www.plurk.com Open in urlscan Pro
2606:4700::6811:4503 Public Scan

URL:
https://www.plurk.com/p/of4uyi
Submission: On June 20 via manual (June 20th 2021, 3:42:29 am UTC) from VN

Summary HTTP 115 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 41 IPs in 9 countries across 25 domains to perform 115 HTTP transactions. The main IP is 2606:4700::6811:4503, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.plurk.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 17th 2020. Valid for: 2 years.

This is the only time www.plurk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700::68... 2606:4700::6811:4503	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	65.9.77.122 65.9.77.122	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2 6	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	54.178.71.123 54.178.71.123	16509 (AMAZON-02) (AMAZON-02)
3	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
4 7	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 5	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.135.234 185.29.135.234	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
115	41

19 2606:4700::6811:4503 (United States)

ASN13335 (CLOUDFLARENET, US)

www.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatars.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgs.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.plurk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 65.9.77.122 (United States)

ASN16509 (AMAZON-02, US)

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.210.196.208 (United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.181 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.178.71.123 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-71-123.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 210.59.219.180 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.175 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.234 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.76.93 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	plurk.com www.plurk.com s.plurk.com avatars.plurk.com imgs.plurk.com assets.plurk.com	267 KB
17	googlesyndication.com b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	76 KB
17	scupio.com img.scupio.com prebid.scupio.com bw.scupio.com rec.scupio.com	229 KB
14	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	146 KB
13	rubiconproject.com 6 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel-apac.rubiconproject.com pixel.rubiconproject.com	17 KB
12	criteo.com 2 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	6 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	aralego.com 1 redirects hb.aralego.com sync.aralego.com	1 KB
4	criteo.net static.criteo.net	107 KB
4	cloudflare.com cdnjs.cloudflare.com	54 KB
3	holmesmind.com 1 redirects ad.holmesmind.com c.holmesmind.com	981 B
3	google.com adservice.google.com www.google.com	804 B
3	googletagservices.com www.googletagservices.com	86 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	629 B
2	yahoo.com 1 redirects ads.yahoo.com pr-bh.ybp.yahoo.com	1 KB
2	creativecdn.com prebid-asia.creativecdn.com	352 B
2	google.de adservice.google.de www.google.de	272 B
2	google-analytics.com www.google-analytics.com	19 KB
1	mathtag.com 1 redirects sync.mathtag.com	610 B
1	adsrvr.org match.adsrvr.org	265 B
1	facebook.com www.facebook.com	147 B
1	googleapis.com ajax.googleapis.com	34 KB
1	2mdn.net s0.2mdn.net	30 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
0	appier.net Failed ad2.apx.appier.net Failed
115	25

	Domain	Requested by
11	s.plurk.com	www.plurk.com s.plurk.com
10	img.scupio.com	www.plurk.com img.scupio.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net eus.rubiconproject.com
6	tpc.googlesyndication.com	b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com
6	gum.criteo.com	2 redirects static.criteo.net
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	pixel.rubiconproject.com	eus.rubiconproject.com
4	static.criteo.net	img.scupio.com static.criteo.net
4	mug.criteo.com
4	cdnjs.cloudflare.com	www.plurk.com
3	sync.aralego.com	1 redirects img.scupio.com
3	bw.scupio.com	img.scupio.com ajax.googleapis.com eus.rubiconproject.com
3	assets.plurk.com	cdnjs.cloudflare.com
3	www.googletagservices.com	www.plurk.com securepubads.g.doubleclick.net b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com
3	www.plurk.com	cdnjs.cloudflare.com static.cloudflareinsights.com
2	c.holmesmind.com	1 redirects
2	sync-tm.everesttech.net	2 redirects
2	eus.rubiconproject.com	www.plurk.com eus.rubiconproject.com
2	rec.scupio.com	img.scupio.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com www.plurk.com
2	prebid.scupio.com	img.scupio.com
2	bidder.criteo.com	img.scupio.com
2	prebid-asia.creativecdn.com	img.scupio.com
2	hb.aralego.com	img.scupio.com
2	www.google.com	www.plurk.com tpc.googlesyndication.com
2	b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.plurk.com www.google-analytics.com
1	sync.mathtag.com	1 redirects
1	match.adsrvr.org	eus.rubiconproject.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.yahoo.com	eus.rubiconproject.com
1	pixel-apac.rubiconproject.com	1 redirects
1	www.facebook.com	img.scupio.com
1	secure-assets.rubiconproject.com	1 redirects
1	ajax.googleapis.com	img.scupio.com
1	s0.2mdn.net	b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com
1	ad.holmesmind.com	img.scupio.com
1	www.google.de	www.plurk.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	static.cloudflareinsights.com	www.plurk.com
1	imgs.plurk.com	www.plurk.com
1	avatars.plurk.com	www.plurk.com
0	ad2.apx.appier.net Failed	img.scupio.com
115	49

This site contains links to these domains. Also see Links.

Domain
vlam.vn

Subject Issuer	Validity	Valid
*.plurk.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-17` - `2022-07-16`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2019-10-15` - `2021-10-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-06-16` - `2021-07-28`	a month	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.plurk.com/p/of4uyi
Frame ID: F13A77C74498AF80F7D116C5AEAA3BA8
Requests: 42 HTTP requests in this frame

Frame: https://img.scupio.com/html/mv.html?v=1.0.91
Frame ID: 68E130D76541EE6F09BFBB426EF2E444
Requests: 15 HTTP requests in this frame

Frame: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 29982E1438DA6BDEDC4F11CA0C8A9142
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhjw7qCtATAB&v=APEucNUWCx1_TyiXCqKNkmFS7HbPqwcpshycHkNHQP_McPvHb_9Rj7m7CFG502AM3TAJhDNC4n4utbGpjokkNWrQW2iOYjf-BA
Frame ID: 3D9CE8D38612D214F937E4626A4D0424
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: A386A35AA54666BAAC3993E1C24BE26E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8A063D7B01037C09F62799545A0322F1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9BD65AEEE367FC1F8FBA8595203512B0
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.56
Frame ID: F46BCA982B1CA0BCBDF3E0D938CBA07E
Requests: 13 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: C8F76C1D32A77A386ADFCA611CB66FFA
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOng85NQkDhge00v9rbSyU8&google_cver=1&google_ula=3918219,0
Frame ID: 22D44E85BB2618B9FD0F9E98A16AFFC6
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: B1A8456F4E252CD52F11DE7978D96535
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com
Frame ID: 438BC740A7E4FAFDABF80148C95FEA89
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com
Frame ID: 902EFF06D4AF035687D4EF1B3E7EAA8B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

115
Requests

99 %
HTTPS

51 %
IPv6

25
Domains

49
Subdomains

41
IPs

9
Countries

1077 kB
Transfer

2961 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vlam.vn/viec-lam-ho-chi-minh/he-thong-bo-to-nhan-phat-tuyen-nhan-vien-giu-xe-tai-tphcm-cv68
Title: Hệ Thống Bò Tơ Nhân Phát tuyển nhân viên giữ xe tại ...

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=J6QqWXwvNDE0OUovdHBSNEk1V2M4ZHlaNEtGa1R5QkwyN3VhUEdWeWZhNmpCTW9uR04yQTd2d3RlQS82TEQ1K3A5d1YvcnRxTUt1b1M5NWdTaCtNV1hmTzkwMENaYjhMTTRKSm1rUlpMNHF0QnB6YmRKanM3MmNLaWswOEtweU1salhDZXNzWE5RVGRkMDFqMkNYNnhXK1lpMkhhdldBVTN2Tkl1VmRjdzliWWxOdkp0NnBjbGo0SnVHVUdtZktmemJNcDhhMUVRQ0JmdER6cW1UbXhWNUNSZGY0d01tUXpvRFAvYk5CSXpDVGdoSGFRPXw&cppv=2

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcocuvjUl_5kwZc6jKZ3kM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcocuvjUl_5kwZc6jKZ3kM&google_cver=1&C=1

Request Chain 61

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YM65ESnzLNHOJybTNNCnoQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn_8p4nRoKBLGTrBp5h2hg&google_cver=1

Request Chain 82

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=dUQiCnxwRjRsM2dSNmo3N0hsRFVReENrclNZdWRHUFdhQ1FrWE81cVBKb3NMMTAyQXpTVkw0YUpYaUdtSTM3L1F0bW5hZ2V5V0I2MWRpSFo0YkJGNWZIY2ZweFBXN3ZONE00UWJ6SEU5SnJDMXZpYWJNdk5DeDNoN2FlV2RZdFFhSEZHc2ozenZyMlk4Rm1FQVZLcEo0Tm5Hd0s3ZWMzVFlEaWpuN0kxSlFnVTBzVFQ4ejV0Zlp5bXhNODhMcm9tekl0TkF0RmZGcnNmUUlPWmJieGdab04zajdJL0UxdjJ1SEpzNTlQUG1VUTFDZy9FPXw&cppv=2

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0tBMjAyMTA2MjAxMTQyMTA0OTg4ODE%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOng85NQkDhge00v9rbSyU8&google_cver=1&google_ula=3918219,0

Request Chain 93

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 95

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CKA20210620114210498881 HTTP 302
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

Request Chain 103

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell HTTP 302
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=KQ4N8UQP-1N-47TO

Request Chain 104

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQwMmJmNzgzMTBiZDQzMmVlOWNhNmUwNjgxZDFmZGNmYTBiZTVmMg

Request Chain 105

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQ4N8UQP-1N-47TO&sigv=1&esig=2~ef9b311375afa283df19367d99c6a09735278f98

Request Chain 106

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/ES3BdSi0u7RqlhyErW9EWMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2284530177894478215

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAKPyaLqVXNJgix7OJceM-0&google_cver=1

Request Chain 108

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YM65EwAB5HstvAAC HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YM65EwAB5HstvAAC&_test=YM65EwAB5HstvAAC

Request Chain 110

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1E0TjhVUVAtMU4tNDdUTw==

Request Chain 111

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9a2660ce-b913-4a00-8525-a893fb046b93

Request Chain 112

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

115 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request of4uyi Show response
www.plurk.com/p/ 16 KB
5 KB 155ms
138ms Document
text/html 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aecc9b5932d8ac19c7bb6b68a6226e52c710880f6f1e054684846a570f87e13

Request headers

:method: GET
:authority: www.plurk.com
:scheme: https
:path: /p/of4uyi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-type: text/html; charset=utf-8
set-cookie: plurkcookiea="aiZBqgZYB5dhUilMxhpMmxUEmYtEIcTeZZ+fTNTURno=?from_url=Ii9wL29mNHV5aSI=&invitation_from_uid=MTQ4MDc2MzQ="; Domain=.plurk.com; Expires=Mon, 05-Jul-2021 03:42:08 GMT; Max-Age=1296000; Secure; HttpOnly; Path=/
cf-cache-status: DYNAMIC
cf-request-id: 0ac91c013200002b71591ab000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6621fc484e5e2b71-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 b857d9cf56d6f856e2b9.js Show response
s.plurk.com/ 64 KB
22 KB 27ms
19ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/b857d9cf56d6f856e2b9.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b90a40bb183f1f7036a6aad2fe03e57e5cf350a6c76779915cca7c1e37e1427f

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 234138
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: GXQH9FQAKVTTKVMG
x-amz-id-2: SNn2yGGKEcUwxtapf6a0mEy+36lybINDnjOConzJHzE1D7cZ2AuuYJUoP6A9gWS4k9h/HkF6vGk=
last-modified: Thu, 17 Jun 2021 10:36:27 GMT
server: cloudflare
etag: W/"08e20746126cfac6c1e1fd1fb365fcef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91c01cb00002b712922d000000001
cf-ray: 6621fc494fd72b71-FRA
expires: Mon, 25 May 2026 03:42:08 GMT

GET
H2 200 e5c9c0eaa191278ef039.js Show response
s.plurk.com/ 172 KB
57 KB 41ms
33ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/e5c9c0eaa191278ef039.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7644af38eab82d36c7e546d9bdac3b27fb22641927eb9368bc5c33c777c6d676

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 856983
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: KS35M2Y4MW0BKDMZ
x-amz-id-2: uV0OrMTBFuJ0hmPkAdpylqcEt7/YXkLx5jFMmox3AonIiyZSL9MxiPnAuwLOvsSDDS9bbruDSLM=
last-modified: Thu, 13 May 2021 05:30:35 GMT
server: cloudflare
etag: W/"79bfcb8b641331b5972ed4136ab1301b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91c01cc00002b712218f000000001
cf-ray: 6621fc494fda2b71-FRA
expires: Mon, 25 May 2026 03:42:08 GMT

GET
H2 200 f98462c57caf3129dd20.js Show response
s.plurk.com/ 2 KB
1 KB 24ms
16ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/f98462c57caf3129dd20.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49832bd9d6e23a7771e130b7a8c75e669a56e10f6ec88afd6872b9e27218f231

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 309554
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 6N0V29DX0WS3FRC2
x-amz-id-2: /P8UkZ9L7QJtv1Vl+pL4RIWJpS4+qc184cL66G+AlujKY8kqqV7+0te2EBc8zsZLXMDrrMg0Skg=
last-modified: Wed, 21 Apr 2021 05:52:35 GMT
server: cloudflare
etag: W/"4d81cd1413f0de03828bf6ec967af7bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91c01cb00002b71588d0000000001
cf-ray: 6621fc494fd92b71-FRA
expires: Mon, 25 May 2026 03:42:08 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 16ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7712989
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27433
cf-request-id: 0ac91c01c300002b593e29c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2B5d4hpPKCHn8SvnqsRb3G2oYbf4ggdba%2Ba76Xe3odZSseEWPVsDl0EuKmbhmmcoQLPNApX0OR0qFJE6jvlR0rdTzWjcIp6RJU6vlm2uYbcRSs1U8xuW%2BJ4jbQbwPZYk3p%2FNB2A2CI97KX01yXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6621fc493cf92b59-FRA
expires: Fri, 10 Jun 2022 03:42:08 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/ 21 KB
4 KB 17ms
15ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2693006
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4037
cf-request-id: 0ac91c01c300002b5977322000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-55e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NQZgdiXxKbv3wlCAXn%2F%2B2th9c4TtUmzGKEkWN9J%2FC6qxiM9qRxfRU0VSeBWv8u0Vuxz3KIebnDe0xQoqhXOFDgiesD%2BxV37T7btcmzxKLJypodVX%2FT1gdASWUhlTabgl52YgJ8ELZ81AKU4mwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6621fc493cf72b59-FRA
expires: Fri, 10 Jun 2022 03:42:08 GMT

GET
H2 200 be6490d423cd4fe35add.css
s.plurk.com/ 5 KB
1 KB 25ms
18ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/be6490d423cd4fe35add.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d706fc3e4dbf7484d9143806e2fe9bde08e4089b678a919019771e7a5c2f4f

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 1622350
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PF4YGW9DS96VJM18
x-amz-id-2: t15Nrb9MVMpwrpnjO565mREXQ/fCwu70FkdyXCy7JhHbc4J7EWktPDSIBaZsIXbAXBU7FWl4U/A=
last-modified: Tue, 01 Jun 2021 08:58:28 GMT
server: cloudflare
etag: W/"0f7fc8f1ded4854c178b7b313e9a05c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0ac91c01ca00002b71fa93a000000001
cf-ray: 6621fc494fd02b71-FRA
expires: Mon, 25 May 2026 03:42:08 GMT

GET
H2 200 sweetalert.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/ 40 KB
11 KB 14ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1413394
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10494
cf-request-id: 0ac91c01c400002b595d970000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff8-9f68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=79RBsZlW4NxqsKvM44wNyfioRXbSysAy3YXs1o0p28d0loVYxobTqv%2Bw00nmvCGjy1up2ShbFzmw1hJn1tjqHsBU4KhVgtcMo%2FW%2FcwdYE4vUqIaqKkM0C3QC8EYeE8SrBUXkr1TNNv%2BPt3Xx1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6621fc493cfa2b59-FRA
expires: Fri, 10 Jun 2022 03:42:08 GMT

GET
H2 200 handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/ 43 KB
12 KB 22ms
21ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/handlebars.min.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.plurk.com
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 193222
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11830
cf-request-id: 0ac91c01c400002b5957abd000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-ac34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=51DAb3J%2BppYByORpD0xGx0hcXFR6ftoMisvXDJTkgFVcfgXUmoiCN%2B9EMAG9k%2BfUfn6wxJ3DsYLLyXVJhFQy3ACH0rVio%2FThajVFge7o4BP4OiTfeT%2BpdivBHnYEXE0F9tPsxZFBmRUoFltVaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6621fc493cfb2b59-FRA
expires: Fri, 10 Jun 2022 03:42:08 GMT

GET
H2 200 a7e6ae6ad276b216026d.js Show response
s.plurk.com/ 48 KB
13 KB 40ms
34ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/a7e6ae6ad276b216026d.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b52207f42e563d3a8bb56e7203515812c47ba7d8f31573300f06d323ad540f6

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 845694
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: STE62TXP513QB540
x-amz-id-2: lLFNZyZ+mYjANe4YLwKw5LRxh7fIxYueHVU/IdOYDQQVOFqDLsHVT7oTsqAjxvd3pawowkNQmCA=
last-modified: Thu, 10 Jun 2021 08:32:42 GMT
server: cloudflare
etag: W/"8c7550f23efa76de8ea43f661e206763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91c01cb00002b712f0d5000000001
cf-ray: 6621fc494fd42b71-FRA
expires: Mon, 25 May 2026 03:42:08 GMT

GET
H2 200 88da4e6060770e741c9a.js Show response
s.plurk.com/ 62 KB
20 KB 44ms
37ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/88da4e6060770e741c9a.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 673cb57b8bcbb6394a6b47f190d86077949725e7c9e4445d2366cbd43b242224

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 234118
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WBBM8CYFC2EWY520
x-amz-id-2: Epd4lEWT4nqgvIRz5OTT1AuwsRRYs7VYLReFy+9b0ABtFonmkyv0lSPJPX0y2lyOLyJYEhDHaBY=
last-modified: Thu, 17 Jun 2021 10:36:25 GMT
server: cloudflare
etag: W/"0df4f1bfaf87bd2c07a425b29ca4071d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91c01d000002b71e8986000000001
cf-ray: 6621fc494fd62b71-FRA
expires: Mon, 25 May 2026 03:42:08 GMT

GET
H2 200 31b312ff2cc0494dbf23.css
s.plurk.com/ 39 KB
8 KB 40ms
34ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/31b312ff2cc0494dbf23.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e652bca51f3d99e146d9b1d9b59b275412dc949d345c0a4566dbfb881f46a40b

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 234118
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: WBBQKNM9SHW92KB0
x-amz-id-2: 808Jo/jtERi3SqTZCF9kmcbO2LrqQMrfL0jk7BRv0vbKmpSMtLXs2R43awTbPinYz4AKTQQEyqI=
last-modified: Thu, 17 Jun 2021 10:36:25 GMT
server: cloudflare
etag: W/"5586b0ed01f06b4fc36fbf63b6d21e3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0ac91c01ca00002b7153a0f000000001
cf-ray: 6621fc494fcc2b71-FRA
expires: Mon, 25 May 2026 03:42:08 GMT

GET
H2 200 c7613002a6ba4a98b549.js Show response
s.plurk.com/ 242 KB
66 KB 33ms
27ms Script
application/javascript 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/c7613002a6ba4a98b549.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6645e2c0a595a3c171a6a0eb57bbdf2abab1e9f813676ac75b2916de4778c45

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 814530
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PWWE8KVN10B49EKE
x-amz-id-2: w0GU086a0INiGF1y7G7DLGv3hzkR7e20B1vHY9pLqHnHxpvYbwkd9gCYT4dR4pHDZwhTb0U90yE=
last-modified: Thu, 10 Jun 2021 17:20:28 GMT
server: cloudflare
etag: W/"18b0b09a12beb11af3e0fc0ab6d29964"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=155520000
cf-request-id: 0ac91c01cb00002b71141ef000000001
cf-ray: 6621fc494fd22b71-FRA
expires: Mon, 25 May 2026 03:42:08 GMT

GET
H2 200 d1d3f8efc01fbbcbabfb.css
s.plurk.com/ 69 KB
13 KB 31ms
25ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/d1d3f8efc01fbbcbabfb.css
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1ba74945c36d1928d02079f476ac27d123ffa19c6fccfb2a3d14b35614b9218

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 844798
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: YV0KM68RM3MFXFTZ
x-amz-id-2: 3Kd24YF8wt+y4e76QrE9gJfXJ5cZ4IRSg4QKD0WE2Xc8euGtdmXuwEvlTLPHEQ9qA1YA+ZNvFUk=
last-modified: Thu, 10 Jun 2021 08:32:43 GMT
server: cloudflare
etag: W/"3270d2100d8dd64a6c68e5101ef8346b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=155520000
cf-request-id: 0ac91c01cb00002b711a363000000001
cf-ray: 6621fc494fd12b71-FRA
expires: Mon, 25 May 2026 03:42:08 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 41 KB
15 KB 90ms
31ms Script
application/javascript 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: bc7a9223874861c2b9fa970476f94a0013644fcc8c8b26a428549a2f2d050840

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:37:15 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 08:12:42 GMT
server: nginx/1.12.1
age: 331
etag: W/"60c860fa-a4d5"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 82BtqtuaMtwAZqVa53M-rUDGO8fZxbxp7IG3oRMjuH8O8YpUkYGNsA==
via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
expires: Sun, 20 Jun 2021 03:51:37 GMT

GET
H2 200 14807634-medium15092772.gif
avatars.plurk.com/ 1 KB
2 KB 16ms
14ms Image
image/gif 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.plurk.com/14807634-medium15092772.gif
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
cf-cache-status: HIT
age: 778031
cf-polished: origSize=1287
cf-ray: 6621fc4a19372b71-FRA
x-amz-storage-class: REDUCED_REDUNDANCY
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1279
x-amz-id-2: OfMGZl2eVQE55TpfKLf0RTliwwlXTzpaE41uVtR8bojYT1eCAJBHf1sl2IQHL6TCLvcb9MC86oc=
last-modified: Wed, 24 Oct 2018 17:48:38 GMT
server: cloudflare
etag: "6c0779ae49111313047639c892eef67c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: Y80ZYR5C82Z7NXNB
expires: Mon, 25 May 2026 03:42:08 GMT
cache-control: public, max-age=155520000
cf-request-id: 0ac91c025400002b712f0df000000001
accept-ranges: bytes
content-type: image/gif
cf-bgj: imgq:100,h2pri

GET
H2 200 nyrjH1gbiLmgHWEumGgaNO4kjOQ_mt.jpg
imgs.plurk.com/QzM/Eal/ 4 KB
5 KB 32ms
24ms Image
image/jpeg 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgs.plurk.com/QzM/Eal/nyrjH1gbiLmgHWEumGgaNO4kjOQ_mt.jpg
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb18058302f67c3f2c45a9b273a9536bcd4e3589c07d041d68d999740f778790

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:09 GMT
cf-cache-status: HIT
age: 216818
cf-polished: origSize=4442
x-amz-meta-source: https://vlam.vn/storage/image/vlam-tuyen-dung.jpg
x-amz-meta-content-type: image/jpeg
last-modified: Thu, 17 Jun 2021 14:30:45 GMT
content-length: 4372
x-amz-meta-hash: EalnyrjH1gbiLmgHWEumGgaNO4kjOQ
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 4DC1VHNZQERXSBVH
x-amz-id-2: rBO/Jd6LZ1mStnJDWNRf530rYvN0y/TGS1ViWqfYjh+m12gR/YMHY6/W/PYEoxkbcJ9IpRuBl14=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "18c836627a7e26aef3becfb5919b52c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-request-id: 0ac91c026c00002b71f7a0d000000001
accept-ranges: bytes
cf-ray: 6621fc4a496f2b71-FRA
expires: Mon, 20 Jun 2022 03:42:09 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a2c0a3b3510b56be29d68362d3e731986fdc810bb57d6ed461185b278ff89e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "907 / 778 of 1000 / last-modified: 1624054126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21494
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:42:08 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 11ms
11ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6621fc4a6a464e20-FRA
cf-request-id: 0ac91c028500004e200638b000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4649
date: Sun, 20 Jun 2021 02:24:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 20 Jun 2021 04:24:40 GMT

GET
H2 200 background.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
379 B 18ms
16ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/background.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
cf-cache-status: HIT
age: 160473
cf-ray: 6621fc49c8c62b71-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-amz-id-2: c5HicxTBhNDI7lbeAC43cDlSGOJY4hEwMWjmjPtP8ZJq7Z5CZd0PtSm5CrT2mpbhd+z7s9XuuIs=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4FMF7CRZFAW4FKCT
cache-control: public, max-age=31536000
cf-request-id: 0ac91c022200002b71eb3b9000000001
accept-ranges: bytes
content-type: text/css
expires: Mon, 20 Jun 2022 03:42:08 GMT

GET
H2 200 timeline.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
154 B 18ms
17ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/timeline.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
cf-cache-status: HIT
age: 160474
cf-ray: 6621fc49c8c52b71-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-amz-id-2: kankFk58IvG9qoQixb0RoQo/+VKBJ+Yzo5hd7oDdR6pIsZ/u6hCyPJqroCJ7ntx9bIAUp3dFxLI=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4FM4V2VA7M8KP4ND
cache-control: public, max-age=31536000
cf-request-id: 0ac91c022200002b71e5835000000001
accept-ranges: bytes
content-type: text/css
expires: Mon, 20 Jun 2022 03:42:08 GMT

GET
H2 200 dashboard.css
assets.plurk.com/static/theme/v5/default2018-theme/ 0
154 B 21ms
20ms Stylesheet
text/css 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.plurk.com/static/theme/v5/default2018-theme/dashboard.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:08 GMT
cf-cache-status: HIT
age: 232119
cf-ray: 6621fc49c8ca2b71-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
x-amz-id-2: ZVkaaFPyV2PiMjrku1SCeY+cKxsmOLcipMBi4QXoPvOPT8e6BFSZgTcc9Gea7XqPC7P7u5HPXMk=
last-modified: Wed, 01 Aug 2018 09:38:50 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533115322/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1533111980
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 9QH19QCD2MYX33PQ
cache-control: public, max-age=31536000
cf-request-id: 0ac91c022200002b7151083000000001
accept-ranges: bytes
content-type: text/css
expires: Mon, 20 Jun 2022 03:42:08 GMT

GET
H2 200 pubads_impl_2021061503.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
115 KB 70ms
26ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 21:10:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116743
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:42:09 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1592987358&t=pageview&_s=1&dl=https%3A%2F%2Fwww.plurk.com%2Fp%2Fof4uyi&ul=en-us&de=UTF-8&dt=datnendongnai%20-%20H%E1%BB%87%20th%E1%BB%91ng%20nh%C3%A0%20h%C3%A0ng%20b%C3%B2%20t%C6%A1%20Nh%C3%A2n%20Ph%C3%A1t%20tuy%E1%BB%83n%20nh%C3%A2n%20vi%C3%AAn%20gi%E1%BB%AF%20xe%20t%E1%BA%A1i%20th%C3%A0nh%20ph%E1%BB%91%20H%E1%BB%93%20Ch%C3%AD%20Minh%20t%E1%BA%A1i%20c%C3%A1c%20qu%E1%BA%ADn%206%2C%20qu%E1%BA%ADn%2010%2C%20qu%E1%BA%ADn%207%2C%20qu%E1%BA%ADn%20G%C3%B2%20V%E1%BA%A5p%2C%20qu%E1%BA%ADn%20T%C3%A2n%20Ph%C3%BA%2C%20qu%E1%BA%ADn%20B%C3%ACnh%20T%C3%A2n%20H%E1%BB%87%20Th%E1%BB%91ng%20B%C3%B2%20T%C6%A1%20Nh%C3%A2n%20Ph%C3%A1t%20tuy%E1%BB%83n%20nh%C3%A2n%20vi%C3%AAn%20gi%E1%BB%AF%20xe%20t%E1%BA%A1i%20...%20-%20Plurk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1820325955&gjid=1831701950&cid=784463767.1624160529&tid=UA-53436-7&_gid=526225200.1624160529&_r=1&_slc=1&z=1021351119

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 b903137cf2afd470223d.woff
s.plurk.com/plurkiconfont/fonts/ 21 KB
22 KB 31ms
14ms Font
application/font-woff 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.plurk.com/plurkiconfont/fonts/b903137cf2afd470223d.woff
Requested by: Host: s.plurk.com
URL: https://s.plurk.com/be6490d423cd4fe35add.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1

Request headers

Origin: https://www.plurk.com
Referer: https://s.plurk.com/be6490d423cd4fe35add.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1622349
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: BN69J9BZKRM6SXJG
x-amz-id-2: DIpgxBiRwdGDK4mEuMz07AqInHJ4dcsTMNpsQH1xNTw77Ss2iLlZO3RgdmBkp8I0+573OkwMRZc=
last-modified: Tue, 01 Jun 2021 08:58:27 GMT
server: cloudflare
etag: W/"d4c0955530a8e2c432946c6057221cab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=155520000
cf-request-id: 0ac91c02cc00004e744dad0000000001
cf-ray: 6621fc4ad8ab4e74-FRA
expires: Mon, 25 May 2026 03:42:09 GMT

GET
H2 200 10987.json Show response
img.scupio.com/js/config/ 557 B
945 B 76ms
26ms XHR
application/json 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/10987.json?v=1.0.3813
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 4e17a8b1a3f28afdc3e192a553e862b827e8c23688433711fd60ccea0539fd56

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 20 Jun 2021 03:42:01 GMT
via: 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
last-modified: Wed, 19 May 2021 02:16:46 GMT
server: nginx/1.12.1
age: 7
etag: "60a4750e-22d"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 557
x-amz-cf-id: gwdkmREjLuw4enPCHxli1sMa0ZCSWIU7ojjrDFtof29xzxQiQo4Ibw==
expires: Sun, 20 Jun 2021 06:42:01 GMT

GET
H2 200 mv.html Show response
img.scupio.com/html/ Frame 68E1 68 KB
21 KB 31ms
31ms Document
text/html 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/mv.html?v=1.0.91
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 67a06e09f719fde5bf65b689bcbb8284296bd18227b94e8f525a17b334c8c09a

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/mv.html?v=1.0.91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 03 May 2021 06:15:43 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 20 Jun 2021 03:30:54 GMT
expires: Sun, 20 Jun 2021 03:34:53 GMT
cache-control: max-age=1500
etag: W/"608f950f-111cd"
x-cache: Hit from cloudfront
via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: cx-t_hI0rbZr_BATvNhyvrvP8tDV7ak0IV6t6Qo-HgMHeeciGTUtIA==
age: 1936

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.plurk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.plurk.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 477ms
449ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3802901817921224&correlator=39210450846620&output=ldjh&impl=fif&eid=31060889&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=75142684%2Cplurk_message_300x250_SB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1624160529&dt=1624160529173&dlt=1624160528830&idt=240&frm=20&biw=1600&bih=1200&oid=3&adxs=1005&adys=102&adks=2862190043&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.plurk.com%2Fp%2Fof4uyi&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=784463767.1624160529&ga_sid=1624160529&ga_hid=1592987358&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c5c172d5409ffd93c82ce64e7770c57e4fa21316e30cd29356246e578f630f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7304
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 60ms
14ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-53436-7&cid=784463767.1624160529&jid=1820325955&gjid=1831701950&_gid=526225200.1624160529&_u=IEBAAEAAAAAAAC~&z=1893291746

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 20 Jun 2021 03:42:09 GMT
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-53436-7&cid=784463767.1624160529&jid=1820325955&_u=IEBAAEAAAAAAAC~&z=111702071

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-53436-7&cid=784463767.1624160529&jid=1820325955&_u=IEBAAEAAAAAAAC~&z=111702071

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 0cd0435740e740eece09.gif
s.plurk.com/ 31 KB
31 KB 39ms
22ms Image
image/gif 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.plurk.com/0cd0435740e740eece09.gif
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e7d43630a261b51e2a419b892c4fa8aed22dcbc1cfc7e5f8a575771d5fbe67c

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:09 GMT
cf-cache-status: HIT
age: 1622349
cf-polished: origSize=35115
cf-ray: 6621fc4bcf230ea7-FRA
last-modified: Tue, 01 Jun 2021 08:58:27 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31308
x-amz-id-2: bXssO0abYWh/cAydFARa3uN4NJKyGo6Zt83ksdGbOn5nIX368PTf6FmBYpySCYSsOCRgfTQwrKk=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "d236fd746e000431a8e2c6bc787ee7c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: BN64HSRJRJYKBXHS
cache-control: public, max-age=155520000
cf-request-id: 0ac91c035d00000ea73b369000000001
accept-ranges: bytes
content-type: image/gif
expires: Mon, 25 May 2026 03:42:09 GMT

POST
H3-29 200 get Show response
www.plurk.com/Responses/ 104 B
510 B 139ms
139ms XHR
application/json 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.plurk.com/Responses/get
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949

Request headers

sec-fetch-mode: cors
origin: https://www.plurk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: plurkcookiea="aiZBqgZYB5dhUilMxhpMmxUEmYtEIcTeZZ+fTNTURno=?from_url=Ii9wL29mNHV5aSI=&invitation_from_uid=MTQ4MDc2MzQ="; _ga=GA1.2.784463767.1624160529; _gid=GA1.2.526225200.1624160529; _gat=1
content-length: 38
:path: /Responses/get
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.plurk.com
referer: https://www.plurk.com/p/of4uyi
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://www.plurk.com/p/of4uyi
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
set-cookie: plurkcookiea="aiZBqgZYB5dhUilMxhpMmxUEmYtEIcTeZZ+fTNTURno=?from_url=Ii9wL29mNHV5aSI=&invitation_from_uid=MTQ4MDc2MzQ="; Domain=.plurk.com; Expires=Mon, 05-Jul-2021 03:42:09 GMT; Max-Age=1296000; Secure; HttpOnly; Path=/
cf-ray: 6621fc4bcf240ea7-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac91c035d00000ea7d08cd000000001

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 68E1 235 KB
85 KB 38ms
37ms Script
application/javascript 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:40:08 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 07:57:27 GMT
server: nginx/1.12.1
age: 298
etag: W/"60af50e7-3ac4b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: DPsrtHmSzQWoxRPx2abEcuGfjPYHHopcKvQ2E99o_fv5Wl6nuG2qBw==
via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
expires: Sun, 20 Jun 2021 09:37:11 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 41ms
14ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1208
date: Sun, 20 Jun 2021 03:42:08 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 68E1 108 B
485 B 27ms
26ms XHR
application/json 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 754f6a663422e4ab9d3b26427d2ff42e941d9a7d7c1fa02181a17f6768d425aa

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Jun 2021 03:40:34 GMT
via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
last-modified: Sat, 19 Jun 2021 19:15:54 GMT
server: nginx/1.12.1
age: 140
etag: "60ce426a-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: SM_PJunC17DVvbWwtFys24itUpo8gCGiqGseS-HtnojT54RQF92GaA==
expires: Sun, 20 Jun 2021 06:39:48 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 68E1
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=J6QqWXwvNDE0OUovdHBSNEk1V2M4ZHlaNEtGa1R5QkwyN3VhUEdWeWZhNmpCTW9uR04yQTd2d3RlQS82TEQ1K3A5d1YvcnRxTUt1b1M5NWdTaCtNV1hmTzkwMENaYjhMTTRKSm1rUlpMNHF0QnB6YmRKanM3MmNLaWswOE...

358 B
636 B

79ms
28ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=J6QqWXwvNDE0OUovdHBSNEk1V2M4ZHlaNEtGa1R5QkwyN3VhUEdWeWZhNmpCTW9uR04yQTd2d3RlQS82TEQ1K3A5d1YvcnRxTUt1b1M5NWdTaCtNV1hmTzkwMENaYjhMTTRKSm1rUlpMNHF0QnB6YmRKanM3MmNLaWswOEtweU1salhDZXNzWE5RVGRkMDFqMkNYNnhXK1lpMkhhdldBVTN2Tkl1VmRjdzliWWxOdkp0NnBjbGo0SnVHVUdtZktmemJNcDhhMUVRQ0JmdER6cW1UbXhWNUNSZGY0d01tUXpvRFAvYk5CSXpDVGdoSGFRPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

052b002fc21d939e5bea2da683bf6a711a59f2cf58012dab6e4d2699e53b997a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 20 Jun 2021 03:42:09 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2464
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 20 Jun 2021 03:42:09 GMT
location: https://mug.criteo.com/sid?cpp=J6QqWXwvNDE0OUovdHBSNEk1V2M4ZHlaNEtGa1R5QkwyN3VhUEdWeWZhNmpCTW9uR04yQTd2d3RlQS82TEQ1K3A5d1YvcnRxTUt1b1M5NWdTaCtNV1hmTzkwMENaYjhMTTRKSm1rUlpMNHF0QnB6YmRKanM3MmNLaWswOEtweU1salhDZXNzWE5RVGRkMDFqMkNYNnhXK1lpMkhhdldBVTN2Tkl1VmRjdzliWWxOdkp0NnBjbGo0SnVHVUdtZktmemJNcDhhMUVRQ0JmdER6cW1UbXhWNUNSZGY0d01tUXpvRFAvYk5CSXpDVGdoSGFRPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1780
content-length: 482
expires: 0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 68E1 0
323 B 567ms
205ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7844B6A6EAE2406AB34AB2A734EE&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&fp=undefined&eids=&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=bc084eef-afa3-4f98-a778-73cbf3dac4dd&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:42:09 GMT
access-control-allow-credentials: true
connection: close

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 68E1 0
176 B 522ms
173ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:42:09 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST bid
ad2.apx.appier.net/v1/prebid/ Frame 68E1 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 68E1 0
187 B 97ms
32ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0-pre&cb=88104406073
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:42:08 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 68E1 0
285 B 1168ms
298ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.658484097509388
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Jun 2021 03:42:09 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 68E1 0
219 B 783ms
263ms XHR
text/html 54.178.71.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1624160529323&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-71-123.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK videoad.aspx Show response
bw.scupio.com/adpinline/ Frame 68E1 61 B
947 B 1158ms
290ms XHR
text/xml 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/videoad.aspx?cb=0.2050284731138361
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.91
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 92c16c0348f2d05581dedabd53914d611dfde718909d0d62559ee5097acc9691

Request headers

Accept: application/json, text/javascript, */*
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 20 Jun 2021 03:42:09 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 174

POST
H3-29 200 rum Show response
www.plurk.com/cdn-cgi/ 0
165 B 10ms
10ms XHR
text/plain 2606:4700::6811:4503
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.plurk.com/cdn-cgi/rum?req_id=6621fc484e5e2b71

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:4503 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.plurk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: plurkcookiea="aiZBqgZYB5dhUilMxhpMmxUEmYtEIcTeZZ+fTNTURno=?from_url=Ii9wL29mNHV5aSI=&invitation_from_uid=MTQ4MDc2MzQ="; _ga=GA1.2.784463767.1624160529; _gid=GA1.2.526225200.1624160529; _gat=1
content-length: 10323
:path: /cdn-cgi/rum?req_id=6621fc484e5e2b71
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.plurk.com
referer: https://www.plurk.com/p/of4uyi
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.plurk.com/p/of4uyi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.plurk.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6621fc4c6fc50ea7-FRA
vary: Origin

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 81ms
26ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1059
date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3-29 200 container.html Show response
b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2998 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 20 Jun 2021 03:42:09 GMT
expires: Mon, 20 Jun 2022 03:42:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:42:09 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 35ms
17ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061503&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75fac6b3fb8fc0cd2fcbd4a7b2550ade3d5c5792d81db410875b91d4532f3c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7937
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3D9C 478 B
539 B 16ms
16ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhjw7qCtATAB&v=APEucNUWCx1_TyiXCqKNkmFS7HbPqwcpshycHkNHQP_McPvHb_9Rj7m7CFG502AM3TAJhDNC4n4utbGpjokkNWrQW2iOYjf-BA

Requested by

Host: b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com
URL: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPTQ7wEQpK2PAhjw7qCtATAB&v=APEucNUWCx1_TyiXCqKNkmFS7HbPqwcpshycHkNHQP_McPvHb_9Rj7m7CFG502AM3TAJhDNC4n4utbGpjokkNWrQW2iOYjf-BA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 20 Jun 2021 03:42:09 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUl3qZIUJ-y9T91s7hOGo8Vpxgue8ZbK7o00ZXzmrvmvwPZepW_W6oOPbmZ-; expires=Fri, 15-Jul-2022 03:42:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 20 Jun 2021 03:42:09 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2998 44 KB
21 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADb0b_pizLEX_yuw8RirYqkeaTb7dk_wi7qfp19oFH1JJcTQMKFM6HHuutO2zWiiWxeCKolrUDew4Z-ml_o2djq2fqbblXwaoR_sT4lIRSywausnOfCXYF8xE4w7Bg09m-eD0I8-wb3174Trhd3TdqEaDezw&dbm_d=AKAmf-DRKB1Im8gsW2h9bjef4yM0Nw8q-VcdMKrIw9n7-V2r7NtMMrGgUDK-q12XwKxhlqRENs-1wYjLnsEeYlJBxFqejBbad8IWoPNwrskxXskeTFCbtBFF_HoIOGTdBgNnr0eNlsCBRQKQQg8rjLO9HoULBB8YUAzH4gc084YjNaVVaEmmlroRSMKMZA1HtPcr7jAyrIZehqXJ9y1HwusgzpkLEyo8OwLur0e0sdOgfqr5F_jf7jJfTK2KbqVG2GY_bZQBAPmlU3Z9Y6Xmvv63UxQfuMVGNqJF-4KGNvrG5lb87M-aIPxb6w8U095H1A_C3_RkbBf55mubP2WrE2F0g9UgyhcBrgztj8qphk5SNSbWpYL53O-9m-HBpvea0YXzdtOBYsdIvu3cPfJd81jYgc1vClmAXb2zW1FPsbm0q3_Q6MfNvtZ1L7tyhnrm8SI09drY2q1j6uoKkmavx2ZfSIPpzWf-bX6vub1VaUu2Y-zKe2pRgvuHhZdJB1l-tOWjorWGdjVMRvPcMQor7h3Hz-yah4IE_pNo3Ua-lEklmNAaVmh_QJ0GkADgMh3z9hflDFvjYEQw11hgbKhN67dPLV1xSuyFNkOEW2c9dMUIIGRgbKDfhX8AfPDTxDynzx3h9Ca1861fdxyxdPqltHTrCBEN-ExO1JffWt8noVWqJtAgdtijP5e-w7XVC4Pm_fp3AK4U4B-G5ZugtndM3Qi25ud54AHY-ixPcQ7-WymuPz_mw263lZURxK0_8o7BXDiWWHRGQ6SliL6pCzZsefnwEKGWEAlAJrndkvrUzMIIBBYhAzH-_8bD_PlXt74pxX2bcn2JspebGuqDPBiC6zVtLz3MCDOksGIdeuN6Hycmg9ClHyixIJl4Bm5ielFEQbiagfKSkbHbtLenpLG22FQKUuU4I9yp8Vl53lMk07uPoVbHZF3gmta95dZR1n2h6s9udJmSa-cCM3ixjHKQM1Y4L-2wkZ5tbAIwyRuvVzmhSpomgxte30eoUfMczCojozXa4jq2L4WzbibDiUAc2nL3uCqeb6j557P8Jy16gWXtiCZVv0Q7jOT9x8wxWi_en8INA6x8dJzrgUDwxlQ2JFtlYBSdUhiBqrFNDQyMd2G4KuqV8T3Nm83Uh7hQBF4sIi0_M_yqAhHW6rxaj89FnbfE58V87egGf09q32o-gcZTMKK1WNPPqLx41mZKLgjvjUpkXMdwSFEN9PoQhXMkJTXR1VKOzxbVrRAZEZ4aqe9CUQeC9jewLrwZpgrhltmxhV9jd2T7389RCR7Y2nOPlxzuPGRESNtwbZiGgLrUecEqqnL7njQEbZ0kGWcQj-8OjTAFGy6LIxuuTUJ0BqM8a3lc4IU6LkJY6UEGWgaDL5weJHNwaZt6_jnLrDKee1tcuUvp8foCHafPaPgX_yYAHybjpr6aBhI7BIKR0eemcOczb4tMZ6IGVTNwsnqdpsq8Kfm0JW7EDWIxSHJwprOtXt9wOsOij5ije-UHprXKfAGjrQFE8pP8n8oHZfMPfwqJw2ojmBmDPsH2BuJ9nh88uQ0Z3r2c-WdLOuAdko4MHvnP6xm7vScDpOUZ5sphAwd-WneanxB75TFvwxzYW9w6AVXzI5S9JdFZjml3dEd6iy8I1Fp4Yn-uLh4gNXX9oXqrpSEWRm5jlBCEtgmvy051S-lTAT3WfkwMT8Dk1NtVn3P3bEIInVvEhtilaeRp3izAGK_cXaDMQB7bdaakIbhzVQSjfGYqZIpM9Of0mVByDg2zqmNxEU1pQnKhdFYcryn6zRWeFNhaCOCQ1WLm1dcddpSTdjcoQHeaR73C8BxkopdIx7veW3zKYEEJpFy1g4O6YbZBuWLhPoZAatNMWT7I_cw6hPe-rfFWjv8VPQyU9A4tmXQoc-WQSXhuNcKZIUvE74rNSamOcBq8jBmhjrHcJPNxULa9xW_gfr1No9eFfqsTEEqhE1SGlx3DDQoAJXeohT0wy0Gh2jZO7OjyzVsYX_0WZJbX2lymuryM3QKP029VDNzUPqgB5B-xqhGen7selMikYmVAR88uJmPTIsBToXnvxB5Su1lBboPCZ16aOEFocjyODc7irKGfyzuBHYB4NzS9DtwhIsUW4bnZskJEIoxZsEdrakOMN7FhMCODVFPlikYbHoc5N5twxlVvIY63KDG9sIU3EoJ39A_dve2xtjJCFgqifv73ZN4EDzb0qOdTITGPaw0necWDURQGVDKVSCvARVvI9f-X7ogKmLkiF5T2JkqXQSRwih11pXxGOurIOA5CdPY7nbRL-X2zOGL2FLV34Sjmdyk_bZR8U604I6Be3wznxkEqs8iGq4NBAByptge1wk1AyARpEDmYrYVp9cyXVt0X0V4L0r76CNdY-tsOLykaaFSjZN4HBnYCi9h-p9VBgFfonFN-4eAxsuDHzJlpDQXGKUG56pwCJDLY6UYHIB_MA3UnpUg1yaoSBH4CDRBXZlil-o7MwpoazqSnlM4gSyroBPlwx6G5gLT1IE0VwtATtxkBi0YhHMjCKga6EnwOIJR9yxBzKQg-oD0L_iMpPJuSCKBwGtQ5koTLkNB3C6wyPnpxpxWFWsQ5u7RSuTDGdQq8-wjOPSc5Q7tHZK4scXvFLaGFcGFCS8E5H1utq4LQTxOxH3mLb3S4v4rJzs-j3U38RSj0nSw3acTc4PFy3gTAYzj45zRMxE8Lr9a4wVWst_dFWTPfMs75ib5XtjggGEx8tyb7bOq5x6s5eRONURHxk7X6wstCl1FzqrohwEEtuI4WGb7gbGGnjTlUxMwudD53HAwwNzFpUaPswkS2JJUjhyEN4xldmhf2aWgjxGqNJPgg_iXB4_Zg_1hjVeGXnmBKkZKftSnPiWyr9y2V6Dl_z92n5FR2TtVCI8BzgXFHb1mnprtl7lFqBM2eorgioM3ra9O4qGxDkhwOKdjOMfdH97RJqOXxwDsn6Tc6neLIt9ieiVjG6pCD9RP6fUjKTb-g1QOX7CxfWOTSeKeZ5OEAm8kX3TaynRWxDOuc_aJLwFpmfIXPoz322G8VHBst3kQHxLoDkLKzj-MwiFYD0-BfK3MH5R7klrWq-AdzmuEVx48fl2ezPYW9q6747L5fkwHmJTss9-Ps9s5M2rdb7P5eJ_M2KwCBo97cqSrWpuYwQT7OybXTq4eOu5gH6lWHQV0pI-AVpgqryBdlbOKDq7_2xFcU4zQrx9rJSZLds9zdBqFtn7Nc1dXrtxYDPQlnMMjtmsG5z4g6eHe2Te8PvCDcMFXEu9fZfIWDTmnmO2gjfx9pCI1-TV1s1LQhVYleaNYjwwo&cid=CAASFeRo8TrYZwn02dB4U33ZThcJYQvjoQ&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240

Requested by

Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aff8e4c1ba02a29c7f0272e4e15eb2025ba9beee116cb41badb5ed1e497669a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21581
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2998 42 B
107 B 14ms
13ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_mDVI2OGV-xf-EU7FKKo2n89EWTpjfbLmsLo0GEoiudhNXkIFJdmfetxJkHHE3YXWniQP04PZErroARl8izoA_tQh6N_PqfEFf4MfbGtAJpWT00k

Requested by

Host: b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com
URL: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 2998 3 KB
2 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com
URL: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 03:28:32 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2998 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com
URL: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:42:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 2998 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com
URL: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 03:00:26 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 20 Jun 2021 03:42:09 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 3D9C 170 B
523 B 69ms
27ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhjw7qCtATAB&v=APEucNUWCx1_TyiXCqKNkmFS7HbPqwcpshycHkNHQP_McPvHb_9Rj7m7CFG502AM3TAJhDNC4n4utbGpjokkNWrQW2iOYjf-BA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3D9C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcocuvjUl_5kwZc6jKZ3kM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcocuvjUl_5kwZc6jKZ3kM&google_cver=1&C=1

43 B
1014 B

31ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcocuvjUl_5kwZc6jKZ3kM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhjw7qCtATAB&v=APEucNUWCx1_TyiXCqKNkmFS7HbPqwcpshycHkNHQP_McPvHb_9Rj7m7CFG502AM3TAJhDNC4n4utbGpjokkNWrQW2iOYjf-BA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:42:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 20 Jun 2021 03:42:09 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:42:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEcocuvjUl_5kwZc6jKZ3kM&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sun, 20 Jun 2021 03:42:09 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3D9C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YM65ESnzLNHOJybTNNCnoQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn_8p4nRoKBLGTrBp5h2hg&google_cver=1

43 B
894 B

31ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn_8p4nRoKBLGTrBp5h2hg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhjw7qCtATAB&v=APEucNUWCx1_TyiXCqKNkmFS7HbPqwcpshycHkNHQP_McPvHb_9Rj7m7CFG502AM3TAJhDNC4n4utbGpjokkNWrQW2iOYjf-BA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 03:42:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 20 Jun 2021 03:42:09 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn_8p4nRoKBLGTrBp5h2hg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame 2998 22 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADb0b_pizLEX_yuw8RirYqkeaTb7dk_wi7qfp19oFH1JJcTQMKFM6HHuutO2zWiiWxeCKolrUDew4Z-ml_o2djq2fqbblXwaoR_sT4lIRSywausnOfCXYF8xE4w7Bg09m-eD0I8-wb3174Trhd3TdqEaDezw&dbm_d=AKAmf-DRKB1Im8gsW2h9bjef4yM0Nw8q-VcdMKrIw9n7-V2r7NtMMrGgUDK-q12XwKxhlqRENs-1wYjLnsEeYlJBxFqejBbad8IWoPNwrskxXskeTFCbtBFF_HoIOGTdBgNnr0eNlsCBRQKQQg8rjLO9HoULBB8YUAzH4gc084YjNaVVaEmmlroRSMKMZA1HtPcr7jAyrIZehqXJ9y1HwusgzpkLEyo8OwLur0e0sdOgfqr5F_jf7jJfTK2KbqVG2GY_bZQBAPmlU3Z9Y6Xmvv63UxQfuMVGNqJF-4KGNvrG5lb87M-aIPxb6w8U095H1A_C3_RkbBf55mubP2WrE2F0g9UgyhcBrgztj8qphk5SNSbWpYL53O-9m-HBpvea0YXzdtOBYsdIvu3cPfJd81jYgc1vClmAXb2zW1FPsbm0q3_Q6MfNvtZ1L7tyhnrm8SI09drY2q1j6uoKkmavx2ZfSIPpzWf-bX6vub1VaUu2Y-zKe2pRgvuHhZdJB1l-tOWjorWGdjVMRvPcMQor7h3Hz-yah4IE_pNo3Ua-lEklmNAaVmh_QJ0GkADgMh3z9hflDFvjYEQw11hgbKhN67dPLV1xSuyFNkOEW2c9dMUIIGRgbKDfhX8AfPDTxDynzx3h9Ca1861fdxyxdPqltHTrCBEN-ExO1JffWt8noVWqJtAgdtijP5e-w7XVC4Pm_fp3AK4U4B-G5ZugtndM3Qi25ud54AHY-ixPcQ7-WymuPz_mw263lZURxK0_8o7BXDiWWHRGQ6SliL6pCzZsefnwEKGWEAlAJrndkvrUzMIIBBYhAzH-_8bD_PlXt74pxX2bcn2JspebGuqDPBiC6zVtLz3MCDOksGIdeuN6Hycmg9ClHyixIJl4Bm5ielFEQbiagfKSkbHbtLenpLG22FQKUuU4I9yp8Vl53lMk07uPoVbHZF3gmta95dZR1n2h6s9udJmSa-cCM3ixjHKQM1Y4L-2wkZ5tbAIwyRuvVzmhSpomgxte30eoUfMczCojozXa4jq2L4WzbibDiUAc2nL3uCqeb6j557P8Jy16gWXtiCZVv0Q7jOT9x8wxWi_en8INA6x8dJzrgUDwxlQ2JFtlYBSdUhiBqrFNDQyMd2G4KuqV8T3Nm83Uh7hQBF4sIi0_M_yqAhHW6rxaj89FnbfE58V87egGf09q32o-gcZTMKK1WNPPqLx41mZKLgjvjUpkXMdwSFEN9PoQhXMkJTXR1VKOzxbVrRAZEZ4aqe9CUQeC9jewLrwZpgrhltmxhV9jd2T7389RCR7Y2nOPlxzuPGRESNtwbZiGgLrUecEqqnL7njQEbZ0kGWcQj-8OjTAFGy6LIxuuTUJ0BqM8a3lc4IU6LkJY6UEGWgaDL5weJHNwaZt6_jnLrDKee1tcuUvp8foCHafPaPgX_yYAHybjpr6aBhI7BIKR0eemcOczb4tMZ6IGVTNwsnqdpsq8Kfm0JW7EDWIxSHJwprOtXt9wOsOij5ije-UHprXKfAGjrQFE8pP8n8oHZfMPfwqJw2ojmBmDPsH2BuJ9nh88uQ0Z3r2c-WdLOuAdko4MHvnP6xm7vScDpOUZ5sphAwd-WneanxB75TFvwxzYW9w6AVXzI5S9JdFZjml3dEd6iy8I1Fp4Yn-uLh4gNXX9oXqrpSEWRm5jlBCEtgmvy051S-lTAT3WfkwMT8Dk1NtVn3P3bEIInVvEhtilaeRp3izAGK_cXaDMQB7bdaakIbhzVQSjfGYqZIpM9Of0mVByDg2zqmNxEU1pQnKhdFYcryn6zRWeFNhaCOCQ1WLm1dcddpSTdjcoQHeaR73C8BxkopdIx7veW3zKYEEJpFy1g4O6YbZBuWLhPoZAatNMWT7I_cw6hPe-rfFWjv8VPQyU9A4tmXQoc-WQSXhuNcKZIUvE74rNSamOcBq8jBmhjrHcJPNxULa9xW_gfr1No9eFfqsTEEqhE1SGlx3DDQoAJXeohT0wy0Gh2jZO7OjyzVsYX_0WZJbX2lymuryM3QKP029VDNzUPqgB5B-xqhGen7selMikYmVAR88uJmPTIsBToXnvxB5Su1lBboPCZ16aOEFocjyODc7irKGfyzuBHYB4NzS9DtwhIsUW4bnZskJEIoxZsEdrakOMN7FhMCODVFPlikYbHoc5N5twxlVvIY63KDG9sIU3EoJ39A_dve2xtjJCFgqifv73ZN4EDzb0qOdTITGPaw0necWDURQGVDKVSCvARVvI9f-X7ogKmLkiF5T2JkqXQSRwih11pXxGOurIOA5CdPY7nbRL-X2zOGL2FLV34Sjmdyk_bZR8U604I6Be3wznxkEqs8iGq4NBAByptge1wk1AyARpEDmYrYVp9cyXVt0X0V4L0r76CNdY-tsOLykaaFSjZN4HBnYCi9h-p9VBgFfonFN-4eAxsuDHzJlpDQXGKUG56pwCJDLY6UYHIB_MA3UnpUg1yaoSBH4CDRBXZlil-o7MwpoazqSnlM4gSyroBPlwx6G5gLT1IE0VwtATtxkBi0YhHMjCKga6EnwOIJR9yxBzKQg-oD0L_iMpPJuSCKBwGtQ5koTLkNB3C6wyPnpxpxWFWsQ5u7RSuTDGdQq8-wjOPSc5Q7tHZK4scXvFLaGFcGFCS8E5H1utq4LQTxOxH3mLb3S4v4rJzs-j3U38RSj0nSw3acTc4PFy3gTAYzj45zRMxE8Lr9a4wVWst_dFWTPfMs75ib5XtjggGEx8tyb7bOq5x6s5eRONURHxk7X6wstCl1FzqrohwEEtuI4WGb7gbGGnjTlUxMwudD53HAwwNzFpUaPswkS2JJUjhyEN4xldmhf2aWgjxGqNJPgg_iXB4_Zg_1hjVeGXnmBKkZKftSnPiWyr9y2V6Dl_z92n5FR2TtVCI8BzgXFHb1mnprtl7lFqBM2eorgioM3ra9O4qGxDkhwOKdjOMfdH97RJqOXxwDsn6Tc6neLIt9ieiVjG6pCD9RP6fUjKTb-g1QOX7CxfWOTSeKeZ5OEAm8kX3TaynRWxDOuc_aJLwFpmfIXPoz322G8VHBst3kQHxLoDkLKzj-MwiFYD0-BfK3MH5R7klrWq-AdzmuEVx48fl2ezPYW9q6747L5fkwHmJTss9-Ps9s5M2rdb7P5eJ_M2KwCBo97cqSrWpuYwQT7OybXTq4eOu5gH6lWHQV0pI-AVpgqryBdlbOKDq7_2xFcU4zQrx9rJSZLds9zdBqFtn7Nc1dXrtxYDPQlnMMjtmsG5z4g6eHe2Te8PvCDcMFXEu9fZfIWDTmnmO2gjfx9pCI1-TV1s1LQhVYleaNYjwwo&cid=CAASFeRo8TrYZwn02dB4U33ZThcJYQvjoQ&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8638
x-xss-protection: 0
server: cafe
etag: 15675381762197352129
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 03:34:13 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/ Frame 2998 8 KB
3 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 03:13:36 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2998 0
592 B 79ms
35ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvbezZRrAxiPb9JzXmHcEGmOSWzSfnSrEHsmtPeYucz4PNICaRUigPw0BTmmT_oIApzqfPryv4cWXGRWklwJZPH8YI7Auv7thcYonNJjT6UBcZwsMF2D6K5bq3MxXwEJ7SmOg6JXgt_qCZojtarqYl7U3ljCjU0nLXO9Bcc1DhHISkXHNVCra_whRiNoDKsfNgubHuzl2ZgjydV3oXOK5RcQUKdPVuEuonOPO3m12l9t4H8ZF1CbJe_ExFGHspd9MAwx37suaFFHuD3Li3Saw4oTASTBDph7SHrQL2Kwn89sUTCUOMKrLgeIxEaiCh-6qNqKgEU1mW6U9XBcJh1RgIKsAVcBatW4nTybg4VYsGLR8Xebe84jOvl0GIg8dnwVuf7S6AtLGNWIay6U_yi2rDQMZlHY4bhKKgFpnGZ5yfqStdRD2JEugf8-sqn-m-jzsj5D7nL3txSRORFHV1VcS7-upezihha1uSy5TUSzlSYLH23X0Kxz0FtquX5FHJ-LOnlG2k3NV9CoM6nL7IIDOorMvMuh9FP5v8_P5haiCEs6imtvAMHBZI8p61iOTUZYLVPSGdPKyFXh8kVDlKonJt2cuSS9Uq0l2Qgdldd1gXqfPJ0T6fHoYeHRkWWUFsowr6mKye6LZP8oCMBsUsFec_nxhO72ZkXSKi8xWCNXtApCpzHgOn1zymdRfeTseBuI5WN5eLXZZ_w96OYTaGPGBPdGTmaLTcCODbi_6-dHKfXjjSQOa7Z3P1L4bahZCkI1Wtt0kKIOGYSf6B3o5PPe2bCtoqsSAF_C174w6s-3pfh8uyA4BadJHBgxePI6Y7JGQcaqF29Qu5AxClq513D04g9_ABDwnq2K4pcb_otNAyUPz6Csdki4T6leS53ayfyVNMm06PvwEIMjxSzYnJY6_Ad3Hh06Uxcref6D3CNjQNVRfn5kmb-metMmqS5TIHtrAGBKiiPENgqo8JHYjvRwpRnV5UhiiK5JaSq7YWcp-61WVEA37XUlIDPO0MIM22KkJej-FIxEILqp1XehwPZDNBrGoHKIfH815aO2s_zzkcRYXZ-6kgqSjlmZWD58s_jVQvcNITYX10X7gm9UzGvDaZzB4WOVAGR0_Ei0F4zm9zQhUNJ0ROxPqt5rqUNKmuMewBxJJ41X90rqp7t3_CX0sVKjCbhUNr_g_PoB0DsEMWxli9C-yV94mI&sai=AMfl-YQH4qKhqHRe3RWsWnHWV_8XbIao1akx8vrQ6Q2Yn91o2-8CjDuyBbSwNuK2lyoXn94z__GfQLwoMFAFEww2p8r6Z9nN-X1YZiTgVYmf9Npo8RNv8YfshYBzij1Vz57cZ4UeMBd2HWDoRtbPnljKEFJbib7kO_G89SoyJH4&sig=Cg0ArKJSzE7lfKT8Zns2EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210616.62888&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 20 Jun 2021 03:42:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2998 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:57:31 GMT

GET
H2 200 CKSW_Authentic_300x250_W_01.jpg
s0.2mdn.net/9331698/3069888449638464/ Frame 2998 29 KB
30 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9331698/3069888449638464/CKSW_Authentic_300x250_W_01.jpg

Requested by

Host: b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com
URL: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31612a445330f3caad636508c6bf10798f82e4a305d3d4889d66b76c77ba899f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 15:39:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 17:01:07 GMT
server: sffe
age: 43342
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30086
x-xss-protection: 0
expires: Sun, 20 Jun 2021 15:39:47 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame A386 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 20 Jun 2021 02:55:39 GMT
expires: Mon, 20 Jun 2022 02:55:39 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8A06 783 B
532 B 26ms
24ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b6a4cd2eb7e79211f9adf4e12c2464b996e779059ede247b5ea28838edda753f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A7nKp+KZI7bU21xY5bNaxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

expires: Sun, 20 Jun 2021 03:42:09 GMT
date: Sun, 20 Jun 2021 03:42:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-A7nKp+KZI7bU21xY5bNaxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9BD6 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 18 Jun 2021 11:17:20 GMT
expires: Sat, 18 Jun 2022 11:17:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 145489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2998 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 191ab5af09f70a4dfa330c2450c7bf58de01fd10f73c73c22cead5246cb11589

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2998 0
60 B 28ms
28ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 03:42:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9BD6 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 21:30:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 21:30:39 GMT

GET
H3-29 200 euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js Show response
pagead2.googlesyndication.com/bg/ Frame A386 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 21:30:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 21:30:39 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061503&jk=3802901817921224&bg=!9vWl9bHNAAZktE7iZLQ7ACkAdvg8Whl6sBw-1OY03okb8XtN3lrrYzVLLh-W9hR32b-snZGDxzBuVAIAAACEUgAAAAxoAQcKAHJPU0XUM6Y0mRBnARaWsWFwR-OA38R_lWSshCvqF9KfPH_CWW4NDow2iFi9VoBxxzLOwkDE_aY6kn7qJHhZCU8dMM1s6eudCS9RzSFLAJ5pI7gUqOIv-0BzgejE0GSUJm92eYaud8ZQh5Zg3hzaqF4clOSZAmlMatUQpxB81Rkd1bTXRIytE-cW0iiZjuWrLwhhJjWeK6YwUf8LGAT8tiaL5DlsGxooHNnG3r4o8l4nifBsW-_zlLDJuxsZixUNED4wirHyw92oTlh_4k2tmAtiOGcsZM1XEhXAcrWLDVcp8gCpWmc1VUT4tdghbbNy2nRzttMGdjqyCwa-th5o-2ATuMAhYxFtlNqrWl2Yv8ai_Lc-aE0biGsf660Kx9NltaCPDKcWSycG8ODaLELFhDhuH977fFy-1FLjJVdLGcCGeLve3ypyMK7jh9b7nxvYb9X8XnqIRE9P655DOB37KNUYiVnChJPY0tPdC0iW0G21mcpo5R7sz2A-UfuB5HzqIiLPZgQUSg1SBAkveOWwlE6EukhkU7rE538E3UX1J7RI46rjTdgFsbNCSBi-PG4Cm-iqrrrpx2wG-AL-OTqRJaaqy9nVVfD4njgYBVEJAW_X_GItREEnD0npSoEPcC5Vn1FcYCTZ7tKojOvAiFM0Dv4BatvwIUmJALmH0x7PGNaNiJE94VUzTB8FM6todSFXxYa-EQkpVJxcbu3oTcRZNGkYfsgnLOpEprOmedjZERTHVJkws5fJX_OPSMDYLUOJxc_kxDaOwt5QNPgnzwsEN02e4RLpsUOZc1qp8M-zjatKk6Y5vpxKTXIF22b5SrfgWtAkdjC_aTn5ih_ewHeHu3CtydiDvkBhOi9J2P3-2FO02ja4GVM5WOZcUPm1uJ-F0bNfnfHu5HwnZpoTvyLvrV3XUPv9YGUFLlNzP-W7ScLRwHqrmdRzZOoZi8PIrBIhzjlqvIgXZnAuczGa3XqREA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BD6 0
20 B 17ms
16ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5iR6EbnOYLChK6zV7_UPwK-ZkA0AAAAAOAHgBAI&bg=!OjmlOX3NAAZktE7iZLQ7ACkAdvg8Wipz1wDtWur9rk-r6cln7cJdL2MebH49KFA4H5YSMAP4ThLrTwIAAACdUgAAAAxoAQcKAEWyPF2weeFwHoUYVmnglBzOo6qYcjdKwDY7cpwjRrmxfLVLMPTKU5aTIETXz7FhHt01-nbNXA270EMOOEwdojT4wiHMVzGZAsvom5zv44F6QThmsDfKySc-YXYMBOQfI37T1VFtUb56KHpbfuE0sFijNn65tdVybOzEBZSvKJQ6BgrIzn39CtBZoAzNi6O2GNE48JM2ivmNQO8vArTC4taEvDXPpdqZwCxoaI8aNsKUtZJAcJCxGiISVbzCwnDESjsQ5Vgi4WMD5VgkwxDdJyPJD5d-vYsDOW9HjwIZXZ1NAflxhv7pdYqMGcOTDF0coRc2pWjK12sE3lkWWEFx0Yve73rrdy0hVvhx60W4f6kGw3r2BRAsYCYToeERjXYXUmIOpSWL4kcpz0ymcH4hZdGUCDYE4L_4IN4Y9LZ7VnTh07pLj5JT7WJHSsCrnIb8rrQmVp-jErzQFbBNvUoA8mGXSQ3OM0OOjuKQzSs1gHSV07JugfjxG9aM71REVvSlBKgbkI_px6NF2peQNQiM1IPGI6xEcX4vb6E_JVcpLXouyXYlMNgB2l8BOeUKCMXS--HwUas6mvphdl3O5eK9Cv9StIp8u9nShmwNbqGKCQdiXIY2cs1BJyXqPSV0pLy1xRkPgmgG-MC5V2l1YkXig_hDJc3FfpfasB-MEERxQXjBmJGd9hZuYeMkj56kVbnXb1gVeqQqHofWHp-XquBIIYsavszmPNpdI1d7IVaS4hI_yuNMfhMr91iZCVrUaSpSzZGyJIOwKERZdUC44S8qGIgO-4dPxsaWBGsznJYkZYgsxZyRFTk_IGb1OJBQ0LUGPYCtQwnPsO9MNmkvcHZHxPW0ij2ocEr1h0qC87adgbt_-m5x9nkLQ8vyScDa1POSi8Lh-aFi8VOVhQ5G65ZsEUgrLFsGaBy6B8NXLRGgPds8a3AGXb_dVXAOn9h0pGL7FXjYQ6tHNk_HobZuMEmEHbMUuhlZS8f_9WYNYt2_8ICFQSevqDUhwhSjH20vUR0JfjPb903ug7fWgisPsPnKMJeXAyAS

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13567.json Show response
img.scupio.com/js/config/ 374 B
762 B 26ms
25ms XHR
application/json 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/13567.json?v=1.0.3813
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 01db7866b8ed97fd6bb8bb535f5785b404153cc7a7d6ce37d586da98d3593ce4

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.plurk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 20 Jun 2021 03:42:04 GMT
via: 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
last-modified: Wed, 19 May 2021 02:16:47 GMT
server: nginx/1.12.1
age: 6
etag: "60a4750f-176"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 374
x-amz-cf-id: UHm4-x3t_fvI0lyRsR09IERZeWaJTaSEX72Dt6xNBO3HM7i4XDqcIA==
expires: Sun, 20 Jun 2021 06:42:04 GMT

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame F46B 35 KB
14 KB 29ms
28ms Document
text/html 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.56
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 3dd06f5770208f248296cdb0ed209a423046889337177f4c0394b220f42c5504

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ad.html?v=1.0.56
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.plurk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CKA20210620114210498881
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.plurk.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 03 May 2021 06:16:34 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 20 Jun 2021 03:17:29 GMT
expires: Sun, 20 Jun 2021 09:17:29 GMT
cache-control: max-age=21600
etag: W/"608f9542-8d2b"
x-cache: Hit from cloudfront
via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: C-G9de64gIiLbl-QIaWGKSC3rxbGxH3nz92eWYiQNTicVPVtupDw5A==
age: 1481

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame F46B 95 KB
34 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 01:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Jun 2022 01:08:46 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame F46B 235 KB
85 KB 29ms
29ms Script
application/javascript 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:40:08 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 07:57:27 GMT
server: nginx/1.12.1
age: 299
etag: W/"60af50e7-3ac4b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: ehUSFLgEIzNYkG_D3GYyDWrik3mgdBQpxyYvnczSrXqQ9kTooxwtIA==
via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
expires: Sun, 20 Jun 2021 09:37:11 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 14ms
14ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1439
date: Sun, 20 Jun 2021 03:42:09 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame F46B 108 B
486 B 26ms
26ms XHR
application/json 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 754f6a663422e4ab9d3b26427d2ff42e941d9a7d7c1fa02181a17f6768d425aa

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Jun 2021 03:40:34 GMT
via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
last-modified: Sat, 19 Jun 2021 19:15:54 GMT
server: nginx/1.12.1
age: 141
etag: "60ce426a-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: J-o7ZBu8nEIbarlzGxXl2MF99XY5Gl6KHrJw234Q6hOtXi2VZB-CAQ==
expires: Sun, 20 Jun 2021 06:39:48 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame F46B
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=dUQiCnxwRjRsM2dSNmo3N0hsRFVReENrclNZdWRHUFdhQ1FrWE81cVBKb3NMMTAyQXpTVkw0YUpYaUdtSTM3L1F0bW5hZ2V5V0I2MWRpSFo0YkJGNWZIY2ZweFBXN3ZONE00UWJ6SEU5SnJDMXZpYWJNdk5DeDNoN2FlV2...

350 B
631 B

28ms
27ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=dUQiCnxwRjRsM2dSNmo3N0hsRFVReENrclNZdWRHUFdhQ1FrWE81cVBKb3NMMTAyQXpTVkw0YUpYaUdtSTM3L1F0bW5hZ2V5V0I2MWRpSFo0YkJGNWZIY2ZweFBXN3ZONE00UWJ6SEU5SnJDMXZpYWJNdk5DeDNoN2FlV2RZdFFhSEZHc2ozenZyMlk4Rm1FQVZLcEo0Tm5Hd0s3ZWMzVFlEaWpuN0kxSlFnVTBzVFQ4ejV0Zlp5bXhNODhMcm9tekl0TkF0RmZGcnNmUUlPWmJieGdab04zajdJL0UxdjJ1SEpzNTlQUG1VUTFDZy9FPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7a2a55171522fa235589dbccf6f7ecff7f83ddbf36e1f8470b2f5c0109f1822b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 20 Jun 2021 03:42:09 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2370
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 20 Jun 2021 03:42:10 GMT
location: https://mug.criteo.com/sid?cpp=dUQiCnxwRjRsM2dSNmo3N0hsRFVReENrclNZdWRHUFdhQ1FrWE81cVBKb3NMMTAyQXpTVkw0YUpYaUdtSTM3L1F0bW5hZ2V5V0I2MWRpSFo0YkJGNWZIY2ZweFBXN3ZONE00UWJ6SEU5SnJDMXZpYWJNdk5DeDNoN2FlV2RZdFFhSEZHc2ozenZyMlk4Rm1FQVZLcEo0Tm5Hd0s3ZWMzVFlEaWpuN0kxSlFnVTBzVFQ4ejV0Zlp5bXhNODhMcm9tekl0TkF0RmZGcnNmUUlPWmJieGdab04zajdJL0UxdjJ1SEpzNTlQUG1VUTFDZy9FPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2916
content-length: 482
expires: 0

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame F46B 0
285 B 291ms
291ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.24192960870105384
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Jun 2021 03:42:10 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame F46B 0
323 B 371ms
160ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7BE8827732D680EA64BB3A493A78B&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&fp=undefined&eids=&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=aeb22c2d-2112-489f-81ee-8574ece4c77c&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:42:11 GMT
access-control-allow-credentials: true
connection: close

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame F46B 0
187 B 32ms
32ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0-pre&cb=75880898808
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:42:09 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame F46B 0
176 B 174ms
174ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sun, 20 Jun 2021 03:42:10 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 27ms
27ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 856
date: Sun, 20 Jun 2021 03:42:10 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2998 42 B
64 B 24ms
23ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqRVd1alZAGAjuvihadBm1-HM4J5qmCFdr-nDthDsBx_QADh_XCa2dnyjoZoFTNoUloNKn3t-W0thausv3-KIDQPEX3lEz4kLjcwnZvZKGseI2Y66IzYM3S5Q&sai=AMfl-YQDCZ9p8h2hd6bj-EKyireU4npVyst8QaNoJSnMDjKWsJ1q-ghkhWN8rG2pdz_kD63pYGdoVfJ5DF15WWiKHWbZk-XTvEugjQZAb0JNC9TSExm2s_sfZPk_IJ-7zrI&sig=Cg0ArKJSzBYOHOqDwYJOEAE&cid=CAASFeRo8TrYZwn02dB4U33ZThcJYQvjoQ&id=lidar2&mcvt=1000&p=102,1005,356,1305&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2862190043&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624160529670&dlt=20&rpt=134&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame F46B 2 KB
2 KB 291ms
291ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.5548844831025608
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 665f8d1a8f10fb6a19c5405da7abf1b0ba103ae61e74ea7f50bb03e1680e4993

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 20 Jun 2021 03:42:10 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 1464

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 68E1 83 KB
27 KB 44ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:11 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Jun 2021 03:42:11 GMT

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame C8F7 1 KB
1 KB 27ms
26ms Document
text/html 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/html/ad.html?v=1.0.56
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CKA20210620114210498881; gx=H4sIAJMpz2AA%2fxNmYGDg4uaYtPT%2fprcvb1oKsAqxcNgLMAEA%2bQAbIxcAAAA%3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/html/ad.html?v=1.0.56

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Sun, 20 Jun 2021 03:36:37 GMT
expires: Sun, 27 Jun 2021 03:26:37 GMT
cache-control: max-age=604800
etag: W/"583295c9-4dc"
x-cache: Hit from cloudfront
via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: RZ7yWtc2wvUmzzTB8DUNgk5l-egvhbqlOnBAR6QBMoQ_Ga2h1LP65w==
age: 934

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 22D4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0tBMjAyMTA2MjAxMTQyMTA0OTg4ODE%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOng85NQkDhge00v9rbSyU8&google_cver=1&google_ula=3918219,0

0
551 B

1167ms
289ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOng85NQkDhge00v9rbSyU8&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.59.219.175 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:42:12 GMT
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOng85NQkDhge00v9rbSyU8&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame B1A8
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

54ms
17ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: www.plurk.com
URL: https://www.plurk.com/p/of4uyi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://img.scupio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Jun 2021 03:42:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date: Sun, 20 Jun 2021 03:42:11 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
www.facebook.com/tr/ Frame 22D4 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.56&rl=&if=true&ts=1624160531402&cd[SBST]=25&cd[PuID]=plurk

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 20 Jun 2021 03:42:11 GMT

GET
H/1.1

200
OK

uxid.aspx
rec.scupio.com/recweb/ Frame 22D4
Redirect Chain

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CKA20210620114210498881
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

35 B
581 B

1005ms
289ms

Image
image/gif

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.56
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.59.219.175 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:42:12 GMT
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: image/gif
Content-Length: 35

Redirect headers

location: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
date: Sun, 20 Jun 2021 03:42:11 GMT
connection: close
content-length: 71
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 438B 2 KB
2 KB 14ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.plurk.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1649
set-cookie: uid=7262c0ab-170f-4bbb-b5a2-d30da644c651; expires=Mon, 20 Jun 2022 03:42:10 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sun, 20 Jun 2021 03:42:10 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 68E1 83 KB
27 KB 49ms
24ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:11 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Jun 2021 03:42:11 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame F46B 83 KB
27 KB 15ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:11 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Jun 2021 03:42:11 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B1A8 31 KB
9 KB 19ms
19ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 31b642f3d722942829e13699ab3ee280e0b2213d098096ca138cc315d50d1c2b

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:42:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 16:13:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21074
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9274
Expires: Sun, 20 Jun 2021 09:33:25 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 902E 2 KB
2 KB 16ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.plurk.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=7262c0ab-170f-4bbb-b5a2-d30da644c651
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 4611
set-cookie: uid=7262c0ab-170f-4bbb-b5a2-d30da644c651; expires=Mon, 20 Jun 2022 03:42:10 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sun, 20 Jun 2021 03:42:10 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame F46B 83 KB
27 KB 16ms
15ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:11 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Jun 2021 03:42:11 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame B1A8 284 B
922 B 77ms
19ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/jpg

GET
H/1.1

200
OK

rubiconid.aspx
bw.scupio.com/adpinline/ Frame B1A8
Redirect Chain

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=KQ4N8UQP-1N-47TO

0
621 B

289ms
289ms

Image
application/javascript

210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bw.scupio.com/adpinline/rubiconid.aspx?uid=KQ4N8UQP-1N-47TO
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 03:42:11 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: application/javascript
Content-Length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://bw.scupio.com/adpinline/rubiconid.aspx?uid=KQ4N8UQP-1N-47TO
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B1A8
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQwMmJmNzgzMTBiZDQzMmVlOWNhNmUwNjgxZDFmZGNmYTBiZTVmMg

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQwMmJmNzgzMTBiZDQzMmVlOWNhNmUwNjgxZDFmZGNmYTBiZTVmMg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQwMmJmNzgzMTBiZDQzMmVlOWNhNmUwNjgxZDFmZGNmYTBiZTVmMg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame B1A8
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQ4N8UQP-1N-47TO&sigv=1&esig=2~ef9b311375afa283df19367d99c6a09735278f98

0
446 B

20ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQ4N8UQP-1N-47TO&sigv=1&esig=2~ef9b311375afa283df19367d99c6a09735278f98

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:11 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQ4N8UQP-1N-47TO&sigv=1&esig=2~ef9b311375afa283df19367d99c6a09735278f98
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B1A8
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/ES3BdSi0u7RqlhyErW9EWMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2284530177894478215

42 B
679 B

18ms
17ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2284530177894478215
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

date: Sun, 20 Jun 2021 03:42:11 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2284530177894478215
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B1A8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAKPyaLqVXNJgix7OJceM-0&google_cver=1

42 B
679 B

71ms
19ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAKPyaLqVXNJgix7OJceM-0&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAKPyaLqVXNJgix7OJceM-0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B1A8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YM65EwAB5HstvAAC
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YM65EwAB5HstvAAC&_test=YM65EwAB5HstvAAC

42 B
679 B

18ms
17ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YM65EwAB5HstvAAC&_test=YM65EwAB5HstvAAC
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1624160532.895711,VS0,VE0
x-served-by: cache-hhn4074-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YM65EwAB5HstvAAC&_test=YM65EwAB5HstvAAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame B1A8 70 B
265 B 131ms
43ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B1A8
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1E0TjhVUVAtMU4tNDdUTw==

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1E0TjhVUVAtMU4tNDdUTw==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 03:42:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1E0TjhVUVAtMU4tNDdUTw==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B1A8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9a2660ce-b913-4a00-8525-a893fb046b93

42 B
679 B

26ms
17ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9a2660ce-b913-4a00-8525-a893fb046b93
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

Date: Sun, 20 Jun 2021 03:41:36 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=9a2660ce-b913-4a00-8525-a893fb046b93
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 20 Jun 2021 03:41:35 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 68E1
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
507 B

126ms
126ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:13 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Sun, 20 Jun 2021 03:42:13 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 68E1 35 B
266 B 327ms
111ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:13 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame F46B 35 B
266 B 334ms
114ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 03:42:14 GMT
connection: close
content-length: 35
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/v1/prebid/bid

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.plurk.com/	1970-01-19 19:09:20	Name: _gat Value: 1
.plurk.com/	1970-01-19 19:10:46	Name: _gid Value: GA1.2.526225200.1624160529
.plurk.com/	1970-01-20 12:40:32	Name: _ga Value: GA1.2.784463767.1624160529
.plurk.com/	1970-01-19 19:30:56	Name: plurkcookiea Value: "aiZBqgZYB5dhUilMxhpMmxUEmYtEIcTeZZ+fTNTURno=?from_url=Ii9wL29mNHV5aSI=&invitation_from_uid=MTQ4MDc2MzQ="

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.holmesmind.com
ad2.apx.appier.net
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.plurk.com
avatars.plurk.com
b7c81ae8381035df097ba44573748f71.safeframe.googlesyndication.com
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.aralego.com
img.scupio.com
imgs.plurk.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
rec.scupio.com
s.plurk.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.aralego.com
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.plurk.com
ad2.apx.appier.net
103.132.192.30
104.109.78.125
13.248.242.197
142.250.184.194
142.250.186.162
142.250.74.194
151.101.114.49
162.210.196.208
178.250.0.157
178.250.2.131
185.29.135.234
2.18.234.21
2.19.35.65
210.59.219.175
210.59.219.180
210.59.219.181
2606:4700::6810:135e
2606:4700::6810:5f41
2606:4700::6811:4503
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::2001
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:803::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:831::2001
2a00:1450:400c:c08::9d
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f11c:8183:face:b00c:0:25de
35.201.76.93
54.178.71.123
65.9.77.122
69.173.144.138
69.173.144.165
69.173.158.64
01db7866b8ed97fd6bb8bb535f5785b404153cc7a7d6ce37d586da98d3593ce4
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
052b002fc21d939e5bea2da683bf6a711a59f2cf58012dab6e4d2699e53b997a
0aecc9b5932d8ac19c7bb6b68a6226e52c710880f6f1e054684846a570f87e13
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
191ab5af09f70a4dfa330c2450c7bf58de01fd10f73c73c22cead5246cb11589
1e7d43630a261b51e2a419b892c4fa8aed22dcbc1cfc7e5f8a575771d5fbe67c
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae
31612a445330f3caad636508c6bf10798f82e4a305d3d4889d66b76c77ba899f
31b642f3d722942829e13699ab3ee280e0b2213d098096ca138cc315d50d1c2b
3dd06f5770208f248296cdb0ed209a423046889337177f4c0394b220f42c5504
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49832bd9d6e23a7771e130b7a8c75e669a56e10f6ec88afd6872b9e27218f231
49d706fc3e4dbf7484d9143806e2fe9bde08e4089b678a919019771e7a5c2f4f
4e17a8b1a3f28afdc3e192a553e862b827e8c23688433711fd60ccea0539fd56
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0
665f8d1a8f10fb6a19c5405da7abf1b0ba103ae61e74ea7f50bb03e1680e4993
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
673cb57b8bcbb6394a6b47f190d86077949725e7c9e4445d2366cbd43b242224
67a06e09f719fde5bf65b689bcbb8284296bd18227b94e8f525a17b334c8c09a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
754f6a663422e4ab9d3b26427d2ff42e941d9a7d7c1fa02181a17f6768d425aa
75fac6b3fb8fc0cd2fcbd4a7b2550ade3d5c5792d81db410875b91d4532f3c40
7644af38eab82d36c7e546d9bdac3b27fb22641927eb9368bc5c33c777c6d676
7a2a55171522fa235589dbccf6f7ecff7f83ddbf36e1f8470b2f5c0109f1822b
7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b52207f42e563d3a8bb56e7203515812c47ba7d8f31573300f06d323ad540f6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92c16c0348f2d05581dedabd53914d611dfde718909d0d62559ee5097acc9691
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9a2c0a3b3510b56be29d68362d3e731986fdc810bb57d6ed461185b278ff89e2
9b74b126cf240907ce43c81623014b2b7a84d5463004ba86d9cf04b3fc4388c9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aff8e4c1ba02a29c7f0272e4e15eb2025ba9beee116cb41badb5ed1e497669a6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6a4cd2eb7e79211f9adf4e12c2464b996e779059ede247b5ea28838edda753f
b90a40bb183f1f7036a6aad2fe03e57e5cf350a6c76779915cca7c1e37e1427f
baaa0a4b97bcfe92d28088742a699295f73a597ea6d07bf24f7887c239879de1
bc7a9223874861c2b9fa970476f94a0013644fcc8c8b26a428549a2f2d050840
c5c172d5409ffd93c82ce64e7770c57e4fa21316e30cd29356246e578f630f2b
cba9280619d59a2b02d40030a3f4dc5a320e0692b09d5a4e38fef67a4923d6fe
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d6645e2c0a595a3c171a6a0eb57bbdf2abab1e9f813676ac75b2916de4778c45
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e1ba74945c36d1928d02079f476ac27d123ffa19c6fccfb2a3d14b35614b9218
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e652bca51f3d99e146d9b1d9b59b275412dc949d345c0a4566dbfb881f46a40b
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949
fb18058302f67c3f2c45a9b273a9536bcd4e3589c07d041d68d999740f778790

www.plurk.com Open in urlscan Pro 2606:4700::6811:4503 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

115 Requests

99 %HTTPS

51 %IPv6

25 Domains

49 Subdomains

41 IPs

9 Countries

1077 kBTransfer

2961 kBSize

4 Cookies

1 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.plurk.com Open in urlscan Pro
2606:4700::6811:4503 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

99 %
HTTPS

51 %
IPv6

25
Domains

49
Subdomains

41
IPs

9
Countries

1077 kB
Transfer

2961 kB
Size

4
Cookies

115 HTTP transactions
1 data transactions