ8HVqBwTyH7KSp0d0uJTLYUATxmABNCB6XnnqIHX6uAi5jr0HHhvyBw6HqqMYGtJXrJ7jDxAJ88wjcvTh97UVJmW8LDPzDpCUdK8r-3T3u5p5qBdj0FLqtMelgJhjNXdbC8pb7bP-_WfMLv3FND0TuOStcKufH8e0qOOYUoTYxk1AseAWqYNWW9rmQ6bwMez3fv6NiA67ndoT9k77tREU3DxYoO2j7TujRAEAjoXwMinPNQJRo3ybjDja3NCm090NGSc3vzCt-aBIauCwq7VnuUxH4ltke23iqOyPgfdFAn4toTc1assAbx8-nb7oBUXe3D-r0JXkXsZzGODBOmXCAI17fPp1IUXflzr7iC4kwkiobhn5lL9xUJQdFPx2b0RvbaY5LCgAnOKq_hPNFAhbIrCj30a5Yotn-jgoeOtWodxbCxP5A1Lw9owusGyekyJB1Gca41U3OrVSGPe_T4POt3AkZ_jPzgoTV3-_6la1w
Requested by
Host: 9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
URL: https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request_content.php
hal900014.redintelligence.net/ Frame 4837 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request_content.php?s=88188500013087504452094012378014&a=bc3a887e
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=jbzgseo1l670&nw=20&renderingType=javascript&namespace=e52907cac5&subid=&uid=2540d50eb31e5d30&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpTIx6JOnZNS_FM6EjuwPy-C82A2e2ZahaaGbofvbD_AuEAEg9JeCNWDthICAvBvIAQmpAg2p9GjZRbI-qAMBqgTmAU_QH-Nkw3ecMC3ol6cItysDUtz4GzBCz8ryV1HUrmzthsv60EpTt-hAcoghSPe2c6lPhbg69VOkLugmrRlfII28vexJkF0mPaa2J0wftZqN5H1UqrKjFdd_y2jOkHjMyIYXGP9JnztrCJeA1OOx684f2q6OoEDZntNOo5jngXDxOFd5VP4MRXf3w8GRnaY6Bchy93LpxSCgiYRWoUrp7nH0zi3YNOYaPtnl0QMoj6PE7P389vkbRFPjOueU0sp-ziSMN-Qs--tYrryfzK5tLpTqwa9Ymn8oObMUtp4OY15tmlUsexZAwATX9ZbS8wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE4z51g7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABpAlJW4_pLeBR0i7BBqPn6_6nykS0kw5nN_3UjasmWmiUGS8cOgHkmg7-6Es3NoIkJJqMZ2eaaSFeTrrz_JFTG-QTFoktp0Mtj0gcYAQ%26sig%3DAOD64_0RMnGSVsWKZrW_ec4it5q0t6iYpg%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BPkLf-QGwfI34Jx56OYpzZeE43mMO06MjQXNweqD4SVweXE1Jr4DoyhoCax7jRoRzRjnI6wrXR32jt_8r5Qhsxub6_x-dKqDIDH4oHe9C9VkjFMIvOGlfCIDt76dXhpZHmvI8ZRhY4WN1KtiSVzsyQOdtDxaqZfT9OXf3SpRFYg123iBY%26cry%3D1%26dbm_d%3DAKAmf-BQg7sxh-LLEbas1CeVzQBTOLYmdm1yrW4S4TomJ0gyQfWo02wxsizSHsmOlZ-B-LmWrNVz8huFyPaNIh0NiLwC44DkYE_yZ5A3Yrv_bQkj-x6QmyivSHTFfJrZugzo2dE3aWfvDm_8dlL2vxPIbjZ5BiLATYkV0XOEhh46cay7SOfP7oTlhMDTeFMA_kFBNDFBliH5k7AuTpgxSV7RCtalRDjgwInxNJgFK6eGMv8QSINMn7d4Ulwwqku1LIXLsc5FtNrTmvTC4AkhG8d9EcbmPgiv5kcJAqX7Uc1sj--7BvwjZrdETePhlp9Ql7DLMley1bZrwaJ59Iduyy3lEX_Z5tnWczVR26yiaGkl7pI4p3SFTeq0zhnFljATjlDTZu7rkmtpAp9BjZDae3TiCuu8swjcO-CtiOy96iFBgusGbHqrtalnfJUbNx7FO9MLzAyf_DZyIr4P7YyM2vb7egldbKSSF3kUc8tJpJuLBt4ciPmxwMkidbGJDeGhp3QZ_Qt0th4iOatsc433p0vEtFYgEd0iRdLOpv4evntixE5hSmwuWvx6oTBT08cQlbvCm52sgQQ5%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=9988267160874&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
39869b5e32332af2847d06a48ce970a5bddbd949c4b3d6117470ce864c063173

Request headers

Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2290
Content-Type
text/html; charset=utf-8
Date
Fri, 07 Jul 2023 04:26:18 GMT
Expires
Fri, 07 Jul 2023 05:26:18 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame 7AD4 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19135ea601658894111738cfe3595186315bcbca947479730ae7b15419d0fb7c

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 4837 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=88188500013087504452094012378014&a=bc3a887e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 08:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
588535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jun 2024 08:57:23 GMT
S-728x90.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame 4837 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/EN/S-728x90.gif
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=88188500013087504452094012378014&a=bc3a887e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.161.69.99.88.clients.your-server.de
Software
nginx /
Resource Hash
bb7af425c43258678e12b76bf22f6eaab51fd7dfd6e285131a86a3002d547ee9

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 Jul 2023 04:26:18 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:29 GMT
Server
nginx
ETag
"5b55f201-5fb9"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
24505
viewability
hal900014.redintelligence.net/ Frame 4837 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=88188500013087504452094012378014&a=3a488be9&vb=m
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=88188500013087504452094012378014&a=bc3a887e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://hal900014.redintelligence.net/request_content.php?s=88188500013087504452094012378014&a=bc3a887e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 Jul 2023 04:26:19 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 4837 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
0a746d6677d9b18243961c962d619abb68c5b2c31e1b5cc8415212ac0b02ae02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11849
x-xss-protection
0
rum
www.plurk.com/cdn-cgi/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.plurk.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.3.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.plurk.com/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Fri, 07 Jul 2023 04:26:19 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.plurk.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7e2d541e6ed14892-LIS
activeview
pagead2.googlesyndication.com/pcs/ Frame 7AD4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMxKN7In6wgJSe2ypJxUqJ02BF--qM49tS0zXDitZt5W7dlXuL3g0pdsxsAIT38Qw3ViI93aARXCjD6H-A31TNCbu9-xvq-GsNpPXroQxsN376BI0Ji2CBD62VTf0XOh8&sai=AMfl-YQH7XhJMaRijxUeQdc4MHHA3MlxKnaBEpHz4MJdKkeMjn3OVsgJZAJuKX8bF-P3IXc9fYyA325n-FcR2sFkGjTMGqKjWwyqUd9HB9IJ5iDrROyhIAnoxgl433xTfui-KwPwKoXUAtdJMNDfeA&sig=Cg0ArKJSzP20RWFrYScyEAE&cid=CAQSTABpAlJW4_pLeBR0i7BBqPn6_6nykS0kw5nN_3UjasmWmiUGS8cOgHkmg7-6Es3NoIkJJqMZ2eaaSFeTrrz_JFTG-QTFoktp0Mtj0gcYAQ&id=lidar2&mcvt=1000&p=463,436,553,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2499139215&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688703976659&rpt=1765&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 07 Jul 2023 04:26:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 623C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
26996
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jul 2023 20:56:23 GMT
expires
Fri, 05 Jul 2024 20:56:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 48D3 		783 B
999 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
bc1d83a9f977dd214bf3adefe7c75af097b63fe3d6bbffdc3702056041d7de6b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9Pmt0-4zg_ZsfTql8zmCSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.plurk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-9Pmt0-4zg_ZsfTql8zmCSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 07 Jul 2023 04:26:19 GMT
expires
Fri, 07 Jul 2023 04:26:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame 623C 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 09:16:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
68965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jul 2024 09:16:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 48D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306280101&jk=1199395227337751&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 623C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CWzE1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 04:26:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
viewability
hal900014.redintelligence.net/ Frame 4837 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=88188500013087504452094012378014&a=3a488be9&vb=v
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=88188500013087504452094012378014&a=bc3a887e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://hal900014.redintelligence.net/request_content.php?s=88188500013087504452094012378014&a=bc3a887e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 07 Jul 2023 04:26:20 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AD4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9577986828736&version=m202306200101&ct=77&x=1&cor=8217242902694974000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 07 Jul 2023 04:26:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306280101&jk=1199395227337751&bg=!HR6lHkrNAAb90kgr3dI7ADkAdvg8WpVIkoniNm2kAROqr30bn9CUQtadXNTE_I6BZWuKLpmzezzBJNd4jXqHdfbjVNlZU55r_E0CAAAATFIAAAAHaAEHCgAQ8_1-webMXU_O5MyAf3hBwZkCoU2n1yPic4jh59suPoBnGwXIUSQPYENfOsT98rGenAjFwrQrfvVZiArug1aZKf9YGib248fMA42Rky8M57y-Vvo0_5r0on8i6i3VjD60UmEfSs0NIFh7AKp-Mzg3y_GMvlsVKusAa5bT4tNs5AN_yIGrsYgkPxdOf32Uy4IqYh-AWpsy0FWfJQVIXLhcY-22CLoOR9OL74DSYKTvvH7q8Md5JTLaWe8ZtNh9iTSMnZy9HlfW46Lvl02abSltJkQFgQ5l0GE-iLH_E61k5SbrbItc0N3ZDWvvw7v7RDNzVMn2NpibXTUuqifiY8zXuL6yZ1Z0IuZNZR3prWT9EOgb9eMURM0G0NYnsuH3iSACuyWrnTl3NPZecAOmouHAQrAlIruSuUoAgp8ttKOuGf8Pn3lR8LQA2tLLx16yooxxlgzPFZFKZDbr3Ho9mGOQMi3YNhCIqf3iGXxAYH44biwfrK6eUrdvieuWhTX0uaKz2QGd5I7fEuV9bMf1vd1x1Bk3_OGQhUZUa6qTUTPyJjkyEM73P6EbtoFeZyuhwGuyM03h6Q5T8FJzIHDYZUPP79zU-denZBulpJn0MKCnSQMlfVT7pGyDCqgca6mSVc27JH7udv1ARfr3MXfo0_dPehelgJRMgxX_8yrye3z8JRSMmuu3P3eW1HiwHD34mkp8INMme__AGIEid34uNAqVfYW6aDYUrbC0QUHMA-rT8-d9A-Ft6g7uQcvN5bDSIpzeaXFjBx3i0idyNphNZ7M9XalKO2YASC7IJSSVK5TJKEyv3BQAtvg8kIz1-aYESQN4s8zNJ3pxVPdYFxwHA_ATkvOtcbFaA_54Ziwx1iinpVs1Jwy89cY41kZr8nV7yzYkql0NHARF_8gVml9EjypkoOcMnlI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| onbeforetoggle object| onscrollend object| __plurkChunk__ function| gettext function| _ function| ngettext function| format object| _i18n object| pmd function| $ function| jQuery function| setImmediate function| clearImmediate function| swal function| sweetAlert object| Handlebars function| $bu_getBrowser object| __translation function| gtag object| dataLayer function| $static_path function| $theme_path object| SETTINGS undefined| FRIENDS undefined| FANS object| GLOBAL string| LANG object| Languages object| regeneratorRuntime object| Cal function| cookieCapping function| ensureDateField function| ensureProperHTML function| formatDate function| getBody function| protocolRelative function| removeValue function| renderHTML function| shuffle function| userIdsToArray object| CLIQUES_DEFAULT object| CLIQUES_DEFAULT_TRANS object| EventsManager function| FeatureManager object| Features object| BroadcastStation object| Users object| SiteState object| HistoryManager function| copyTextToClipboard number| _popWindowCount number| _popWindowLayers object| _popWindows function| InfoOverlay object| FriendFanEditor function| FriendsSelectList function| UserComplete object| TopBar object| NotificationList function| PopView function| HoverPopView function| AddHoverToolTip function| PopWindow object| OpenX object| Banana object| LANG_QUAL object| EmoticonStatic object| EmoticonCustom object| EmoticonSelector object| PlurkAdder function| ShareControl function| PrivateOptions object| PlurksManager object| ResponsesManager object| Media object| pollManager object| PlurkElement function| PlurkEditor function| TimelineHolderLayout function| HorizontalTimelineHolderLayout function| VerticalTimelineHolderLayout function| PlurkTimelineHolder object| PrivatePlurking function| BookmarkEditor function| TagsSelectList function| TagComplete object| Badges function| cometNewPlurksCallback function| cometNewResponsesCallback object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| Themes object| google function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id object| gaGlobal object| PUBLIC_PLURKS object| PINNED_PLURK function| reactiveElementPolyfillSupport object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| __cfBeacon object| _buorgres object| tl_banana object| tl_native object| annoplurk function| PlurkTimeline object| cbox object| Poll object| TimeLine object| google_tag_manager function| onYouTubeIframeAPIReady object| GoogleGcLKhOms

12 Cookies

Domain/Path Name / Value
.plurk.com/ Name: plurkcookiea
Value: "XrcVzMhPq+myIzus4Iav3DzDasDgmupIQHE+7TQRUkw=?tid=bnVsbA==&user_id=bnVsbA=="
.plurk.com/ Name: _ga
Value: GA1.1.2031898007.1688703976
.plurk.com/ Name: _ga_15X0DLSVWS
Value: GS1.1.1688703976.1.0.1688703976.60.0.0
.plurk.com/ Name: __gads
Value: ID=f7379db58856aeae:T=1688703976:RT=1688703976:S=ALNI_Mb3P8X4Yc4SoGYeJLjMOAyPSz2hGQ
.plurk.com/ Name: __gpi
Value: UID=00000c386ed7cbbe:T=1688703976:RT=1688703976:S=ALNI_Mb2TDaUK6kwvN-jLfQ5vGwzOmkcxA
.doubleclick.net/ Name: IDE
Value: AHWqTUlk1OzbStNEB3DyKWwj9cd_jGJxf0W9qXViw8BWbWHpOGsaF3e7g-VXSLRB
.casalemedia.com/ Name: CMPS
Value: 1152
.casalemedia.com/ Name: CMPRO
Value: 1152
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?fw49mP!]tbPl1M>e)ZlrFUfJ+tGXxo7APp[C^#U@P::Fi??/xBi?M7[tX^Wg7t=U`V3If)y3KL9D3I?+kAw5Ed
.adnxs.com/ Name: uuid2
Value: 7694988072185472720
.casalemedia.com/ Name: CMID
Value: ZKeT6YY1Ybj.S6B2bOU6cwAA
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: b2b518f95b0abfba

4 Console Messages

Source Level URL
Text
javascript warning URL: https://s.plurk.com/abd3ac0abe551d5f3ce2.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/tag/js/gpt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://s.plurk.com/abd3ac0abe551d5f3ce2.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/tag/js/gpt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9ffd43c9c23bc97b13f11eb39e7d596f.safeframe.googlesyndication.com
adservice.google.com
ajax.googleapis.com
assets.plurk.com
avatars.plurk.com
cdn.contentspread.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900014.redintelligence.net
ib.adnxs.com
maps.googleapis.com
pagead2.googlesyndication.com
region1.analytics.google.com
s.plurk.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.pt
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.plurk.com
104.16.2.31
104.16.3.31
104.16.57.101
104.17.25.14
142.250.181.226
142.250.184.225
142.250.184.226
142.250.185.170
142.250.185.194
142.250.186.100
142.250.186.161
142.250.186.162
142.250.186.163
142.250.186.168
142.250.186.170
172.217.18.98
172.217.23.98
176.9.26.250
185.80.39.216
216.239.32.36
216.58.212.131
37.252.171.84
74.125.133.156
78.46.111.106
88.99.69.161
002885d15671018d6cbea9225dc9ece35a412108c16c533924d127bcc8e8bfdf
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
0361f506b535951b1107528370a1d245d14ffdd9a220f941bba1bca36c9f46ed
061b4f619a9f23d38351007a56b27d471ebb78d42ad8810fadf3c95bad1a19cf
0a746d6677d9b18243961c962d619abb68c5b2c31e1b5cc8415212ac0b02ae02
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edab90b9aef07767aeab207e3203c5c4d4273e0d67a8cc34fbb5ecf3300c33d
11d1bfaed1a228c9771d6bfd802871e12e0739faba53d638f409dc04fc9cf7a3
1252f0bcffb7fd804f437707c8ecf7ea4142074f53bcbb1207f413f633961bc0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
15f748eb9a9753b69b45bd0e8be0dfa1aeb35dbf6e7d13a9b288298351d7ddb7
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19135ea601658894111738cfe3595186315bcbca947479730ae7b15419d0fb7c
1e7d43630a261b51e2a419b892c4fa8aed22dcbc1cfc7e5f8a575771d5fbe67c
20a61a885b7c47ce2119ca7e9931de570f3ab1e4b1708148a5bf295ed34210b9
219de54043e38e0164af923d39852649a67ba02a9d652f6004e331e3f65ea1e7
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2be5ccecae9a8d7bf5a98a12487e876daa5c78f5a95a073092338a94ef653ba2
2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7
2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
372ee4f606f66d460727f0502b688f2049ce405679f274e8fb1ed175417479a4
3744e981846206ecc518b51a3e9965f56483c66d15860afdccab5de8de365f81
39869b5e32332af2847d06a48ce970a5bddbd949c4b3d6117470ce864c063173
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a20e81ebd7dbf6e6b87e350b031dfbaaa06b15e4137b6e2aa1dba7ae2b2b34
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
53c57f3d8a8f62bfde2ede957ffce8acb6d5054a1c9500048eb9de3f143f8d98
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5ecd8880061627cb0d50e6b607f4516aae823e994328e9b6f5b563c22facc235
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63351d6104df613cc0893c60e1c6ffb2bfd303221d58c97eacc77e087bc06746
73fc59edba6f816a30480db5282fc4e56568f7be798caf4acc94b6105eea7c83
86363036643f30e057563570a7d0eb00c5d5b4fbb4dd3e9e131c42823a052ed1
884889f50ba45deef28e847245f22d8a47c5a28e7b267b9c50e035212d1d6981
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
96fa4420031d35e58ed4ae65c71128ad4d765df6a0db6a8d24bceeabf98398a3
9c8e3e4314b9fec162c02d2174a3aae000ab8dc2bfe79ea9d3a9a707c8ed6568
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04d4619483e485e2f6a71fd76c8fad320f50e28e190e6ee0ba13b49aa995908
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a95027767d809704f436741936fe8ca5f89c5852bd48f5a85cee64c45778e879
acc80ce4169f5c924563b7e74c6a580fbf498fc5d3c95410dba9a3c43617eb1b
ad9311217cd0145627e75dccfd9b5bcfa9a7af11488d2bbccf86547661960e78
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4c0614e213420ece5dd52c755571dd266575a57cf5a2bbc59afd47690af5cb0
bb7af425c43258678e12b76bf22f6eaab51fd7dfd6e285131a86a3002d547ee9
bc1d83a9f977dd214bf3adefe7c75af097b63fe3d6bbffdc3702056041d7de6b
bd623daf8299579e9ca5a3eed490f9a4a325047805da0e593c0cfd9b022b4fdd
c59e26189a3b34cdb45a23f9764ca9801b5de69d08bfa1ae2921e366952f9ff9
c6ba48c6a14035cfbbadba55c209a5e1ee982398e87bad960b0e7b4176259da9
ca1c17876e8f3e8e314798d432307a10f62026fbec7bbeac904f4b6471119c92
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d3821145db827769b9c0d8b7cb077c2b5c1ea0a924cb77ec8a841082c8c92287
d9d53004c0926ed6690999b80eece2343816ed0218da7fa260a47bd5d256eb0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51a7e6710418fa43758820b5791171303d7e460a69ba4b5b849119aff4e1054
e726e9bab3cb1d819f5fad8dc0354ac90f3037656183b2f5832795f94723211d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629