urlscan.io logo urlscan.io
SecurityTrails logo

www.plurk.com Open in urlscan Pro
2606:4700::6811:113c  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.plurk.com/p/ob9jem
Submission Tags: falconsandbox
Submission: On September 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 50 IPs in 12 countries across 32 domains to perform 139 HTTP transactions. The main IP is 2606:4700::6811:113c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.plurk.com. The Cisco Umbrella rank of the primary domain is 303670.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 29th 2022. Valid for: a year.
This is the only time www.plurk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
10 13.32.99.7 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 210.59.219.180 3462 (HINET Dat...)
1 2 34.96.119.68 15169 (GOOGLE)
1 1 139.162.58.205 63949 (LINODE-AP...)
2 210.59.219.181 3462 (HINET Dat...)
2 178.250.2.131 44788 (ASN-CRITE...)
2 35.78.141.198 16509 (AMAZON-02)
2 103.132.192.30 138552 (RTBHOUSE-...)
5 162.210.196.208 30633 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 5 142.250.185.226 15169 (GOOGLE)
2 4 104.18.18.126 13335 (CLOUDFLAR...)
2 3 185.89.210.20 29990 (ASN-APPNEX)
4 144.76.91.199 24940 (HETZNER-AS)
1 5 136.243.149.243 24940 (HETZNER-AS)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 2a0b:4d07:401::1 44239 (PROINITY ...)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 167.233.14.134 24940 (HETZNER-AS)
1 3.11.195.34 16509 (AMAZON-02)
1 54.76.176.197 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.9.66.110 16509 (AMAZON-02)
1 18.66.147.44 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.56.221.73 16509 (AMAZON-02)
3 2a02:2638::3 44788 (ASN-CRITE...)
4 8 2a02:2638:1::13 44788 (ASN-CRITE...)
6 178.250.0.157 44788 (ASN-CRITE...)
1 210.59.219.175 3462 (HINET Dat...)
1 1 92.123.9.160 16625 (AKAMAI-AS)
2 23.205.235.133 16625 (AKAMAI-AS)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 69.173.144.138 26667 (RUBICONPR...)
1 69.173.158.64 ()
1 3 35.201.76.93 ()
139 50
19    2606:4700::6811:113c (United States)

ASN13335 (CLOUDFLARENET, US)
www.plurk.com
s.plurk.com
imgs.plurk.com
assets.plurk.com
6    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2606:4700::6810:dd13 (United States)

ASN13335 (CLOUDFLARENET, US)
s.plurk.com
www.plurk.com
10    13.32.99.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-7.fra60.r.cloudfront.net
img.scupio.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
4    210.59.219.180 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
bw.scupio.com
2    34.96.119.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
1    139.162.58.205 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1471-205.members.linode.com
gocm.c.appier.net
2    210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    35.78.141.198 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-78-141-198.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
2    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
5    162.210.196.208 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
sync.aralego.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal9000.redintelligence.net
5    136.243.149.243 (Tamm, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de
hal900030.redintelligence.net
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    2a01:4f8:d0a:2321::2 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    167.233.14.134 (Oberschleissheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de
futalis.de
1    3.11.195.34 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
track.webgains.com
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
1    2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    65.9.66.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-110.fra56.r.cloudfront.net
analytics.webgains.io
1    18.66.147.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-44.fra60.r.cloudfront.net
cdn.track.production.webgains.team
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    52.56.221.73 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
api.webgains.io
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
8    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
6    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    210.59.219.175 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
rec.scupio.com
1    92.123.9.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-9-160.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.158.64 (None, )

ASN- ()
pixel-apac.rubiconproject.com
3    35.201.76.93 (None, )

ASN- ()
c.holmesmind.com
Apex Domain
Subdomains		 Transfer
24 plurk.com
www.plurk.com — Cisco Umbrella Rank: 303670
s.plurk.com — Cisco Umbrella Rank: 538271
imgs.plurk.com — Cisco Umbrella Rank: 578564
assets.plurk.com — Cisco Umbrella Rank: 955237
323 KB
17 googlesyndication.com
6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 112
tpc.googlesyndication.com — Cisco Umbrella Rank: 145
104 KB
17 scupio.com
img.scupio.com — Cisco Umbrella Rank: 81385
bw.scupio.com — Cisco Umbrella Rank: 128116
prebid.scupio.com — Cisco Umbrella Rank: 66227
rec.scupio.com — Cisco Umbrella Rank: 144311
259 KB
16 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 742
gum.criteo.com — Cisco Umbrella Rank: 387
mug.criteo.com — Cisco Umbrella Rank: 2794
18 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
158 KB
9 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 43625
hal900030.redintelligence.net — Cisco Umbrella Rank: 345850
56 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 212
86 KB
5 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 922
eus.rubiconproject.com — Cisco Umbrella Rank: 551
token.rubiconproject.com — Cisco Umbrella Rank: 686
pixel-apac.rubiconproject.com
11 KB
5 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 20053
sync.aralego.com — Cisco Umbrella Rank: 2822
1 KB
5 holmesmind.com
ad.holmesmind.com — Cisco Umbrella Rank: 97909
c.holmesmind.com
2 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 515
3 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 658
84 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 22472
api.webgains.io — Cisco Umbrella Rank: 58879
85 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 225
3 KB
3 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 42604
gocm.c.appier.net — Cisco Umbrella Rank: 2217
616 B
2 gstatic.com
fonts.gstatic.com
26 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
ajax.googleapis.com — Cisco Umbrella Rank: 279
35 KB
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 213355
6 KB
2 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 48437
1 KB
2 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18226
352 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 9270
www.google.de — Cisco Umbrella Rank: 6487
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
72 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
297 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 69717
3 KB
1 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 97857
312 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 48447
2 KB
1 futalis.de
futalis.de — Cisco Umbrella Rank: 256817
409 B
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 281043
728 B
1 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 47180
630 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1058
5 KB
139 32
Domain Requested by
14 s.plurk.com www.plurk.com
s.plurk.com
10 img.scupio.com www.plurk.com
img.scupio.com
8 gum.criteo.com 4 redirects static.criteo.net
8 pagead2.googlesyndication.com 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
7 tpc.googlesyndication.com 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
6 mug.criteo.com
6 cdnjs.cloudflare.com www.plurk.com
5 hal900030.redintelligence.net 1 redirects 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
hal900030.redintelligence.net
5 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
4 hal9000.redintelligence.net 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
hal900030.redintelligence.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 bw.scupio.com img.scupio.com
ajax.googleapis.com
4 imgs.plurk.com www.plurk.com
3 c.holmesmind.com 1 redirects
3 sync.aralego.com img.scupio.com
3 static.criteo.net img.scupio.com
static.criteo.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.google.com www.plurk.com
6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 assets.plurk.com cdnjs.cloudflare.com
3 www.plurk.com cdnjs.cloudflare.com
static.cloudflareinsights.com
2 eus.rubiconproject.com www.plurk.com
eus.rubiconproject.com
2 api.webgains.io analytics.webgains.io
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.retailads.net 1 redirects futalis.de
2 pv.medialead.de 2 redirects
2 googleads.g.doubleclick.net 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
www.plurk.com
2 hb.aralego.com img.scupio.com
2 prebid-asia.creativecdn.com img.scupio.com
2 ad.holmesmind.com img.scupio.com
2 bidder.criteo.com img.scupio.com
2 prebid.scupio.com img.scupio.com
2 ad2.apx.appier.net 1 redirects www.plurk.com
2 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.plurk.com
www.google-analytics.com
2 www.googletagservices.com www.plurk.com
6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
1 pixel-apac.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
1 www.facebook.com img.scupio.com
1 secure-assets.rubiconproject.com 1 redirects
1 rec.scupio.com img.scupio.com
1 ajax.googleapis.com img.scupio.com
1 cdn.track.production.webgains.team 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
1 analytics.webgains.io track.webgains.com
1 fonts.googleapis.com hal900030.redintelligence.net
1 ad-server.eu 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
1 track.webgains.com www.plurk.com
1 futalis.de hal900030.redintelligence.net
1 adv.office-partner.de hal900030.redintelligence.net
1 pb.media01.eu hal900030.redintelligence.net
1 www.google.de www.plurk.com
1 stats.g.doubleclick.net www.google-analytics.com
1 gocm.c.appier.net 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 static.cloudflareinsights.com www.plurk.com
139 56
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-29 -
2023-05-29		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-13 -
2022-11-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
redintelligence.net
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-20 -
2023-05-21		 a year crt.sh
adv.office-partner.de
R3		 2022-07-05 -
2022-10-03		 3 months crt.sh
*.futalis.de
R3		 2022-08-20 -
2022-11-18		 3 months crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G1		 2022-06-17 -
2023-06-18		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-08-08 -
2023-09-06		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-10 -
2022-09-08		 3 months crt.sh

This page contains 18 frames:

Primary Page: https://www.plurk.com/p/ob9jem
Frame ID: 0CDA44FFCE33A10E0AEB22972F4385F2
Requests: 50 HTTP requests in this frame

Frame: https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5185BEAA3903DF03BAE324FE0D6D7F71
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/mv.html?v=1.0.143
Frame ID: 866C84502385840F0997024DB3DDE031
Requests: 15 HTTP requests in this frame

Frame: https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A6ED0D221CA39699EF526FA558F54D09
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNVaRh7LbULVNJ_m8vRQhyEt-sHQLGcVY1LlRpOiU7ggt7iV43pdaHcspMr04E40xo7eQ-IcnELfaq9E8FrkRobeJhMpTy3eFjl_T2PvxU0MEWlA_EBS0owRwiN0hjRSeAHJDHD2ZnjnTZ42lKIxzxO28Y35iUR7I2789ReI42NyeUJdjh8
Frame ID: 9F28110B301C28A05A974F2E87057497
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 529CBFB2AFDF0C2A813513C4621020B6
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24186900090151900710616012069030&actionid=981741&produktid=&dt_url=
Frame ID: 25FB13B46CA0B478FE0F06BC4B457AE2
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 4A0204F5D36C1460532758619E36F627
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1572569234
Frame ID: 81AD294A06A0E36FD653B21A154F7A1F
Requests: 2 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=24186900090151900710616012069030&a=791016f6
Frame ID: 0595022577406F413441AC7A74942BCE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B7D02FD6EBA81D9665CD2D2034D8D279
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8021AE3BDFDAB863E32C6D84F06E9CBF
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: B897D0DBA12AE9AD8E6ED06651FD48AB
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com
Frame ID: 79420D9034CF0CB9F99A9C8FDCDEFDEA
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 307B39E00B952EBD330EEDFBBB38560F
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEM4VNIF40btmfCTl8O264Tg&google_cver=1&google_ula=3918219,0
Frame ID: 9B8BF32DAF9099BEDA2A0855FC4D78C1
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 71759076483281C17B3DBC93D4B42EC1
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com
Frame ID: 2E96749E63FE7B5B3A924E9BA74BDAF6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

titangel27 - 6074be68b702c2 | |||xDCMx|||CommunityOnline editor and compilerhttps://mms.instructure.com/eportfolios/887/Home/Tes...6074be68b702c2 | Framaforms.org6074be68b702c26074be68b702c2|jkamladiyo|note - Plurk

Detected technologies

Overall confidence: 100%
Detected patterns
  • handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

139
Requests

91 %
HTTPS

44 %
IPv6

32
Domains

56
Subdomains

50
IPs

12
Countries

1359 kB
Transfer

3524 kB
Size

25
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=IpiobK12CAyNi5IVNKsQYw
Request Chain 62
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADhREn57CHTJpAJidURehw&google_cver=1
Request Chain 63
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxCrNCn2nmsd.C11U7WmpgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADhREn57CHTJpAJidURehw&google_cver=1&google_hm=2
Request Chain 64
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE8GxfeQSKvdWp2P-yZEucg&google_cver=1
Request Chain 65
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY3MDY1Mjk4OTAxOTEwOTczNA%3D%3D
Request Chain 69
  • https://hal900030.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=b82e3810b5&subid=&uid=f3012a6276a43a35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUIz9M6sQY8qiKc3P7_UP-rao8Ay1zfmDV8zeuavlDPAuEAEg9JeCNWCV4pCCoAfIAQmpAl3-0Q6Tz7A-qAMBqgTgAU_QRwi-ViNllfukuX1leTRhfqHKAMsiO328zAvscBZqLFV1lK12x5bq2Kj_0hU9m3Dnb66O5riyvv2SH98gkCBe70Y39rRJ6JSOoNZ2nRNDgDuA1pTVRXB0mIClvPoHcbtfegZ4Z0ErkrQHkxIDuBDIFKINxm8DMaJo65x4GZ3avxwprwog7NZv91XOtr213Syre1Qx_LLlsdK5ThYllBj1bGpoV-krPNBJyh7EY3H7Aa6oB5J7aNgQfOK0lgG6rCOXiWRIOBvZ-0LH-Y9jF-8zKiLS_-0u3ViiCFH23viwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RosqfwkwHF8yZeU3rMUYgpzQQsaR8sKgvMtInNytJX10n6FzvaCA%26sig%3DAOD64_2gnlgN_SS0-6UUTcozWuvVAR2oFA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BaUOUxi_uMg-ChXRMQADj64thGOWj9jT_f4Gv9Elm-TOc47gftvaSHf_qxueRba3RvXL7VyR3q8TIlexcv4WCBYQIXpccBqp6FYkb8Etk80GdG18ykBCdUxVcNGSCbWEkbyUJGRnQ81XdhpoiwO4w7jZud-Q%26cry%3D1%26dbm_d%3DAKAmf-ADaupbQszWXb5jtzRQEuN0JztwFvyVuhzWU6tgMZs39BPDDUiUFg2gmBx-trGP7fnPjWhirWYwjI3C7InnVx-PlEoueU-qotv8TMMqkNMc5iGN8CS4gaE8QzMZ4F596WQW5_PsycpL6tf595m4r2V98CG8nGrf5_MBaFVMly5fTux2HlchmEU1Yb63d9xw5erOJ-33zMYCZy4_40qvI0gLuFJZwVxTUDOMPay1SR0up9BizGH6mPdujP6zTuzphdEeMhX_fji41V9D_TqZorRKNA9GkKkmrlg5ZWVNYy1KFc9K375N_BohEnXuakjR_Y0xwv-TVRdeDbS6jE-Q8GSHCsDrh-DZ5N_Iqt78pZv0wucGzM11dk9gflNEDk84timAHd4g0D83-cKjEmaWzBuIZk-fyyNy1P1Hq3LSqBl5IvlG7Ti08PfOczJ1jLD_8G7z1tus9qGiyMIWg4fb4qm7b-ijkNQxZ_5big02oeoSMB38JjqIJyW8BX7NiqW5bH4HV0l2dBlOlP5Cyo_hseg9EMT9vg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=6112804391633&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900030.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=b82e3810b5&subid=&uid=f3012a6276a43a35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUIz9M6sQY8qiKc3P7_UP-rao8Ay1zfmDV8zeuavlDPAuEAEg9JeCNWCV4pCCoAfIAQmpAl3-0Q6Tz7A-qAMBqgTgAU_QRwi-ViNllfukuX1leTRhfqHKAMsiO328zAvscBZqLFV1lK12x5bq2Kj_0hU9m3Dnb66O5riyvv2SH98gkCBe70Y39rRJ6JSOoNZ2nRNDgDuA1pTVRXB0mIClvPoHcbtfegZ4Z0ErkrQHkxIDuBDIFKINxm8DMaJo65x4GZ3avxwprwog7NZv91XOtr213Syre1Qx_LLlsdK5ThYllBj1bGpoV-krPNBJyh7EY3H7Aa6oB5J7aNgQfOK0lgG6rCOXiWRIOBvZ-0LH-Y9jF-8zKiLS_-0u3ViiCFH23viwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RosqfwkwHF8yZeU3rMUYgpzQQsaR8sKgvMtInNytJX10n6FzvaCA%26sig%3DAOD64_2gnlgN_SS0-6UUTcozWuvVAR2oFA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BaUOUxi_uMg-ChXRMQADj64thGOWj9jT_f4Gv9Elm-TOc47gftvaSHf_qxueRba3RvXL7VyR3q8TIlexcv4WCBYQIXpccBqp6FYkb8Etk80GdG18ykBCdUxVcNGSCbWEkbyUJGRnQ81XdhpoiwO4w7jZud-Q%26cry%3D1%26dbm_d%3DAKAmf-ADaupbQszWXb5jtzRQEuN0JztwFvyVuhzWU6tgMZs39BPDDUiUFg2gmBx-trGP7fnPjWhirWYwjI3C7InnVx-PlEoueU-qotv8TMMqkNMc5iGN8CS4gaE8QzMZ4F596WQW5_PsycpL6tf595m4r2V98CG8nGrf5_MBaFVMly5fTux2HlchmEU1Yb63d9xw5erOJ-33zMYCZy4_40qvI0gLuFJZwVxTUDOMPay1SR0up9BizGH6mPdujP6zTuzphdEeMhX_fji41V9D_TqZorRKNA9GkKkmrlg5ZWVNYy1KFc9K375N_BohEnXuakjR_Y0xwv-TVRdeDbS6jE-Q8GSHCsDrh-DZ5N_Iqt78pZv0wucGzM11dk9gflNEDk84timAHd4g0D83-cKjEmaWzBuIZk-fyyNy1P1Hq3LSqBl5IvlG7Ti08PfOczJ1jLD_8G7z1tus9qGiyMIWg4fb4qm7b-ijkNQxZ_5big02oeoSMB38JjqIJyW8BX7NiqW5bH4HV0l2dBlOlP5Cyo_hseg9EMT9vg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=6112804391633&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 72
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=24186900090151900710616012069030&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24186900090151900710616012069030&actionid=981741&produktid=&dt_url=
Request Chain 74
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=24186900090151900710616012069030&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1572569234
Request Chain 77
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=24186900090151900710616012069030 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 115
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=www.plurk.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=GdNof3x5Snd2YnNoMVptWGp2bjFkU3p5WlNKTnhrYlJ2UHBpdE4ycTJBMDFuMlNNZURlRTFNL2JIY29GS2hRSnVwUWpMTDVqaFk3QzAwbmZZSm80WGxBNVE5NGU2QlB3Z2xOSmtBcFFGSkRSS1RPK24rT04vZlhTY1YvU2dQZURrb3dwSWlOUFdFcGlGeW9abm50eDdIY1kyb1cvbmljU1ZiWGxOdXljR1FmTGlleThGS1JBUjlKRmNFaTBYMkQyMzFzZlpSU3BPM2lsME9teDFNMEVIbStOeDNlWFFLNGNibmRNY280czhEdGJDaHkweE5abnFLVk1USTlsSGdWa08rTHVaL2paMWlzRWZhQWo0dmxtbTJQSFF0RUY4ZjZ4T1M4OWUvZ3Jka3hzY0liQT18&cppv=2
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q01BMjAyMjA5MDEyMDUzMDg3MjI4MDg%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEM4VNIF40btmfCTl8O264Tg&google_cver=1&google_ula=3918219,0
Request Chain 120
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 128
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=2&topUrl=www.plurk.com&bundle=sXwFR19VJTJCOHlKb3ZUNlRITjF3cVZJbUY5RkolMkZrM2JsSDg4bEt5Z1hISk0zZU1vaFhqJTJCSmVCVDlFTHZQRGtpNXZxU3pLNGdobDRaZGhlYURWalh1Zm5rTFNUS2lUTlVOTWVEUkc1a3N4ZEZtUjEwNHVBYVE1eU1vVFNoJTJCdURtT0RZRUQyQiUyRnAlMkJ6WTA3NnlMRWk2RkJyUWlORkElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=-CSbU3xqUjBLOVE0dXhMUWdTYUd1RnMrSHp6UVl2VmlXWnNRc09GWHNkSUtGWDl3TG15a2JlWVV5VFFiaWl3KzhJcEZKZ2liWWYzRDlPUklLTko1QmhvL08wekJhWGNTYldsVWZ4aHdtK1cwbkt1U0xXTWlaQWVqMU1CdGxVRjk2VkRkS1NseE1kL2lYU0NVYjZQL1hmR2YvTmtwbC8zRFpIbCttN2d3NHBwekQwRGJqZzc4MWlPTnJocng4ZkVoQkptVFE1ajh2dERCdWpqMGpBZStCTy9Kd2c0UmtOZmppWU1IcHpMdGZ0bFhQdTJjRmppamUwVXVzR2hPQm5EUC8zeCtKamxYWXlCTGNMalJoYTN6d0d1V0N2cDN4cDN4SFJPT3RuSWNrSWhZazV2RT18&cppv=2
Request Chain 130
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=awlsenxwYlBvL1ZXdGphZnVaMmNaaW1OVG05QUc0dTZweVVZbVZobENFL0lFVG1RN3N6a0J4RDlwcDlMajZzd2g5dlFLZlovdVlwV0xOc3JySkpBTFNXZTVpcXVXYy9FbXJMOURkenpOOHVoWU9FdlRtR2pvcXBzYnRqdTFRR1VtRGdxamQxKzhTUCsyK2haMzJ5cWFzVU53K2dvbXRWcWVLWUJ1b29BK3pvTExlYUJiRkJ1TTNvdDE3RUpkUUdkejQ1R3FLV203bGVyOStKanp5VDJsS3ZUT2FlRVFwOE1MNStWWktTdUpCaGZqODFObmdxUVFzeGlyVE95VlJ1dW0zRFNKT1J6WXNXdVVKUVZNMkpHQXl3dUhGSmFDMXZQbkZrOUNib2FyT3lPMW0vYz18&cppv=2
Request Chain 132
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 135
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=tnE2T3xkWkprQ1dNaUlqNkV2bUVlQ0E0cEQvS2cwdEQ4aU9xSWV6UVRQUk13aHpMUDZveUJzRHhtM3pzWEkxb24xSFhvSU5ER3l2eXhBdFRlNlVpbkF5SFJubUd1UVd3bmdXckwrdk1ObkJ3Mk1wdDhoYTZNUEJaSmdIb21URnllMjcwaW1ZM2dFdnhXdEpqRytPY202dHpnWVNoYjg5OC9Ud1g2MEVQejV1cksxendIYzJ5eWh2ZTVydnhPMGN1bkw1b0hyQlpGa3ZyQTRRN00ybmgzZ0piN0ltdXdBdTNSYWY5NmNpbStBbFlpMUNHMHdlRkk5Y2llSVlrVmU4ZnYxajJCcHZxRW1mTk9zYm9IU05VNStSOWZNZUVtS0xJSS96NHM0dHhqbVBuVVU0QT18&cppv=2

139 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ob9jem
www.plurk.com/p/ 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f596ea866e2b183792b33f3e44268db49d404e5f7e5879562e593a6eca1f8f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
743e259d4c1a9007-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 01 Sep 2022 12:53:06 GMT
link
<https://avatars.plurk.com>;rel=preconnect,<https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js>;rel=preload;as=script,<https://s.plurk.com/46d3bef67382eb7440b7.css>;rel=preload;as=style,<https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css>;rel=preload;as=style
server
cloudflare
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2916295
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27433
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHgmOdwOGFdX9lbfGwlMAQbEURR0DT1huEvwFZk%2FRJqTQgduEJLZbd80CEY0GUzBg9tlDdnSj1nvUjqF%2FzXx3p5D7SKCjKDF5mh4tn4yn1skGM3ZuiI1wRmFxCX4w4wV2N2ms5L6C27hW4eRIxz4LPZ9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
743e259edb5a9978-FRA
expires
Tue, 22 Aug 2023 12:53:07 GMT
46d3bef67382eb7440b7.css
s.plurk.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/46d3bef67382eb7440b7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a20e81ebd7dbf6e6b87e350b031dfbaaa06b15e4137b6e2aa1dba7ae2b2b34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 02:39:43 GMT
server
cloudflare
age
2003616
etag
W/"5bce36e7cb61f44056ef622de385bb86"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-ray
743e259ece299007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
2S29W75F70CQZ7ZS
x-amz-id-2
asGapfEUVzwz2rduHRABadOKpNT797F8aA0tNgZhO3JIaLJLfaLuTSxnyVnP4O6XTTx2xJKi6io=
expires
Fri, 06 Aug 2027 12:53:07 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
232261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4037
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-55e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FkYt3yNHq9f5NVdmI0YLWkL1rmOMhbjmoXrYgcMFiaGFm4Ng0pZ0qEURGwb541%2BSJdoL%2FXCODj%2Fn4BhCrzrXGKx1jEzDPUOpn46EtDvdbMeVO8P3jgNknI4B8ydf%2FGSjlAhgtcQyJaiClF%2F5NfExsfL"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
743e259edb589978-FRA
expires
Tue, 22 Aug 2023 12:53:07 GMT
cd27d7b29c69ab02083c.js
s.plurk.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/cd27d7b29c69ab02083c.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
998f7df25fbb5d70e111ac9197abcf70efec826fe0da4504b16ba8808af0aea5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Jul 2022 08:27:36 GMT
server
cloudflare
age
1203804
etag
W/"f340aa4aed8a8f9fb982eb62ece1940a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
743e259ece2e9007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
948H26R95GPNBGHC
x-amz-id-2
AYTiGw6Vdli3ebGjzH8KlUGR39BPndMLAwu/z7R1qFFIR9aMyHwVO7e9cCB964ckikTFodu5ETs=
expires
Fri, 06 Aug 2027 12:53:07 GMT
caa0fba6b1b118e4a442.js
s.plurk.com/ 		112 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/caa0fba6b1b118e4a442.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43771081fe0908d9be14a6e38ad59a6e25ccc454e3cd1eb18d67e7e247c6ae98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Apr 2022 04:42:10 GMT
server
cloudflare
age
1221453
etag
W/"62172ce6aa39a16d55ed3b662a1167cc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
743e259ece2f9007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ETYW7NTBFRSA0YQK
x-amz-id-2
ua1w2KeJkoPDWLX1rH1VZj+yZZ6o4fWUuEjPZ1IIns3ZNEZcpGjtdgTcGj50zeKU7QwrO0qVt58=
expires
Fri, 06 Aug 2027 12:53:07 GMT
63ab3ca1f3297082e738.js
s.plurk.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/63ab3ca1f3297082e738.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929eae34b486d82f772a9a30fcd059a99926fabb95b734c82f4ed708feb6816b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 31 Mar 2022 14:05:09 GMT
server
cloudflare
age
1201006
etag
W/"2efad8d9449d2afba2cfd6e0b9e3974b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
743e259ece309007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
GAWJ8DE8GMHH36MY
x-amz-id-2
h2XtSCfnHn+qOAW4pjJTKDf0c+KQou+BIVF0RRM8PVmdhnXAjbtNs6t7cjaHajp086AifUnlgGQ=
expires
Fri, 06 Aug 2027 12:53:07 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plurk.com/
Origin
https://www.plurk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2478092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27433
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FW0dzybHT9nZ3pZfcxEpl46%2Bd19tdaxlG5dHK9vrjLB9U6EDPRgBJFtOpvbIeKj4z8Ly3SGYdFPxI2B9bBOkNrbqnv21FUMl%2B3ViN3ekh94zYs%2BI2D3wxYzp2TvRpkcnqnpFACNzQlA4feujb5qaTRo%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
743e259ec91f8fee-FRA
expires
Tue, 22 Aug 2023 12:53:07 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plurk.com/
Origin
https://www.plurk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
746876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4037
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-55e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oT6fRrs3y2QRuY6FnEp82k3llbYOmftKTdlNfeJee5jqxg9j%2F1XEEPtpA7stmqpd7arzMxogTe%2Bl9JV0r0tTwslU9pJzRWormCNjHSacIJb%2FkG27viHdpUmgqhkPwyvk8z%2BNfvsNb%2BuE2%2BDXx3C9B%2FiT"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
743e259ec91c8fee-FRA
expires
Tue, 22 Aug 2023 12:53:07 GMT
sweetalert.min.js
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/sweetalert.min.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plurk.com/
Origin
https://www.plurk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6065338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10494
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ff8-9f68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMZmarySM4VQtqPkFN1Ki8hSooqu2rUzcWa9lbGEWPWaiB9CfuM3BjCttKPgI2vcON6KMPwy%2BLrEVpfNNyR%2BgjnOq7OXgPBqbiTPQ39iVqUx8qON6O8AoBE%2BRwna1KyeV%2Fgdx3RIhQzl6KoLRW0U1Kzc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
743e259ec9218fee-FRA
expires
Tue, 22 Aug 2023 12:53:07 GMT
handlebars.min.js
cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.3.0/handlebars.min.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plurk.com/
Origin
https://www.plurk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1263028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11830
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e72-ac34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2B%2Fu%2Fi6Jln%2B7Nk2CFwEVOZVtm8miovrwqAzbJvwqHNZUaxNr4n6xr1N3hrsZRfGeGjP9HDuPgU6RFBy%2FuNMPYpwXJBQKQ0bMA64hZ4rifimsBC66LMLq85VSwk%2BwYNzoS3eSdPR8diy8miUddXtqm4Lp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
743e259ec9238fee-FRA
expires
Tue, 22 Aug 2023 12:53:07 GMT
621a5cbd66c1ad116e38.js
s.plurk.com/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/621a5cbd66c1ad116e38.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e51a7e6710418fa43758820b5791171303d7e460a69ba4b5b849119aff4e1054

Request headers

Referer
https://www.plurk.com/
Origin
https://www.plurk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
1807096
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TD5F77KX20DQ6N7W
x-amz-id-2
THhAfCwYSIxxx9+gnpEU3tuoyCMm5JFP9kQtAAhLlzWJrQfNJRjARNCIUnhqy/R+M4RaZGX5n1c=
last-modified
Wed, 07 Jul 2021 09:09:37 GMT
server
cloudflare
etag
W/"acf7002c465032291acb81fe622bfa78"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=155520000
cf-ray
743e259ee9ee5b80-FRA
expires
Fri, 06 Aug 2027 12:53:07 GMT
9a9b9ed3798d833d1fab.js
s.plurk.com/ 		109 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/9a9b9ed3798d833d1fab.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27ccb5d582e13a4bb51ac4e0386f2c29dc8e90ab2d5d4ba1f655d949c6e384a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Jul 2022 12:57:41 GMT
server
cloudflare
age
601445
etag
W/"5012c52642f28044d1047d44503afd0f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
743e259ece2d9007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
SGYM7ZS069C3ZA2P
x-amz-id-2
RMx2cpIK5G5eggjOzMnTBPjM8U7etcujF7HPlU0ABZTdyvMK2+/ERV0JsOfTNqmx2zZb+Tad8y0=
expires
Fri, 06 Aug 2027 12:53:07 GMT
eb210e17a239fb337c4c.js
s.plurk.com/ 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/eb210e17a239fb337c4c.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe4f0e5444dcf2a6fad52cc77813fcddc6d36a2b3fd4cb861c73cf8b7496e9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 May 2022 07:02:44 GMT
server
cloudflare
age
1828138
etag
W/"ba0e2133d90e63aae2bd3ebcbc230358"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
743e259ece2b9007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TT1J6WJCPN6YXKYY
x-amz-id-2
y/D37HoUzEkRFUeussAzZORBSdZuYDFLFKN10BTGUvtwnKqm3fT1iIg4Pr55cBaUyKfASFDDUEM=
expires
Fri, 06 Aug 2027 12:53:07 GMT
8afae1a48d970de2d45e.css
s.plurk.com/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/8afae1a48d970de2d45e.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27da3756018ae05b269754ebd953626726286c2b6545a8119aa95f2442d0491e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Jul 2022 12:57:40 GMT
server
cloudflare
age
601445
etag
W/"4f5be040062bfdd416ef37e4118ddeb3"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-ray
743e259ece259007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
SGYHKP7N6DNVQVZR
x-amz-id-2
UII/n5IeVsXwouSTlylcWAvDHHwmlG07LiApBdfaw2X+p7g8Rd5UN2LmkozvodhbNCHOeUEcX4w=
expires
Fri, 06 Aug 2027 12:53:07 GMT
7b24b80f19354e072ed0.css
s.plurk.com/ 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/7b24b80f19354e072ed0.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91932fa536b235582114c91ac5eb987f883e630d8183949ab12cf1327bc30938

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 00:12:24 GMT
server
cloudflare
age
2280253
etag
W/"b145903863f3364014af528497fa8bad"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-ray
743e259ece2a9007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
8XDQ6H90AG9AJHRR
x-amz-id-2
w9wDFnAZvzeyCVmBeqD/DvQwq1pftDfaawngTIJzXwNQjSRWJWE0xRwmTmkme/bGtxiHmx1NN7s=
expires
Fri, 06 Aug 2027 12:53:07 GMT
495af0539345c435a779.js
s.plurk.com/ 		241 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/495af0539345c435a779.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d313ec409b68d3855cf0cef8a20f8c580b5fc1ed05daa8889860dbe4d004c5c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Jun 2022 12:19:51 GMT
server
cloudflare
age
599388
etag
W/"906dafcf277ec1c7c75494ab566b45d1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=155520000
cf-ray
743e259ece2c9007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7TSF3W48TKWJRWSN
x-amz-id-2
6eDokNOPTy6h8OnDpmk1Q0cwMfLwGDTdLG3/lw1F8jy4IGzdLLAPi+WAuNNpUYvCMG6/QPSw/BE=
expires
Fri, 06 Aug 2027 12:53:07 GMT
239a7156ed3dc5e2ff21.css
s.plurk.com/ 		64 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/239a7156ed3dc5e2ff21.css
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de001d0d85ea06a1538d20894999d70408d9f7380479841c56516ec4f5b91ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Jun 2022 12:19:42 GMT
server
cloudflare
age
599388
etag
W/"5c811ab7425cb17b4442bbecbf6dba9f"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=155520000
cf-ray
743e259ece289007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7TSB5WFYZ1P1N5CP
x-amz-id-2
S93bv/j3Y/oH8PEs+eoci0qibEK4EoN1BvcyRPeDP/xS85sbPwqJI6reAldUb5Kp7qvcjXQ9kIw=
expires
Fri, 06 Aug 2027 12:53:07 GMT
ad.js
img.scupio.com/js/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f641ad0c0e2731c3ab3eaabdfd3699fa311335b36cd38285a4a7e5fd41f8a896

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:51:52 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 01:25:49 GMT
server
nginx/1.12.1
age
119
etag
W/"630d671d-12f90"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
YU9AEKvDBO_gw11Cy86_8lg8JMp9o9tajuaWMvgDMCDO_FG4pryh7A==
expires
Thu, 01 Sep 2022 13:06:08 GMT
ff97ec67bb96f4d8642a.jpg
s.plurk.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.plurk.com/ff97ec67bb96f4d8642a.jpg
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8328e713bc7dd608b369bf7f779fc7f4b632e45bb7ea1b7592d6305acc402b7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
cf-cache-status
HIT
age
1214715
cf-polished
status=not_needed
cf-ray
743e25a18a199007-FRA
last-modified
Tue, 21 Jun 2022 13:35:30 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1121
x-amz-id-2
qsWGCi1kN8zYpVr7VzNYNncAuwXKSKKO+TqgqQ4OHu1LHOHPz6UTB4rIUvxaQcuurVBsKP6599k=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"0d6f4956138b4ac8d4c856ec5d5606f6"
vary
Accept-Encoding
x-amz-request-id
R9NSSPY2R219WVBE
cache-control
public, max-age=155520000
accept-ranges
bytes
content-type
image/jpeg
expires
Fri, 06 Aug 2027 12:53:07 GMT
FRTZRdGGny9He1QIwA2bTqQohyP_mt.jpg
imgs.plurk.com/Qwv/W8E/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.plurk.com/Qwv/W8E/FRTZRdGGny9He1QIwA2bTqQohyP_mt.jpg
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54398c5caecfa6770438fb665f6fa847664560dc67b0f334ea25f9f8aa2e293e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
cf-cache-status
MISS
x-amz-meta-source
https://paiza.io/assets/movie_title-aed88df2f448c0d69598876d1262bdc0.png
x-amz-meta-hash
W8EFRTZRdGGny9He1QIwA2bTqQohyP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
R3B7ADTQM83TPXEB
x-amz-id-2
MFsuNeNfvtyKWyuVBpVtQZYACDHhhu7hTIPJXU5ogKjzB5gvgN9EGIzO/nwh4iyHqKd3nbCklVw=
accept-ranges
bytes
last-modified
Tue, 19 Mar 2019 06:13:04 GMT
server
cloudflare
etag
"05d054ef3ade9144126d11e2c3e8a8ed"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=155520000
content-length
3005
cf-ray
743e25a1da6c9007-FRA
expires
Fri, 06 Aug 2027 12:53:07 GMT
ttlqHA9yzRNOg8rnyfSiIWUiiS9_mt.png
imgs.plurk.com/Qv2/Elb/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.plurk.com/Qv2/Elb/ttlqHA9yzRNOg8rnyfSiIWUiiS9_mt.png
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc4e11a1589d2800482409836d332bd70aa39a1094fc8d738660dcaf890455a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
cf-cache-status
MISS
x-amz-meta-source
https://www.peeranswer.com/images/logo/fb.png
x-amz-meta-hash
ElbttlqHA9yzRNOg8rnyfSiIWUiiS9
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
R3B2M5HTQEQ90SSD
x-amz-id-2
RjfdqFp+N/h3um9D/2oOpS7gpurZbCc0EC2pwdYuki+69Ff8MuhfpU6mlEjrXHOVdFu+xeEfGGw=
accept-ranges
bytes
last-modified
Mon, 17 Dec 2018 08:38:52 GMT
server
cloudflare
etag
"4ba24077fb4f121ec8277c5e929e75c7"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=155520000
content-length
10410
cf-ray
743e25a1da729007-FRA
expires
Fri, 06 Aug 2027 12:53:07 GMT
anxxkbhgmIp3qmNb69tslfSuRlk_mt.jpg
imgs.plurk.com/QzK/MIj/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.plurk.com/QzK/MIj/anxxkbhgmIp3qmNb69tslfSuRlk_mt.jpg
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80f8c60acea782444c41fac597dca5d5172b5eb16b2588577d20c26737929004

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
cf-cache-status
MISS
x-amz-meta-source
https://www.arcgis.com/sharing/rest/content/items/c7286951acac4495bc98769203d3d7cf/info/thumbnail/thumbnail.jpeg/?w=400&d=1618264309000
x-amz-meta-content-type
image/jpeg
x-amz-meta-hash
MIjanxxkbhgmIp3qmNb69tslfSuRlk
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
R3B9WD5XPFXKC44X
x-amz-id-2
wqUPqpmbR75WN6eaJ7KPEtPiez0fg4tpvtiM1OT1tNyC/0mBGW+QPR7Vz3cvWXquM2gi9qPqeSc=
accept-ranges
bytes
last-modified
Mon, 12 Apr 2021 21:56:20 GMT
server
cloudflare
etag
"b472b31456b9f8cb9c0b1ebb0e23ea61"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
content-length
3421
cf-ray
743e25a1ea8f9007-FRA
expires
Fri, 01 Sep 2023 12:53:07 GMT
IbWRbGn0bl0RAm3mIqTM8QDuBxT_mt.jpg
imgs.plurk.com/Qyd/BKO/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.plurk.com/Qyd/BKO/IbWRbGn0bl0RAm3mIqTM8QDuBxT_mt.jpg
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6459304624b5d6a6c1bcfe58c1192be251ee35d3d2b6a320445e84502849928e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
cf-cache-status
MISS
x-amz-meta-source
https://d2l930y2yx77uc.cloudfront.net/assets/default/default_profile_4-49bbe5967f3b370a3186d13e080d61e564c9d72a8a5a5993ce6ab0486e0c34b6.png
x-amz-meta-hash
BKOIbWRbGn0bl0RAm3mIqTM8QDuBxT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
R3BD5PC4ZD9SX3YQ
x-amz-id-2
oBud/vgxKay27TZGZuguvogQddtJqe9aKMejYcIsMU4JPPbHoI5PCloOZO2/WT/n03Ii7Otov/s=
accept-ranges
bytes
last-modified
Sun, 20 Sep 2020 17:39:26 GMT
server
cloudflare
etag
"43d459450335004de20fe5568149c2c5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=155520000
content-length
1045
cf-ray
743e25a1ea909007-FRA
expires
Fri, 06 Aug 2027 12:53:07 GMT
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0387af5d15c0c58b15fb8abadce6af5cb206968ff91f7e502c10c3232e5b6889
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28539
x-xss-protection
0
server
sffe
etag
"1320 / 483 of 1000 / last-modified: 1662030346"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Sep 2022 12:53:07 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.plurk.com/
Origin
https://www.plurk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
743e25a21bda9b86-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6430
date
Thu, 01 Sep 2022 11:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 01 Sep 2022 13:05:57 GMT
background.css
assets.plurk.com/static/theme/v5/default2015-theme/ 		137 B
368 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.plurk.com/static/theme/v5/default2015-theme/background.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c423ebba9e0a0d4bc646cf9c54b705f677b1a7f3e085c3575dc753bb9b1f1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Aug 2018 09:38:49 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533111981/md5:24741898fa997f6f8cce06a177c38a4e/ctime:1533111980
x-amz-request-id
R3B2BT8T7BF622Z5
etag
W/"24741898fa997f6f8cce06a177c38a4e"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
743e259f8f079007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6vlSPQKbKdRYia9V0/BMG7EzdDAbhFdhhaS5RTV2glzDj2LLpJJFPGN9d6AubAH3eFWlLstn+Lc=
expires
Fri, 01 Sep 2023 12:53:07 GMT
timeline.css
assets.plurk.com/static/theme/v5/default2015-theme/ 		411 B
445 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.plurk.com/static/theme/v5/default2015-theme/timeline.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8530a1cc2f5eea1961414e2f95e909f4326f3383376aefb8664c344c44ca6930

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Aug 2018 09:38:50 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533111981/md5:e49fb1466cc59e96a9bbb12d51de9b88/ctime:1533111980
x-amz-request-id
R3B7X79PEA4NRFXQ
etag
W/"e49fb1466cc59e96a9bbb12d51de9b88"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
743e259f8f0c9007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
h92fZR/reoUA0Ter5wKay212MLpkwcYjkLYa3MRczy0Zdv3hzd3s2ZNGElKrCxPaMJuK4Ac20x0=
expires
Fri, 01 Sep 2023 12:53:07 GMT
dashboard.css
assets.plurk.com/static/theme/v5/default2015-theme/ 		213 B
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.plurk.com/static/theme/v5/default2015-theme/dashboard.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:113c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c73f428ace68329e7a9555184802e5b62ecd72ac1ee270bf9b8f53dd3c2ef6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Aug 2018 09:38:50 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
uid:1002/gname:cdsheen/uname:cdsheen/gid:1002/mode:33204/mtime:1533111980/atime:1533111981/md5:963bdf82179c68e2eac9a9b2473000b7/ctime:1533111980
x-amz-request-id
R3B1ZTJJ2WR8DGFB
etag
W/"963bdf82179c68e2eac9a9b2473000b7"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
743e259f8f0a9007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
pJ/5QZ+SEiAdWQfk8klorFGoYDu09vedHVdfNRO+4Ubz4blPaBD0sWxpDG/6dr1i9JBPnp5uv8Q=
expires
Fri, 01 Sep 2023 12:53:07 GMT
pubads_impl_2022082901.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069224
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b98ba65804117309185fd18cda5608fa31f342b3c626715722721ebc93f4231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 31 Aug 2022 07:03:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107368
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132076
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 08:35:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 31 Aug 2023 07:03:39 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		198 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.plurk.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3171eac423f4c20884352b6f5c97fbf2e58661b17d7dc96b45b7447da44c8b8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124
x-xss-protection
0
expires
Thu, 01 Sep 2022 12:53:07 GMT
e67b183966200f68093e.woff2
s.plurk.com/plurkiconfont/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.plurk.com/plurkiconfont/fonts/e67b183966200f68093e.woff2
Requested by
Host: s.plurk.com
URL: https://s.plurk.com/46d3bef67382eb7440b7.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:dd13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
002885d15671018d6cbea9225dc9ece35a412108c16c533924d127bcc8e8bfdf

Request headers

Referer
https://s.plurk.com/46d3bef67382eb7440b7.css
Origin
https://www.plurk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
2094331
cf-ray
743e25a22e625b50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17324
x-amz-id-2
cg98wgTbSRpP24IcT1+xeGk/xUNeTr6klWgFd44GO1zX9k+0RHtH//rAgCQ0KPzn9KTAAneZ4tk=
last-modified
Thu, 20 Jan 2022 15:47:29 GMT
server
cloudflare
etag
"c3b7fb5936c54759a60414339661ee5a"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
ASREEJC0EYE0J97A
access-control-allow-origin
*
cache-control
public, max-age=155520000
accept-ranges
bytes
content-type
font/woff2
expires
Fri, 06 Aug 2027 12:53:07 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.plurk.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.plurk.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=393929793189162&correlator=2171064751683430&eid=31069224&output=ldjh&gdfp_req=1&vrg=2022082901&ptt=17&impl=fif&iu_parts=75142684%2Cplurk_message_300x250_SB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2862190043&sfv=1-0-38&fsapi=false&eri=2&sc=1&cookie_enabled=1&abxe=1&dt=1662036787557&lmt=1662036787&dlt=1662036786982&idt=510&adxs=1005&adys=102&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.plurk.com%2Fp%2Fob9jem&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=15015758.1662036788&ga_sid=1662036788&ga_hid=931302516&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfd0b5726e1ebb44c138c17360e3f3ec43f3701be2d933ed36ce8822cbc57227
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8894
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.plurk.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5185 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 12:53:07 GMT
expires
Fri, 01 Sep 2023 12:53:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
10987.json
img.scupio.com/js/config/ 		640 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/10987.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
ee2d9a022695360ae6503ca37eb953d322a577e69a88d031174ce948e6c31c24

Request headers

Accept
application/json, text/javascript, */*
Referer
https://www.plurk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 01 Sep 2022 12:50:50 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 02:20:13 GMT
server
nginx/1.12.1
age
137
etag
"631016dd-280"
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
640
x-amz-cf-id
hjNt9_5vn2naXyPvOTFKLlsNjJsvBwQH5_ywJSp5vifacBRt_XKung==
expires
Thu, 01 Sep 2022 15:50:50 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=10987&cb=0.9072645552184355
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://www.plurk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 01 Sep 2022 12:53:07 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://www.plurk.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
mv.html
img.scupio.com/html/ Frame 866C 		127 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/mv.html?v=1.0.143
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
9fd5ec7f5b99890f907f401505fa3dbfb2393bd9a7a66ea315a5e356bdf36985

Request headers

Referer
https://www.plurk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3499
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 01 Sep 2022 11:55:25 GMT
etag
W/"63071a85-1fc3b"
expires
Sat, 01 Oct 2022 11:54:48 GMT
last-modified
Thu, 25 Aug 2022 06:45:25 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-id
uxdvh76ITtYbEfkCRZSpG5XvHOWUGwNxepci4TFm6IsSN2jeMUr5Og==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
0cd0435740e740eece09.gif
s.plurk.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.plurk.com/0cd0435740e740eece09.gif
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:dd13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e7d43630a261b51e2a419b892c4fa8aed22dcbc1cfc7e5f8a575771d5fbe67c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
cf-cache-status
HIT
age
1358616
cf-polished
origSize=35115
cf-ray
743e25a2a8469bee-FRA
last-modified
Tue, 01 Mar 2022 03:46:25 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31308
x-amz-id-2
2b9gz/dNHeGsGDzW2MfqksJO021zRc5apq8BTSftghp2LQRJFzLc/22MGz7bvErDRK4F8o7lAmk=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"d236fd746e000431a8e2c6bc787ee7c5"
vary
Accept-Encoding
x-amz-request-id
MDQV8QQV4HQ5HM6E
cache-control
public, max-age=155520000
accept-ranges
bytes
content-type
image/gif
expires
Fri, 06 Aug 2027 12:53:07 GMT
get
www.plurk.com/Responses/ 		104 B
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.plurk.com/Responses/get
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:dd13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949

Request headers

Accept
*/*
Referer
https://www.plurk.com/p/ob9jem
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
743e25a2b85e9bee-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/json
prebid.js
img.scupio.com/js/ Frame 866C 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/mv.html?v=1.0.143
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:50:30 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
age
156
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
Xu9-sVSxmYVHqKOzonJiMHBS1RMtP3MpEV7fGW5A6P-UnPTKJzy-xw==
expires
Sat, 01 Oct 2022 12:50:30 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=931302516&t=pageview&_s=1&dl=https%3A%2F%2Fwww.plurk.com%2Fp%2Fob9jem&ul=en-us&de=UTF-8&dt=titangel27%20-%206074be68b702c2%20%7C%20%7C%7C%7CxDCMx%7C%7C%7CCommunityOnline%20editor%20and%20compilerhttps%3A%2F%2Fmms.instructure.com%2Feportfolios%2F887%2FHome%2FTes...6074be68b702c2%20%7C%20Framaforms.org6074be68b702c26074be68b702c2%EF%BD%9Cjkamladiyo%EF%BD%9Cnote%20-%20Plurk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1262781752&gjid=1022073359&cid=15015758.1662036788&tid=UA-53436-7&_gid=2115613520.1662036788&_r=1&_slc=1&z=2145468017
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plurk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.plurk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
currency.json
img.scupio.com/js/config/ Frame 866C 		108 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
bf152ec4f3386cf9ee04e912013cd1a78692834e80081dfb5bc8936164585c4c

Request headers

Referer
https://img.scupio.com/html/mv.html?v=1.0.143
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Sep 2022 12:51:50 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
last-modified
Wed, 31 Aug 2022 19:15:04 GMT
server
nginx/1.12.1
age
82
etag
"630fb338-6c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
108
x-amz-cf-id
co3thnDR6LPajVXvuee3q58suh7gqeGooNJn_MScwjSOcwInC-21_g==
expires
Thu, 01 Sep 2022 15:51:45 GMT
videoad.aspx
bw.scupio.com/adpinline/ Frame 866C 		74 B
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/videoad.aspx?cb=0.6556880136000527
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.143
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d

Request headers

Accept
application/json, text/javascript, */*
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 01 Sep 2022 12:53:08 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
text/xml; charset=utf-8
Content-Length
185
bid
ad2.apx.appier.net/v1/prebid/ Frame 866C
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=IpiobK12CAyNi5IVNKsQYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=IpiobK12CAyNi5IVNKsQYw
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:08 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 01 Sep 2022 12:53:08 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=IpiobK12CAyNi5IVNKsQYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame 866C 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8887576947220617
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://img.scupio.com
cache-control
private
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 866C 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=52412376778
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Sep 2022 12:53:07 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid.json
ad.holmesmind.com/adserver/ Frame 866C 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1662036787679&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.78.141.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-78-141-198.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 01 Sep 2022 12:53:08 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 866C 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 01 Sep 2022 12:53:08 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
header
hb.aralego.com/ Frame 866C 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7844B6A6EAE2406AB34AB2A734EE&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&eids=&pubcid=c73116c3-de9d-431c-9f78-6ba01de7bb0c&u=https%3A%2F%2Fimg.scupio.com&host=img.scupio.com&xr=0&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=ab48e79b-bed1-428e-b4ce-acec6f992e56&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 01 Sep 2022 12:53:08 GMT
access-control-allow-credentials
true
connection
close
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53436-7&cid=15015758.1662036788&jid=1262781752&gjid=1022073359&_gid=2115613520.1662036788&_u=IAhAAEAAAAAAAC~&z=2116696594
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.plurk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 01 Sep 2022 12:53:07 GMT
content-type
text/plain
access-control-allow-origin
https://www.plurk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53436-7&cid=15015758.1662036788&jid=1262781752&_u=IAhAAEAAAAAAAC~&z=2063810931
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53436-7&cid=15015758.1662036788&jid=1262781752&_u=IAhAAEAAAAAAAC~&z=2063810931
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A6ED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 12:53:08 GMT
expires
Fri, 01 Sep 2023 12:53:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9F28 		624 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNVaRh7LbULVNJ_m8vRQhyEt-sHQLGcVY1LlRpOiU7ggt7iV43pdaHcspMr04E40xo7eQ-IcnELfaq9E8FrkRobeJhMpTy3eFjl_T2PvxU0MEWlA_EBS0owRwiN0hjRSeAHJDHD2ZnjnTZ42lKIxzxO28Y35iUR7I2789ReI42NyeUJdjh8
Requested by
Host: 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
URL: https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 12:53:08 GMT
expires
Thu, 01 Sep 2022 12:53:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame A6ED 		27 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6LBcXFyPPXN51KvxXV5BTHmiagKOWiBUk065o_d6HNqoeNeoVewYLdaTylVAnwl9CrvrOj9pK2Z-lWpjk67lTQPag4QIZLRjyTMTXTDQPTQCJdUyOb8G68QOcShdZpzkIoE7bw6qFMUfcyUw2N4M8FW5xUg&cry=1&dbm_d=AKAmf-C4e8gitDLfUNrbuGi9RJSdHlgEtyJYlqKt1m7k4lKDTvV4nXXdO9HwDGpJUWnXZWhr9A-EfTxp-pK5dxCxUOFzJE24lPDJY1EMc0zRFZfkvv6udLuGzqCzA14ItlmQ3QYZ8QZKyK5aUfXXFwJdxQpbpqVJHCqkfxqS1wEHIgVxD8dbyJMBgGMZ-at6uz9iELfcV3-LW-3b-1uLw-TeWky0KiD4WodXskrRseEq1WKuHF6bcL5R2UlUl6e2dACyCXHyrTH4be40c6xH4XUJoiUJKnKCYuf2pw0FToap9K4z5h130owj1A61NFFrnBgV93i9uJMS4a_HR957052mycaBNL-jD_Wf088V2lOZ7Xg7lkJ0lxctOjhT3MOjD_ikI0xODefRMsQh0D2gkWzu9tW-XOQOvXv1fR5Hvayk6j5hbnmJC0MUI2P7z6Ft6hAVmi9HY3sjb7PT8DxpUxNIvxjdeTEUmAtp_aE-6c0AfsEy_A-hH-xjYvGiW14EDwHgSVf3fsMx5uUekO1qH-zjLzqrPIBWVuRNLrG1GfM6sKNjmI0PZqDJeoq68ki6UQoj6JQTodGooXoMmw6rFP0jXhOF_cj4QfSNuSMGi05ztMgYxa1PHcgELY20DaDC2QOKp95cGcVAU7aDD543YvtH4WPbChirC_y3RlFYqgvhkHPzfQBNGdawCd9d-HAp8eun2hWgM4r62ZHI_Mo_kEFhp48QK4gJC0Zd3DoxppOB3MTnj0YPbuPmn83O4yFgYUlYtSJeoRjwESfIdmXWQ-OazU8Rnfo5_Lm2oj1yjH1kb4UdAOPDBBHk5VIoNLKCXV7NayDM-tcsV8zwJnGzSB5GOPiJL8GHKD6aggyDhE047oHL81h6O07opRyWRibcYGJ72a9BffMxvWf6ogOkRuxs5b2rJj_K40CgOyKt8pRlIbxPy5eYQ3rd0nHowyhcUDkbrM6JYhrfFwJjG9oDM7tOfe9QhPaTCYnamGdpN-VP5l_GhE491NoSoe69tEHZxrMCLXODqBK0kDPI1AJRtGpEBEn_qzcqXlsaRk_4sQrhpSg-3YQCLQUvJGLcoqbGdJlTE-OA45zdTQu7_Q2Ov45TBx4Gbcnc0Z4OeBUDVGJ9CgL8FbQ_U4JQPZOjQWFghWSnVdUuQj4AQSkv65ghX9lAb0DGNHTtZE8tQqR9vgCvJlpy2QVU52OTmW-1jcuaVG1D5URvtpl6rZJlxgCcFIN5mA4BpD5j30ysOoSZridJX6miL_qha82W_07BxUcDWEInTaMZ1qmncqqXM6qgeaS9zyNOSeJrzuznQFutbkxEIh07X_EWs-TKdhlzRscgKeukJW18DZR_Ckw-wHXFDfBQ5NYnrJ-M9A2Y98GAili8XnoDeDwYby6Vh7COLSLqOR7Bk70YlLKuRweGrrOY4NPswFvQn_6BVh8AnvlFmr4ideBfNNBlXYJnS7pFpc5o3LV_8f-jVhp4Q6DJfoYGf9b9c_mZp44E4Sc8smFceN25mNj02xiImARRGhZnZPJrHyZUSRJ-rv4mCz_D5XLADLHwBSnod9XQrx4PvEIn2Klq9DHGYl-RsSzkDnytubxne0W99qj8-r5kAo3dUeVqHqlvJ36mh8ucihBGwjUaI_S3zl0RvFobp7etDXQYv0183Az8NKZ8eYveyAUqOI10vBA11KhXuwOctZkhezcauJr4N9Wt5DLtE7CUjB2zeiPoxjxbSrzV3eqYlK4WCDhjwdmgtNbIdjXo8fsqSfYZbsL2yA3kA0W76ATYoia0QPS_DzMCfT_NfXyjihcdgsLL9cto3X3aQVOGUD2CnKigu8lcAgXQ3NXxVK_6-e6PvxH98e_PnAuDj103Pmp8RieUmiV0UddzL8Uyr8sUD9b4j_st0uQrfNUGQSPalFuTWyWykO2CY5sDcDOjjmG5NKoAiX6cXqS5sSFUZtGsjDk-FoDVoLyGGyT2HkOCEUXFyvbQ2LeAJD760svzy8xooV4bAJsjyqk3W6bcvmq63KmgCTa3UDFIECca6VR3IFHAoQNeQnu_7livjnETM6CUxjuFUj20Zk0-UK-a8JrgkTsq4RK2XyDLfsOWi8BqUoIxaXbEJSEgUFzIGs_6zPZMLfk8NUGkjybKfvtWNU-dqKNuzpJwDVUxHufqz1icYBDYKjgWfgVHg-Z_WiigABlODwFXhjNEV_yG8T3D62ofF1FCbL65cpFVxImyFA27NVg4WdTNev0K16UwHYHCaP58TfxhYu7ayaO5WmrYjhAserksHJzvxod0X8qaYQz4UBrzIHC1tE6uoV5qpgdCPTmRBSQAwTx7fZXttQ7N3oWnfifegJbVdMca6zlS88AMMwZKTg0PDildRvMldb_llklMk9fgsgs-9c3RZWOK-j-7W1giYxJUNkzQOKH0_aU2p-aypMM-QgK_ei7QMWOFIWUmKt-JQZdIWL7VpwfYEgWQ8gszsX74kYPrItYRBfm0j-3HbaCnZqlFhOHWoJYGYbjxAFedSphPAkeEPsoXIV7T_g4ma0PP3-ioV-Wrttmsf6gtRKgLr5YNBRB2N_uwc53D6UNDmi0yU3gjYPzgtXKIAw5oJl4HiSxn7UCAaSaaR4ccNaSYuWbEVE9h_ZZ6c8Vx6603K4VmiyzUt8zhBSnxrImqG4qRoyHokNRIs-xnA67-86PNVdOSFFqqh4T-e_CISHopTqbwQRxAU99rmdjtIavTR0hL6mXA5cSGPfKdMrIWLJxpTTFCFUKNZpz-ywCgahJmAbSrIXKgPEKw_osHCTr1eG8BmVqkZrLZpZxDk0P1zvdeou622t2RdEe0J7Szdttu7j7t3-czhwRECG4JnQcqfHh-HvDjc7vgLe-HT5h2mNjY0LN5zYVBG8wquC3PbALMKPa_o74eePmlTep2BxhgKDaytC7aaHoNHwb_irNnBme6wny1asegIQPn2vUE9NQEOBXNq-Lr6evJm4NHJDfXJ49PPGQIp06XL7-qKDMVHHcMmoqflKyS9EDxWxNmevieXHYLGlSRmub0hS4fj-n5QgY-GF8NiUT2Olo-rYtBmtaEFNm5MvTrcalTamuMJCwPuhdOo20QaG-JT35DrM2Ay4FVSiiEosjjge9gDRvyHGK87OSFZYggDbWRW6MIke0T6D1ryICaA1bJGLgwM9WCCFgmCRfWXLTmV3qEb6_jM7SrCbUHlNBBV2hsUzn_1V6qlT6F6lg1WSnsfQ&cid=CAASJ-RosqfwkwHF8yZeU3rMUYgpzQQsaR8sKgvMtInNytJX10n6FzvaCA&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7580d50a5ba36e70c36ba6e0f1c35b40d8a5319b64e9210c77997ec729f70624
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16536
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A6ED 		42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BlkzDsI2nGVMtn_Fm-6lHRGMBzzaE_iIsRPLXiS0_EH1B-y-_nV1lv-k6vHyRAuK6--KhoZI2Qq7ZRQTlEce09p_pzMMENh5brTEFwj9UydmN9QQ8
Requested by
Host: 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
URL: https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame A6ED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
URL: https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Sep 2022 12:49:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A6ED 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
URL: https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 01 Sep 2022 12:53:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame A6ED 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
URL: https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
537
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Sep 2022 12:44:11 GMT
l
www.google.com/ads/measurement/ Frame A6ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRn9RhfHB7iIQEfCQ3qjbK6dUCGw6hmWSCLMSzfXIbAKfBcP7iN9rwYUNPLMZHuKssrypJnOJzbB9mvfX6449ND9tckpg
Requested by
Host: 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
URL: https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 9F28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADhREn57CHTJpAJidURehw&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADhREn57CHTJpAJidURehw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNVaRh7LbULVNJ_m8vRQhyEt-sHQLGcVY1LlRpOiU7ggt7iV43pdaHcspMr04E40xo7eQ-IcnELfaq9E8FrkRobeJhMpTy3eFjl_T2PvxU0MEWlA_EBS0owRwiN0hjRSeAHJDHD2ZnjnTZ42lKIxzxO28Y35iUR7I2789ReI42NyeUJdjh8
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
743e25a7acf35be1-FRA
pragma
no-cache
date
Thu, 01 Sep 2022 12:53:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxqqUE9wlPPEawp8AtxDIhhuMJYb2WGSpri1IsGtlMCPFnCot0xUd5ZSRSDbK8jIhPB8lE5QU55hST8pp3jTPseTRpaalYgP%2FfoXwvVeLg5oTywz70RJfvraWsYz%2FdK5TTgQgqoej5fXfA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADhREn57CHTJpAJidURehw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9F28
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxCrNCn2nmsd.C11U7WmpgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADhREn57CHTJpAJidURehw&google_cver=1&google_hm=2
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADhREn57CHTJpAJidURehw&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNVaRh7LbULVNJ_m8vRQhyEt-sHQLGcVY1LlRpOiU7ggt7iV43pdaHcspMr04E40xo7eQ-IcnELfaq9E8FrkRobeJhMpTy3eFjl_T2PvxU0MEWlA_EBS0owRwiN0hjRSeAHJDHD2ZnjnTZ42lKIxzxO28Y35iUR7I2789ReI42NyeUJdjh8
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
743e25a88dba5be1-FRA
pragma
no-cache
date
Thu, 01 Sep 2022 12:53:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJ4J799L%2Fx2ByOzqXDfL4jkObjOtKT40irUKINSCIwgGsn57sP1iz38KqfirBhEyi1NMX6kXYsJ8xhtRxgaKmqgUtR28B3hnNwgkYbfsOOkEgT9VQBrcRjHb5r2ZspPjm07CKHybx9p4iw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADhREn57CHTJpAJidURehw&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9F28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE8GxfeQSKvdWp2P-yZEucg&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEE8GxfeQSKvdWp2P-yZEucg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNVaRh7LbULVNJ_m8vRQhyEt-sHQLGcVY1LlRpOiU7ggt7iV43pdaHcspMr04E40xo7eQ-IcnELfaq9E8FrkRobeJhMpTy3eFjl_T2PvxU0MEWlA_EBS0owRwiN0hjRSeAHJDHD2ZnjnTZ42lKIxzxO28Y35iUR7I2789ReI42NyeUJdjh8
Protocol
HTTP/1.1
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Sep 2022 12:53:08 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
91972171-ea37-4fa9-a293-2ce00d84ee0d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEE8GxfeQSKvdWp2P-yZEucg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9F28
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY3MDY1Mjk4OTAxOTEwOTczNA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY3MDY1Mjk4OTAxOTEwOTczNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNVaRh7LbULVNJ_m8vRQhyEt-sHQLGcVY1LlRpOiU7ggt7iV43pdaHcspMr04E40xo7eQ-IcnELfaq9E8FrkRobeJhMpTy3eFjl_T2PvxU0MEWlA_EBS0owRwiN0hjRSeAHJDHD2ZnjnTZ42lKIxzxO28Y35iUR7I2789ReI42NyeUJdjh8
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 01 Sep 2022 12:53:08 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
0301670c-54af-4f13-afe0-83c0dcf2d2cc
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY3MDY1Mjk4OTAxOTEwOTczNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame A6ED 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6LBcXFyPPXN51KvxXV5BTHmiagKOWiBUk065o_d6HNqoeNeoVewYLdaTylVAnwl9CrvrOj9pK2Z-lWpjk67lTQPag4QIZLRjyTMTXTDQPTQCJdUyOb8G68QOcShdZpzkIoE7bw6qFMUfcyUw2N4M8FW5xUg&cry=1&dbm_d=AKAmf-C4e8gitDLfUNrbuGi9RJSdHlgEtyJYlqKt1m7k4lKDTvV4nXXdO9HwDGpJUWnXZWhr9A-EfTxp-pK5dxCxUOFzJE24lPDJY1EMc0zRFZfkvv6udLuGzqCzA14ItlmQ3QYZ8QZKyK5aUfXXFwJdxQpbpqVJHCqkfxqS1wEHIgVxD8dbyJMBgGMZ-at6uz9iELfcV3-LW-3b-1uLw-TeWky0KiD4WodXskrRseEq1WKuHF6bcL5R2UlUl6e2dACyCXHyrTH4be40c6xH4XUJoiUJKnKCYuf2pw0FToap9K4z5h130owj1A61NFFrnBgV93i9uJMS4a_HR957052mycaBNL-jD_Wf088V2lOZ7Xg7lkJ0lxctOjhT3MOjD_ikI0xODefRMsQh0D2gkWzu9tW-XOQOvXv1fR5Hvayk6j5hbnmJC0MUI2P7z6Ft6hAVmi9HY3sjb7PT8DxpUxNIvxjdeTEUmAtp_aE-6c0AfsEy_A-hH-xjYvGiW14EDwHgSVf3fsMx5uUekO1qH-zjLzqrPIBWVuRNLrG1GfM6sKNjmI0PZqDJeoq68ki6UQoj6JQTodGooXoMmw6rFP0jXhOF_cj4QfSNuSMGi05ztMgYxa1PHcgELY20DaDC2QOKp95cGcVAU7aDD543YvtH4WPbChirC_y3RlFYqgvhkHPzfQBNGdawCd9d-HAp8eun2hWgM4r62ZHI_Mo_kEFhp48QK4gJC0Zd3DoxppOB3MTnj0YPbuPmn83O4yFgYUlYtSJeoRjwESfIdmXWQ-OazU8Rnfo5_Lm2oj1yjH1kb4UdAOPDBBHk5VIoNLKCXV7NayDM-tcsV8zwJnGzSB5GOPiJL8GHKD6aggyDhE047oHL81h6O07opRyWRibcYGJ72a9BffMxvWf6ogOkRuxs5b2rJj_K40CgOyKt8pRlIbxPy5eYQ3rd0nHowyhcUDkbrM6JYhrfFwJjG9oDM7tOfe9QhPaTCYnamGdpN-VP5l_GhE491NoSoe69tEHZxrMCLXODqBK0kDPI1AJRtGpEBEn_qzcqXlsaRk_4sQrhpSg-3YQCLQUvJGLcoqbGdJlTE-OA45zdTQu7_Q2Ov45TBx4Gbcnc0Z4OeBUDVGJ9CgL8FbQ_U4JQPZOjQWFghWSnVdUuQj4AQSkv65ghX9lAb0DGNHTtZE8tQqR9vgCvJlpy2QVU52OTmW-1jcuaVG1D5URvtpl6rZJlxgCcFIN5mA4BpD5j30ysOoSZridJX6miL_qha82W_07BxUcDWEInTaMZ1qmncqqXM6qgeaS9zyNOSeJrzuznQFutbkxEIh07X_EWs-TKdhlzRscgKeukJW18DZR_Ckw-wHXFDfBQ5NYnrJ-M9A2Y98GAili8XnoDeDwYby6Vh7COLSLqOR7Bk70YlLKuRweGrrOY4NPswFvQn_6BVh8AnvlFmr4ideBfNNBlXYJnS7pFpc5o3LV_8f-jVhp4Q6DJfoYGf9b9c_mZp44E4Sc8smFceN25mNj02xiImARRGhZnZPJrHyZUSRJ-rv4mCz_D5XLADLHwBSnod9XQrx4PvEIn2Klq9DHGYl-RsSzkDnytubxne0W99qj8-r5kAo3dUeVqHqlvJ36mh8ucihBGwjUaI_S3zl0RvFobp7etDXQYv0183Az8NKZ8eYveyAUqOI10vBA11KhXuwOctZkhezcauJr4N9Wt5DLtE7CUjB2zeiPoxjxbSrzV3eqYlK4WCDhjwdmgtNbIdjXo8fsqSfYZbsL2yA3kA0W76ATYoia0QPS_DzMCfT_NfXyjihcdgsLL9cto3X3aQVOGUD2CnKigu8lcAgXQ3NXxVK_6-e6PvxH98e_PnAuDj103Pmp8RieUmiV0UddzL8Uyr8sUD9b4j_st0uQrfNUGQSPalFuTWyWykO2CY5sDcDOjjmG5NKoAiX6cXqS5sSFUZtGsjDk-FoDVoLyGGyT2HkOCEUXFyvbQ2LeAJD760svzy8xooV4bAJsjyqk3W6bcvmq63KmgCTa3UDFIECca6VR3IFHAoQNeQnu_7livjnETM6CUxjuFUj20Zk0-UK-a8JrgkTsq4RK2XyDLfsOWi8BqUoIxaXbEJSEgUFzIGs_6zPZMLfk8NUGkjybKfvtWNU-dqKNuzpJwDVUxHufqz1icYBDYKjgWfgVHg-Z_WiigABlODwFXhjNEV_yG8T3D62ofF1FCbL65cpFVxImyFA27NVg4WdTNev0K16UwHYHCaP58TfxhYu7ayaO5WmrYjhAserksHJzvxod0X8qaYQz4UBrzIHC1tE6uoV5qpgdCPTmRBSQAwTx7fZXttQ7N3oWnfifegJbVdMca6zlS88AMMwZKTg0PDildRvMldb_llklMk9fgsgs-9c3RZWOK-j-7W1giYxJUNkzQOKH0_aU2p-aypMM-QgK_ei7QMWOFIWUmKt-JQZdIWL7VpwfYEgWQ8gszsX74kYPrItYRBfm0j-3HbaCnZqlFhOHWoJYGYbjxAFedSphPAkeEPsoXIV7T_g4ma0PP3-ioV-Wrttmsf6gtRKgLr5YNBRB2N_uwc53D6UNDmi0yU3gjYPzgtXKIAw5oJl4HiSxn7UCAaSaaR4ccNaSYuWbEVE9h_ZZ6c8Vx6603K4VmiyzUt8zhBSnxrImqG4qRoyHokNRIs-xnA67-86PNVdOSFFqqh4T-e_CISHopTqbwQRxAU99rmdjtIavTR0hL6mXA5cSGPfKdMrIWLJxpTTFCFUKNZpz-ywCgahJmAbSrIXKgPEKw_osHCTr1eG8BmVqkZrLZpZxDk0P1zvdeou622t2RdEe0J7Szdttu7j7t3-czhwRECG4JnQcqfHh-HvDjc7vgLe-HT5h2mNjY0LN5zYVBG8wquC3PbALMKPa_o74eePmlTep2BxhgKDaytC7aaHoNHwb_irNnBme6wny1asegIQPn2vUE9NQEOBXNq-Lr6evJm4NHJDfXJ49PPGQIp06XL7-qKDMVHHcMmoqflKyS9EDxWxNmevieXHYLGlSRmub0hS4fj-n5QgY-GF8NiUT2Olo-rYtBmtaEFNm5MvTrcalTamuMJCwPuhdOo20QaG-JT35DrM2Ay4FVSiiEosjjge9gDRvyHGK87OSFZYggDbWRW6MIke0T6D1ryICaA1bJGLgwM9WCCFgmCRfWXLTmV3qEb6_jM7SrCbUHlNBBV2hsUzn_1V6qlT6F6lg1WSnsfQ&cid=CAASJ-RosqfwkwHF8yZeU3rMUYgpzQQsaR8sKgvMtInNytJX10n6FzvaCA&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11766
x-xss-protection
0
server
cafe
etag
14053427913132020778
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Sep 2022 12:49:03 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A6ED 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6LBcXFyPPXN51KvxXV5BTHmiagKOWiBUk065o_d6HNqoeNeoVewYLdaTylVAnwl9CrvrOj9pK2Z-lWpjk67lTQPag4QIZLRjyTMTXTDQPTQCJdUyOb8G68QOcShdZpzkIoE7bw6qFMUfcyUw2N4M8FW5xUg&cry=1&dbm_d=AKAmf-C4e8gitDLfUNrbuGi9RJSdHlgEtyJYlqKt1m7k4lKDTvV4nXXdO9HwDGpJUWnXZWhr9A-EfTxp-pK5dxCxUOFzJE24lPDJY1EMc0zRFZfkvv6udLuGzqCzA14ItlmQ3QYZ8QZKyK5aUfXXFwJdxQpbpqVJHCqkfxqS1wEHIgVxD8dbyJMBgGMZ-at6uz9iELfcV3-LW-3b-1uLw-TeWky0KiD4WodXskrRseEq1WKuHF6bcL5R2UlUl6e2dACyCXHyrTH4be40c6xH4XUJoiUJKnKCYuf2pw0FToap9K4z5h130owj1A61NFFrnBgV93i9uJMS4a_HR957052mycaBNL-jD_Wf088V2lOZ7Xg7lkJ0lxctOjhT3MOjD_ikI0xODefRMsQh0D2gkWzu9tW-XOQOvXv1fR5Hvayk6j5hbnmJC0MUI2P7z6Ft6hAVmi9HY3sjb7PT8DxpUxNIvxjdeTEUmAtp_aE-6c0AfsEy_A-hH-xjYvGiW14EDwHgSVf3fsMx5uUekO1qH-zjLzqrPIBWVuRNLrG1GfM6sKNjmI0PZqDJeoq68ki6UQoj6JQTodGooXoMmw6rFP0jXhOF_cj4QfSNuSMGi05ztMgYxa1PHcgELY20DaDC2QOKp95cGcVAU7aDD543YvtH4WPbChirC_y3RlFYqgvhkHPzfQBNGdawCd9d-HAp8eun2hWgM4r62ZHI_Mo_kEFhp48QK4gJC0Zd3DoxppOB3MTnj0YPbuPmn83O4yFgYUlYtSJeoRjwESfIdmXWQ-OazU8Rnfo5_Lm2oj1yjH1kb4UdAOPDBBHk5VIoNLKCXV7NayDM-tcsV8zwJnGzSB5GOPiJL8GHKD6aggyDhE047oHL81h6O07opRyWRibcYGJ72a9BffMxvWf6ogOkRuxs5b2rJj_K40CgOyKt8pRlIbxPy5eYQ3rd0nHowyhcUDkbrM6JYhrfFwJjG9oDM7tOfe9QhPaTCYnamGdpN-VP5l_GhE491NoSoe69tEHZxrMCLXODqBK0kDPI1AJRtGpEBEn_qzcqXlsaRk_4sQrhpSg-3YQCLQUvJGLcoqbGdJlTE-OA45zdTQu7_Q2Ov45TBx4Gbcnc0Z4OeBUDVGJ9CgL8FbQ_U4JQPZOjQWFghWSnVdUuQj4AQSkv65ghX9lAb0DGNHTtZE8tQqR9vgCvJlpy2QVU52OTmW-1jcuaVG1D5URvtpl6rZJlxgCcFIN5mA4BpD5j30ysOoSZridJX6miL_qha82W_07BxUcDWEInTaMZ1qmncqqXM6qgeaS9zyNOSeJrzuznQFutbkxEIh07X_EWs-TKdhlzRscgKeukJW18DZR_Ckw-wHXFDfBQ5NYnrJ-M9A2Y98GAili8XnoDeDwYby6Vh7COLSLqOR7Bk70YlLKuRweGrrOY4NPswFvQn_6BVh8AnvlFmr4ideBfNNBlXYJnS7pFpc5o3LV_8f-jVhp4Q6DJfoYGf9b9c_mZp44E4Sc8smFceN25mNj02xiImARRGhZnZPJrHyZUSRJ-rv4mCz_D5XLADLHwBSnod9XQrx4PvEIn2Klq9DHGYl-RsSzkDnytubxne0W99qj8-r5kAo3dUeVqHqlvJ36mh8ucihBGwjUaI_S3zl0RvFobp7etDXQYv0183Az8NKZ8eYveyAUqOI10vBA11KhXuwOctZkhezcauJr4N9Wt5DLtE7CUjB2zeiPoxjxbSrzV3eqYlK4WCDhjwdmgtNbIdjXo8fsqSfYZbsL2yA3kA0W76ATYoia0QPS_DzMCfT_NfXyjihcdgsLL9cto3X3aQVOGUD2CnKigu8lcAgXQ3NXxVK_6-e6PvxH98e_PnAuDj103Pmp8RieUmiV0UddzL8Uyr8sUD9b4j_st0uQrfNUGQSPalFuTWyWykO2CY5sDcDOjjmG5NKoAiX6cXqS5sSFUZtGsjDk-FoDVoLyGGyT2HkOCEUXFyvbQ2LeAJD760svzy8xooV4bAJsjyqk3W6bcvmq63KmgCTa3UDFIECca6VR3IFHAoQNeQnu_7livjnETM6CUxjuFUj20Zk0-UK-a8JrgkTsq4RK2XyDLfsOWi8BqUoIxaXbEJSEgUFzIGs_6zPZMLfk8NUGkjybKfvtWNU-dqKNuzpJwDVUxHufqz1icYBDYKjgWfgVHg-Z_WiigABlODwFXhjNEV_yG8T3D62ofF1FCbL65cpFVxImyFA27NVg4WdTNev0K16UwHYHCaP58TfxhYu7ayaO5WmrYjhAserksHJzvxod0X8qaYQz4UBrzIHC1tE6uoV5qpgdCPTmRBSQAwTx7fZXttQ7N3oWnfifegJbVdMca6zlS88AMMwZKTg0PDildRvMldb_llklMk9fgsgs-9c3RZWOK-j-7W1giYxJUNkzQOKH0_aU2p-aypMM-QgK_ei7QMWOFIWUmKt-JQZdIWL7VpwfYEgWQ8gszsX74kYPrItYRBfm0j-3HbaCnZqlFhOHWoJYGYbjxAFedSphPAkeEPsoXIV7T_g4ma0PP3-ioV-Wrttmsf6gtRKgLr5YNBRB2N_uwc53D6UNDmi0yU3gjYPzgtXKIAw5oJl4HiSxn7UCAaSaaR4ccNaSYuWbEVE9h_ZZ6c8Vx6603K4VmiyzUt8zhBSnxrImqG4qRoyHokNRIs-xnA67-86PNVdOSFFqqh4T-e_CISHopTqbwQRxAU99rmdjtIavTR0hL6mXA5cSGPfKdMrIWLJxpTTFCFUKNZpz-ywCgahJmAbSrIXKgPEKw_osHCTr1eG8BmVqkZrLZpZxDk0P1zvdeou622t2RdEe0J7Szdttu7j7t3-czhwRECG4JnQcqfHh-HvDjc7vgLe-HT5h2mNjY0LN5zYVBG8wquC3PbALMKPa_o74eePmlTep2BxhgKDaytC7aaHoNHwb_irNnBme6wny1asegIQPn2vUE9NQEOBXNq-Lr6evJm4NHJDfXJ49PPGQIp06XL7-qKDMVHHcMmoqflKyS9EDxWxNmevieXHYLGlSRmub0hS4fj-n5QgY-GF8NiUT2Olo-rYtBmtaEFNm5MvTrcalTamuMJCwPuhdOo20QaG-JT35DrM2Ay4FVSiiEosjjge9gDRvyHGK87OSFZYggDbWRW6MIke0T6D1ryICaA1bJGLgwM9WCCFgmCRfWXLTmV3qEb6_jM7SrCbUHlNBBV2hsUzn_1V6qlT6F6lg1WSnsfQ&cid=CAASJ-RosqfwkwHF8yZeU3rMUYgpzQQsaR8sKgvMtInNytJX10n6FzvaCA&rfl=1%2Chttps%253A%252F%252Fwww.plurk.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
536531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Aug 2023 07:50:57 GMT
npoee1nv94vs
hal9000.redintelligence.net/zone/ Frame A6ED 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUIz9M6sQY8qiKc3P7_UP-rao8Ay1zfmDV8zeuavlDPAuEAEg9JeCNWCV4pCCoAfIAQmpAl3-0Q6Tz7A-qAMBqgTgAU_QRwi-ViNllfukuX1leTRhfqHKAMsiO328zAvscBZqLFV1lK12x5bq2Kj_0hU9m3Dnb66O5riyvv2SH98gkCBe70Y39rRJ6JSOoNZ2nRNDgDuA1pTVRXB0mIClvPoHcbtfegZ4Z0ErkrQHkxIDuBDIFKINxm8DMaJo65x4GZ3avxwprwog7NZv91XOtr213Syre1Qx_LLlsdK5ThYllBj1bGpoV-krPNBJyh7EY3H7Aa6oB5J7aNgQfOK0lgG6rCOXiWRIOBvZ-0LH-Y9jF-8zKiLS_-0u3ViiCFH23viwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RosqfwkwHF8yZeU3rMUYgpzQQsaR8sKgvMtInNytJX10n6FzvaCA%26sig%3DAOD64_2gnlgN_SS0-6UUTcozWuvVAR2oFA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BaUOUxi_uMg-ChXRMQADj64thGOWj9jT_f4Gv9Elm-TOc47gftvaSHf_qxueRba3RvXL7VyR3q8TIlexcv4WCBYQIXpccBqp6FYkb8Etk80GdG18ykBCdUxVcNGSCbWEkbyUJGRnQ81XdhpoiwO4w7jZud-Q%26cry%3D1%26dbm_d%3DAKAmf-ADaupbQszWXb5jtzRQEuN0JztwFvyVuhzWU6tgMZs39BPDDUiUFg2gmBx-trGP7fnPjWhirWYwjI3C7InnVx-PlEoueU-qotv8TMMqkNMc5iGN8CS4gaE8QzMZ4F596WQW5_PsycpL6tf595m4r2V98CG8nGrf5_MBaFVMly5fTux2HlchmEU1Yb63d9xw5erOJ-33zMYCZy4_40qvI0gLuFJZwVxTUDOMPay1SR0up9BizGH6mPdujP6zTuzphdEeMhX_fji41V9D_TqZorRKNA9GkKkmrlg5ZWVNYy1KFc9K375N_BohEnXuakjR_Y0xwv-TVRdeDbS6jE-Q8GSHCsDrh-DZ5N_Iqt78pZv0wucGzM11dk9gflNEDk84timAHd4g0D83-cKjEmaWzBuIZk-fyyNy1P1Hq3LSqBl5IvlG7Ti08PfOczJ1jLD_8G7z1tus9qGiyMIWg4fb4qm7b-ijkNQxZ_5big02oeoSMB38JjqIJyW8BX7NiqW5bH4HV0l2dBlOlP5Cyo_hseg9EMT9vg%26adurl%3D
Requested by
Host: 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
URL: https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
c5c62e6c67ef7f70f91831fed0d21b6566a10247e8535bc1ffb8aab6f1e6cb2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 12:53:08 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3988
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
request.php
hal900030.redintelligence.net/ Frame A6ED
Redirect Chain
  • https://hal900030.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=b82e3810b5&subid=&uid=f3012a6276a43a35&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900030.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=b82e3810b5&subid=&uid=f3012a6276a43a35&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900030.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=b82e3810b5&subid=&uid=f3012a6276a43a35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUIz9M6sQY8qiKc3P7_UP-rao8Ay1zfmDV8zeuavlDPAuEAEg9JeCNWCV4pCCoAfIAQmpAl3-0Q6Tz7A-qAMBqgTgAU_QRwi-ViNllfukuX1leTRhfqHKAMsiO328zAvscBZqLFV1lK12x5bq2Kj_0hU9m3Dnb66O5riyvv2SH98gkCBe70Y39rRJ6JSOoNZ2nRNDgDuA1pTVRXB0mIClvPoHcbtfegZ4Z0ErkrQHkxIDuBDIFKINxm8DMaJo65x4GZ3avxwprwog7NZv91XOtr213Syre1Qx_LLlsdK5ThYllBj1bGpoV-krPNBJyh7EY3H7Aa6oB5J7aNgQfOK0lgG6rCOXiWRIOBvZ-0LH-Y9jF-8zKiLS_-0u3ViiCFH23viwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RosqfwkwHF8yZeU3rMUYgpzQQsaR8sKgvMtInNytJX10n6FzvaCA%26sig%3DAOD64_2gnlgN_SS0-6UUTcozWuvVAR2oFA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BaUOUxi_uMg-ChXRMQADj64thGOWj9jT_f4Gv9Elm-TOc47gftvaSHf_qxueRba3RvXL7VyR3q8TIlexcv4WCBYQIXpccBqp6FYkb8Etk80GdG18ykBCdUxVcNGSCbWEkbyUJGRnQ81XdhpoiwO4w7jZud-Q%26cry%3D1%26dbm_d%3DAKAmf-ADaupbQszWXb5jtzRQEuN0JztwFvyVuhzWU6tgMZs39BPDDUiUFg2gmBx-trGP7fnPjWhirWYwjI3C7InnVx-PlEoueU-qotv8TMMqkNMc5iGN8CS4gaE8QzMZ4F596WQW5_PsycpL6tf595m4r2V98CG8nGrf5_MBaFVMly5fTux2HlchmEU1Yb63d9xw5erOJ-33zMYCZy4_40qvI0gLuFJZwVxTUDOMPay1SR0up9BizGH6mPdujP6zTuzphdEeMhX_fji41V9D_TqZorRKNA9GkKkmrlg5ZWVNYy1KFc9K375N_BohEnXuakjR_Y0xwv-TVRdeDbS6jE-Q8GSHCsDrh-DZ5N_Iqt78pZv0wucGzM11dk9gflNEDk84timAHd4g0D83-cKjEmaWzBuIZk-fyyNy1P1Hq3LSqBl5IvlG7Ti08PfOczJ1jLD_8G7z1tus9qGiyMIWg4fb4qm7b-ijkNQxZ_5big02oeoSMB38JjqIJyW8BX7NiqW5bH4HV0l2dBlOlP5Cyo_hseg9EMT9vg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=6112804391633&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
URL: https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
136.243.149.243 Tamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
8ff5afc613108361a2a48f39142a556908bbf27efb5789e20a358ab8f544076f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Sep 2022 12:53:08 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
24186900090151900710616012069030
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1096
Expires
Thu, 01 Sep 2022 13:53:08 +0200

Redirect headers

Pragma
no-cache
Date
Thu, 01 Sep 2022 12:53:08 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=b82e3810b5&subid=&uid=f3012a6276a43a35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUIz9M6sQY8qiKc3P7_UP-rao8Ay1zfmDV8zeuavlDPAuEAEg9JeCNWCV4pCCoAfIAQmpAl3-0Q6Tz7A-qAMBqgTgAU_QRwi-ViNllfukuX1leTRhfqHKAMsiO328zAvscBZqLFV1lK12x5bq2Kj_0hU9m3Dnb66O5riyvv2SH98gkCBe70Y39rRJ6JSOoNZ2nRNDgDuA1pTVRXB0mIClvPoHcbtfegZ4Z0ErkrQHkxIDuBDIFKINxm8DMaJo65x4GZ3avxwprwog7NZv91XOtr213Syre1Qx_LLlsdK5ThYllBj1bGpoV-krPNBJyh7EY3H7Aa6oB5J7aNgQfOK0lgG6rCOXiWRIOBvZ-0LH-Y9jF-8zKiLS_-0u3ViiCFH23viwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RosqfwkwHF8yZeU3rMUYgpzQQsaR8sKgvMtInNytJX10n6FzvaCA%26sig%3DAOD64_2gnlgN_SS0-6UUTcozWuvVAR2oFA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BaUOUxi_uMg-ChXRMQADj64thGOWj9jT_f4Gv9Elm-TOc47gftvaSHf_qxueRba3RvXL7VyR3q8TIlexcv4WCBYQIXpccBqp6FYkb8Etk80GdG18ykBCdUxVcNGSCbWEkbyUJGRnQ81XdhpoiwO4w7jZud-Q%26cry%3D1%26dbm_d%3DAKAmf-ADaupbQszWXb5jtzRQEuN0JztwFvyVuhzWU6tgMZs39BPDDUiUFg2gmBx-trGP7fnPjWhirWYwjI3C7InnVx-PlEoueU-qotv8TMMqkNMc5iGN8CS4gaE8QzMZ4F596WQW5_PsycpL6tf595m4r2V98CG8nGrf5_MBaFVMly5fTux2HlchmEU1Yb63d9xw5erOJ-33zMYCZy4_40qvI0gLuFJZwVxTUDOMPay1SR0up9BizGH6mPdujP6zTuzphdEeMhX_fji41V9D_TqZorRKNA9GkKkmrlg5ZWVNYy1KFc9K375N_BohEnXuakjR_Y0xwv-TVRdeDbS6jE-Q8GSHCsDrh-DZ5N_Iqt78pZv0wucGzM11dk9gflNEDk84timAHd4g0D83-cKjEmaWzBuIZk-fyyNy1P1Hq3LSqBl5IvlG7Ti08PfOczJ1jLD_8G7z1tus9qGiyMIWg4fb4qm7b-ijkNQxZ_5big02oeoSMB38JjqIJyW8BX7NiqW5bH4HV0l2dBlOlP5Cyo_hseg9EMT9vg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=6112804391633&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 01 Sep 2022 13:53:08 +0200
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 529C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
536531
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Aug 2022 07:50:57 GMT
expires
Sat, 26 Aug 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js
pagead2.googlesyndication.com/bg/ Frame 529C 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 11:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15802
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 11:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 11:30:40 GMT
view.aspx
pb.media01.eu/ Frame 25FB
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=24186900090151900710616012069030&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24186900090151900710616012069030&actionid=981741&produktid=&dt_url=
0
630 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24186900090151900710616012069030&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=b82e3810b5&subid=&uid=f3012a6276a43a35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUIz9M6sQY8qiKc3P7_UP-rao8Ay1zfmDV8zeuavlDPAuEAEg9JeCNWCV4pCCoAfIAQmpAl3-0Q6Tz7A-qAMBqgTgAU_QRwi-ViNllfukuX1leTRhfqHKAMsiO328zAvscBZqLFV1lK12x5bq2Kj_0hU9m3Dnb66O5riyvv2SH98gkCBe70Y39rRJ6JSOoNZ2nRNDgDuA1pTVRXB0mIClvPoHcbtfegZ4Z0ErkrQHkxIDuBDIFKINxm8DMaJo65x4GZ3avxwprwog7NZv91XOtr213Syre1Qx_LLlsdK5ThYllBj1bGpoV-krPNBJyh7EY3H7Aa6oB5J7aNgQfOK0lgG6rCOXiWRIOBvZ-0LH-Y9jF-8zKiLS_-0u3ViiCFH23viwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RosqfwkwHF8yZeU3rMUYgpzQQsaR8sKgvMtInNytJX10n6FzvaCA%26sig%3DAOD64_2gnlgN_SS0-6UUTcozWuvVAR2oFA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BaUOUxi_uMg-ChXRMQADj64thGOWj9jT_f4Gv9Elm-TOc47gftvaSHf_qxueRba3RvXL7VyR3q8TIlexcv4WCBYQIXpccBqp6FYkb8Etk80GdG18ykBCdUxVcNGSCbWEkbyUJGRnQ81XdhpoiwO4w7jZud-Q%26cry%3D1%26dbm_d%3DAKAmf-ADaupbQszWXb5jtzRQEuN0JztwFvyVuhzWU6tgMZs39BPDDUiUFg2gmBx-trGP7fnPjWhirWYwjI3C7InnVx-PlEoueU-qotv8TMMqkNMc5iGN8CS4gaE8QzMZ4F596WQW5_PsycpL6tf595m4r2V98CG8nGrf5_MBaFVMly5fTux2HlchmEU1Yb63d9xw5erOJ-33zMYCZy4_40qvI0gLuFJZwVxTUDOMPay1SR0up9BizGH6mPdujP6zTuzphdEeMhX_fji41V9D_TqZorRKNA9GkKkmrlg5ZWVNYy1KFc9K375N_BohEnXuakjR_Y0xwv-TVRdeDbS6jE-Q8GSHCsDrh-DZ5N_Iqt78pZv0wucGzM11dk9gflNEDk84timAHd4g0D83-cKjEmaWzBuIZk-fyyNy1P1Hq3LSqBl5IvlG7Ti08PfOczJ1jLD_8G7z1tus9qGiyMIWg4fb4qm7b-ijkNQxZ_5big02oeoSMB38JjqIJyW8BX7NiqW5bH4HV0l2dBlOlP5Cyo_hseg9EMT9vg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=6112804391633&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 01 Sep 2022 12:53:07 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Thu, 01 Sep 2022 02:53:08 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Thu, 01 Sep 2022 12:53:08 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24186900090151900710616012069030&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
X-IPLB-Request-ID
B9D59BA2:DC26_91EFC182:01BB_6310AB34_6FD8B8F:1F22C
/
adv.office-partner.de/ Frame 4A02 		1 KB
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=b82e3810b5&subid=&uid=f3012a6276a43a35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUIz9M6sQY8qiKc3P7_UP-rao8Ay1zfmDV8zeuavlDPAuEAEg9JeCNWCV4pCCoAfIAQmpAl3-0Q6Tz7A-qAMBqgTgAU_QRwi-ViNllfukuX1leTRhfqHKAMsiO328zAvscBZqLFV1lK12x5bq2Kj_0hU9m3Dnb66O5riyvv2SH98gkCBe70Y39rRJ6JSOoNZ2nRNDgDuA1pTVRXB0mIClvPoHcbtfegZ4Z0ErkrQHkxIDuBDIFKINxm8DMaJo65x4GZ3avxwprwog7NZv91XOtr213Syre1Qx_LLlsdK5ThYllBj1bGpoV-krPNBJyh7EY3H7Aa6oB5J7aNgQfOK0lgG6rCOXiWRIOBvZ-0LH-Y9jF-8zKiLS_-0u3ViiCFH23viwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RosqfwkwHF8yZeU3rMUYgpzQQsaR8sKgvMtInNytJX10n6FzvaCA%26sig%3DAOD64_2gnlgN_SS0-6UUTcozWuvVAR2oFA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BaUOUxi_uMg-ChXRMQADj64thGOWj9jT_f4Gv9Elm-TOc47gftvaSHf_qxueRba3RvXL7VyR3q8TIlexcv4WCBYQIXpccBqp6FYkb8Etk80GdG18ykBCdUxVcNGSCbWEkbyUJGRnQ81XdhpoiwO4w7jZud-Q%26cry%3D1%26dbm_d%3DAKAmf-ADaupbQszWXb5jtzRQEuN0JztwFvyVuhzWU6tgMZs39BPDDUiUFg2gmBx-trGP7fnPjWhirWYwjI3C7InnVx-PlEoueU-qotv8TMMqkNMc5iGN8CS4gaE8QzMZ4F596WQW5_PsycpL6tf595m4r2V98CG8nGrf5_MBaFVMly5fTux2HlchmEU1Yb63d9xw5erOJ-33zMYCZy4_40qvI0gLuFJZwVxTUDOMPay1SR0up9BizGH6mPdujP6zTuzphdEeMhX_fji41V9D_TqZorRKNA9GkKkmrlg5ZWVNYy1KFc9K375N_BohEnXuakjR_Y0xwv-TVRdeDbS6jE-Q8GSHCsDrh-DZ5N_Iqt78pZv0wucGzM11dk9gflNEDk84timAHd4g0D83-cKjEmaWzBuIZk-fyyNy1P1Hq3LSqBl5IvlG7Ti08PfOczJ1jLD_8G7z1tus9qGiyMIWg4fb4qm7b-ijkNQxZ_5big02oeoSMB38JjqIJyW8BX7NiqW5bH4HV0l2dBlOlP5Cyo_hseg9EMT9vg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=6112804391633&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661

Request headers

Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 01 Sep 2022 12:53:08 GMT
etag
W/"5ad8a35f-59f"
server
keycdn-engine
x-edge-location
atvi
htlp
futalis.de/ Frame 81AD
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=24186900090151900710616012069030&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1572569234
350 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1572569234
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=b82e3810b5&subid=&uid=f3012a6276a43a35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUIz9M6sQY8qiKc3P7_UP-rao8Ay1zfmDV8zeuavlDPAuEAEg9JeCNWCV4pCCoAfIAQmpAl3-0Q6Tz7A-qAMBqgTgAU_QRwi-ViNllfukuX1leTRhfqHKAMsiO328zAvscBZqLFV1lK12x5bq2Kj_0hU9m3Dnb66O5riyvv2SH98gkCBe70Y39rRJ6JSOoNZ2nRNDgDuA1pTVRXB0mIClvPoHcbtfegZ4Z0ErkrQHkxIDuBDIFKINxm8DMaJo65x4GZ3avxwprwog7NZv91XOtr213Syre1Qx_LLlsdK5ThYllBj1bGpoV-krPNBJyh7EY3H7Aa6oB5J7aNgQfOK0lgG6rCOXiWRIOBvZ-0LH-Y9jF-8zKiLS_-0u3ViiCFH23viwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RosqfwkwHF8yZeU3rMUYgpzQQsaR8sKgvMtInNytJX10n6FzvaCA%26sig%3DAOD64_2gnlgN_SS0-6UUTcozWuvVAR2oFA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BaUOUxi_uMg-ChXRMQADj64thGOWj9jT_f4Gv9Elm-TOc47gftvaSHf_qxueRba3RvXL7VyR3q8TIlexcv4WCBYQIXpccBqp6FYkb8Etk80GdG18ykBCdUxVcNGSCbWEkbyUJGRnQ81XdhpoiwO4w7jZud-Q%26cry%3D1%26dbm_d%3DAKAmf-ADaupbQszWXb5jtzRQEuN0JztwFvyVuhzWU6tgMZs39BPDDUiUFg2gmBx-trGP7fnPjWhirWYwjI3C7InnVx-PlEoueU-qotv8TMMqkNMc5iGN8CS4gaE8QzMZ4F596WQW5_PsycpL6tf595m4r2V98CG8nGrf5_MBaFVMly5fTux2HlchmEU1Yb63d9xw5erOJ-33zMYCZy4_40qvI0gLuFJZwVxTUDOMPay1SR0up9BizGH6mPdujP6zTuzphdEeMhX_fji41V9D_TqZorRKNA9GkKkmrlg5ZWVNYy1KFc9K375N_BohEnXuakjR_Y0xwv-TVRdeDbS6jE-Q8GSHCsDrh-DZ5N_Iqt78pZv0wucGzM11dk9gflNEDk84timAHd4g0D83-cKjEmaWzBuIZk-fyyNy1P1Hq3LSqBl5IvlG7Ti08PfOczJ1jLD_8G7z1tus9qGiyMIWg4fb4qm7b-ijkNQxZ_5big02oeoSMB38JjqIJyW8BX7NiqW5bH4HV0l2dBlOlP5Cyo_hseg9EMT9vg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=6112804391633&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 Oberschleissheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 01 Sep 2022 12:53:08 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1572569234
p3p
policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
link.html
track.webgains.com/ Frame A6ED 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=24186900090151900710616012069030&nw=1
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.195.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-195-34.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
6a872092091ce6d690c6d641aea3a90d1bab7cf9ba113b3a66ec95043182037b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:08 GMT
last-modified
Thu, 01 Sep 2022 12:53:08 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Thu, 01 Sep 2022 12:54:08 GMT
request_content.php
hal900030.redintelligence.net/ Frame 0595 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900030.redintelligence.net/request_content.php?s=24186900090151900710616012069030&a=791016f6
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=b82e3810b5&subid=&uid=f3012a6276a43a35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUIz9M6sQY8qiKc3P7_UP-rao8Ay1zfmDV8zeuavlDPAuEAEg9JeCNWCV4pCCoAfIAQmpAl3-0Q6Tz7A-qAMBqgTgAU_QRwi-ViNllfukuX1leTRhfqHKAMsiO328zAvscBZqLFV1lK12x5bq2Kj_0hU9m3Dnb66O5riyvv2SH98gkCBe70Y39rRJ6JSOoNZ2nRNDgDuA1pTVRXB0mIClvPoHcbtfegZ4Z0ErkrQHkxIDuBDIFKINxm8DMaJo65x4GZ3avxwprwog7NZv91XOtr213Syre1Qx_LLlsdK5ThYllBj1bGpoV-krPNBJyh7EY3H7Aa6oB5J7aNgQfOK0lgG6rCOXiWRIOBvZ-0LH-Y9jF-8zKiLS_-0u3ViiCFH23viwwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDmAsByAsBgAwBsBPcmesN0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RosqfwkwHF8yZeU3rMUYgpzQQsaR8sKgvMtInNytJX10n6FzvaCA%26sig%3DAOD64_2gnlgN_SS0-6UUTcozWuvVAR2oFA%26client%3Dca-pub-4124969290109360%26dbm_c%3DAKAmf-BaUOUxi_uMg-ChXRMQADj64thGOWj9jT_f4Gv9Elm-TOc47gftvaSHf_qxueRba3RvXL7VyR3q8TIlexcv4WCBYQIXpccBqp6FYkb8Etk80GdG18ykBCdUxVcNGSCbWEkbyUJGRnQ81XdhpoiwO4w7jZud-Q%26cry%3D1%26dbm_d%3DAKAmf-ADaupbQszWXb5jtzRQEuN0JztwFvyVuhzWU6tgMZs39BPDDUiUFg2gmBx-trGP7fnPjWhirWYwjI3C7InnVx-PlEoueU-qotv8TMMqkNMc5iGN8CS4gaE8QzMZ4F596WQW5_PsycpL6tf595m4r2V98CG8nGrf5_MBaFVMly5fTux2HlchmEU1Yb63d9xw5erOJ-33zMYCZy4_40qvI0gLuFJZwVxTUDOMPay1SR0up9BizGH6mPdujP6zTuzphdEeMhX_fji41V9D_TqZorRKNA9GkKkmrlg5ZWVNYy1KFc9K375N_BohEnXuakjR_Y0xwv-TVRdeDbS6jE-Q8GSHCsDrh-DZ5N_Iqt78pZv0wucGzM11dk9gflNEDk84timAHd4g0D83-cKjEmaWzBuIZk-fyyNy1P1Hq3LSqBl5IvlG7Ti08PfOczJ1jLD_8G7z1tus9qGiyMIWg4fb4qm7b-ijkNQxZ_5big02oeoSMB38JjqIJyW8BX7NiqW5bH4HV0l2dBlOlP5Cyo_hseg9EMT9vg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.plurk.com%2F&ancestorOrigins=https%3A%2F%2Fwww.plurk.com&random=6112804391633&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 Tamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
15338805e3e31a4a132759997796f1a4ac6836eb1c095a4c0d52c4159dac6368

Request headers

Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2040
Content-Type
text/html; charset=utf-8
Date
Thu, 01 Sep 2022 12:53:08 GMT
Expires
Thu, 01 Sep 2022 13:53:08 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame A6ED
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=24186900090151900710616012069030
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
URL: https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 12:57:18 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Thu, 01 Sep 2022 12:53:08 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA2:DC24_91EFC182:01BB_6310AB34_6F997DB:2A46C
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
truncated
/ Frame A6ED 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f96466ebb04e9e9fbf8ef62455458168b2190722dd98880c936fa4d8f40eee34

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 529C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDJBvNKsQY_nnDq_P7_UP_dsVAAAAADgB4AQC&bg=!ISKlImbNAAaXrHhMt6w7ACkAdvg8WmXRgSiEgNW5gSdL2KG01pBulf1c9BHEd5pcn1vRqbRlXNwlSwIAAABOUgAAAAJoAQeZAuugdBIOe8DORuupCObLyFa9BFM78I7nKTV-QJqkqbijiqugmfbdxqZ__leRZLtbnO-ONrmhrKmzfl37rdzsKCsIcsetyonGpgmOTlcPm-p0gIAE8hBNkOUZUVfHakTe7G0RDZoGd_p7d8kd6mgtNfHI1qPsg3VGLCve0QaJA3Cdt6xVJHBHP-2zb2ErSscmYA34pyCmzh7cjjntfGpZAzsxJxU_vZO55aZNIN0k4Eootl1lu4p2UwuIfTHq3aICXd8DnhN2hrZyf-8teKyluddm0frSy5F4prK09FekCvalSabtm8GZlQnSHSxgCNurQgYtfRcdfm0skYQ_E1KNwsL3cch11UrHWFx-J28AK3RazX7KdNSLMgbs7wIVOduUORGwKbxnMS48iQr-0aoOFNxDs5k0dv1krOhVDsnZJ_U1_e1Ux_xvJMUJa7hiY7hcDVACCczWNpVMPUgR9arByrdirbWjYRbj_XSIUinNWSYah5WAbyqCkphuJeeiPGXtuJ-p1ZFzxRdCgJjblCIZdrRobzI9YSaqkfAyLkkdAlTb2AiCJ40CHrrbcdZeCZSBTtzg_5s8BcHKy3JLH9VUVbVPnw7J_ca_CX4ttlxkEPFZ_DOGlI9kOJF_YU3-FkFC69MXqqH7RWiD_v0oSX9UzeYaxPHNIrufN5qzRMaaNKeA-BqU-YHHdfeSwqRLOCV5qRo1plU6NXdgNuLCRx77vCt2avHkaLkYz760GTZomVAnUhNXpbm3iNiEWjQjaC3KjjRsCb2sVxCEQnpjWj9aJAY1_9fK-vwWjpk3jp461KI2gaD3LUewSc3B_Tj0s_Xq2HnBl_QBSO7fKLIJa2qXiRWye6-iCnhL4SmtbKoKoyvqEoFarRro5xWDtWmDEVNeFt3pgo1PNoK4oivV2y0zneE1deW4XcQZw8pGI9nKuV67RKBgOewsLkKx0ONA-PZ1GYAI2Iwludhbiqxyvyv7gFSZy3V3mopyypycaeQ
Requested by
Host: 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
URL: https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 0595 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=24186900090151900710616012069030&a=791016f6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900030.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 11:19:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 01 Sep 2022 12:53:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Sep 2022 12:53:08 GMT
/
hal9000.redintelligence.net/scale/ Frame 0595 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=24186900090151900710616012069030&a=791016f6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
d5c6c689bbde21b52922430d4a371e4897a0937daca6caf38213f6fafa6cda92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900030.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 12:53:08 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16465
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 0595 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=24186900090151900710616012069030&a=791016f6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
08d8de7971dcdb7c65bbf059c51f67330cfd4b190c13e9990152144744545f82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900030.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 12:53:08 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16529
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 0595 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=24186900090151900710616012069030&a=791016f6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
0c1a4e4cd4b7f6d3263476d502e570ac4e498ff04748f9b538466429b41a3dc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900030.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 12:53:08 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12986
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal900030.redintelligence.net/ Frame 0595 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900030.redintelligence.net/viewability?s=24186900090151900710616012069030&a=61066c1d&vb=m
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=24186900090151900710616012069030&a=791016f6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 Tamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900030.redintelligence.net/request_content.php?s=24186900090151900710616012069030&a=791016f6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 12:53:08 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0595 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900030.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 19:24:52 GMT
x-content-type-options
nosniff
age
62896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 19:24:52 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0595 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900030.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 16:24:40 GMT
x-content-type-options
nosniff
age
160108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 16:24:40 GMT
ts.js
cdn.retailads.net/ Frame 81AD 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1572569234
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:08 GMT
last-modified
Fri, 21 Jan 2022 14:35:51 GMT
server
Apache
accept-ranges
bytes
etag
"14aa-5d6188919baaa"
content-length
5290
content-type
application/javascript
pvClk.min.js
analytics.webgains.io/ Frame A6ED 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=24186900090151900710616012069030&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 05:03:56 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
28153
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA56-C1
content-length
86537
x-amz-cf-id
4w_YBBtMYd9WWIFC8JU6eZ_zQVgTyIR522gf8GkFaXBl85nLevSLrA==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame A6ED 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1662037088&Signature=erfc6Pt6Cp3El72OXDZtj~O2SPrRZooA9~WICGnMAN6jt65kCHwIZ7HFgH1TwXXA3L7kaokxjDz~TG7cn8nS1sr~oQ9-g0Dmq0L1QOCl3NJeVN~ud5SdA4e513Xn1Fh71IFSn9ranyhDqbkAHE2qx4TLZDlD62KoAFUCtXU47R6ef62p22ndP61vcYC-m8AK5BfbSQWKuYJPrLqjMYT6PR2jo0-b-EnQnWo5FFFA0P3X2wXyq9-L61nFYnSKSoxWIZGwXk7PeSDFvez1sIRxoLrW9A4eWTSai0daxCaHl~gobNTn3WX5trv0EqksuZG9zDOBnW9JNbi8mpiUg1bhPw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
URL: https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-44.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
age
30306
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Thu, 01 Sep 2022 04:28:21 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
2808
x-amz-cf-id
TzIiI4fPJuRLhH50Cs7HaK_pOnGoLQ7Z_2c7Adh5KjzP46Yp2ytfKA==
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
949c4aa2fe31014abfcc939e32c6c9c27ec1c8711c1a4abcd5cf953dda19d6bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Sep 2022 12:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11328
x-xss-protection
0
rum
www.plurk.com/cdn-cgi/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.plurk.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:dd13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.plurk.com/p/ob9jem
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
content-type
application/json

Response headers

date
Thu, 01 Sep 2022 12:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.plurk.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
743e25ab5f5b9bee-FRA
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 01 Sep 2022 12:53:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B7D0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.plurk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3980
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 11:46:49 GMT
expires
Fri, 01 Sep 2023 11:46:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8021 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1643007a857a11ec4b8dfc6b94790225b34a65e522cc78f4a9175de0f6d0f3d6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gmSFR8Okq1YajavnD0g_oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.plurk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-gmSFR8Okq1YajavnD0g_oA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 12:53:09 GMT
expires
Thu, 01 Sep 2022 12:53:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js
pagead2.googlesyndication.com/bg/ Frame B7D0 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 11:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15802
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 11:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 11:30:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8021 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082901&jk=393929793189162&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
13567.json
img.scupio.com/js/config/ 		469 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/13567.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
679e26b40ef050634430e94114a23ac6a9e625385955aee7b0590f323c60df4d

Request headers

Accept
application/json, text/javascript, */*
Referer
https://www.plurk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 01 Sep 2022 12:53:09 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
age
137
x-cache
Hit from cloudfront
content-length
469
last-modified
Thu, 01 Sep 2022 02:20:26 GMT
server
nginx/1.12.1
etag
"631016ea-1d5"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
e4DSsoFT7s4_SBlfKd4Tbf7plkfZN1xCF7pdg7StW3DPt9B-B8zPKg==
expires
Thu, 01 Sep 2022 15:50:52 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=13567&cb=0.5295489056971594
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://www.plurk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 01 Sep 2022 12:53:09 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://www.plurk.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
ad.html
img.scupio.com/html/ Frame B897 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.65
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer
https://www.plurk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1338
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 01 Sep 2022 12:30:51 GMT
etag
W/"62fdf772-14d93"
expires
Sat, 01 Oct 2022 12:30:51 GMT
last-modified
Thu, 18 Aug 2022 08:25:22 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-id
wKBz_OFDwQCIe7_1KqNoZpeimsmdijf4uRqcOdkxJ5y-hlZmPS4MHw==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame B897 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 10:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 10:45:16 GMT
prebid.js
img.scupio.com/js/ Frame B897 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:50:30 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
age
158
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
97do5a5OJNMTeMjehOjYe2f_qa53KMn53xGgyCL-PFtyltQ5ymU7Ng==
expires
Sat, 01 Oct 2022 12:50:30 GMT
tracking-event
api.webgains.io/ Frame A6ED 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 01 Sep 2022 12:53:09 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.221.73 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-221-73.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Thu, 01 Sep 2022 12:53:09 GMT
server
nginx
generate_204
tpc.googlesyndication.com/ Frame B7D0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CPPB_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 866C 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:09 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 02 Sep 2022 12:53:09 GMT
syncframe
gum.criteo.com/ Frame 7942 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 12:53:09 GMT
server
Kestrel
server-processing-duration-in-ticks
800051
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 866C 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:09 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:08 GMT
server
nginx
etag
W/"63041db0-15cdc"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 02 Sep 2022 12:53:09 GMT
currency.json
img.scupio.com/js/config/ Frame B897 		108 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
bf152ec4f3386cf9ee04e912013cd1a78692834e80081dfb5bc8936164585c4c

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Sep 2022 12:51:50 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
last-modified
Wed, 31 Aug 2022 19:15:04 GMT
server
nginx/1.12.1
age
84
etag
"630fb338-6c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-length
108
x-amz-cf-id
4FRjXc53QipwA76ZYYkJIw-MKqCnr5OJOYdpXXXR_1pdKte8NAq7SQ==
expires
Thu, 01 Sep 2022 15:51:45 GMT
prebid.aspx
prebid.scupio.com/recweb/ Frame B897 		0
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.4419101030008459
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Sep 2022 12:53:09 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://img.scupio.com
cache-control
private
access-control-allow-credentials
true
prebid.json
ad.holmesmind.com/adserver/ Frame B897 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1662036789815&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.78.141.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-78-141-198.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
67edf6b4b3c2327acbfed9d9381285ab7619d3179275b08620248aea15da0687

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 01 Sep 2022 12:53:10 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame B897 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 01 Sep 2022 12:53:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
header
hb.aralego.com/ Frame B897 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47B7BE8827732D680EA64BB3A493A78B&tdid=&schain=1.0%2C1!scupio.com%2C2581%2C1%2C%2C%2C&eids=&pubcid=c73116c3-de9d-431c-9f78-6ba01de7bb0c&u=https%3A%2F%2Fwww.plurk.com%2Fp%2Fob9jem&host=www.plurk.com&xr=0&ao=https%3A%2F%2Fwww.plurk.com&ucfUid=8f5607a1-5fbd-4078-b3c4-d753840a48fc&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 01 Sep 2022 12:53:10 GMT
access-control-allow-credentials
true
connection
close
cdb
bidder.criteo.com/ Frame B897 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=37839862331
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fa08cb642b02869cdd89ab7d88c36e6419e46d4f92af2b2feb0068ac8b7c050c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Sep 2022 12:53:08 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1001
viewability
hal900030.redintelligence.net/ Frame 0595 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900030.redintelligence.net/viewability?s=24186900090151900710616012069030&a=61066c1d&vb=v
Requested by
Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=24186900090151900710616012069030&a=791016f6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 Tamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900030.redintelligence.net/request_content.php?s=24186900090151900710616012069030&a=791016f6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 12:53:09 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sid
mug.criteo.com/ Frame 7942
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=www.plurk.com&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=GdNof3x5Snd2YnNoMVptWGp2bjFkU3p5WlNKTnhrYlJ2UHBpdE4ycTJBMDFuMlNNZURlRTFNL2JIY29GS2hRSnVwUWpMTDVqaFk3QzAwbmZZSm80WGxBNVE5NGU2QlB3Z2xOSmtBcFFGSkRSS1RPK24rT04vZlhTY1YvU2...
438 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GdNof3x5Snd2YnNoMVptWGp2bjFkU3p5WlNKTnhrYlJ2UHBpdE4ycTJBMDFuMlNNZURlRTFNL2JIY29GS2hRSnVwUWpMTDVqaFk3QzAwbmZZSm80WGxBNVE5NGU2QlB3Z2xOSmtBcFFGSkRSS1RPK24rT04vZlhTY1YvU2dQZURrb3dwSWlOUFdFcGlGeW9abm50eDdIY1kyb1cvbmljU1ZiWGxOdXljR1FmTGlleThGS1JBUjlKRmNFaTBYMkQyMzFzZlpSU3BPM2lsME9teDFNMEVIbStOeDNlWFFLNGNibmRNY280czhEdGJDaHkweE5abnFLVk1USTlsSGdWa08rTHVaL2paMWlzRWZhQWo0dmxtbTJQSFF0RUY4ZjZ4T1M4OWUvZ3Jka3hzY0liQT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
72de2bd2a4285a1f136569643574404489cb379b916ffb5b47b2b17af7c6b443
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:09 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1719756
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:08 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=GdNof3x5Snd2YnNoMVptWGp2bjFkU3p5WlNKTnhrYlJ2UHBpdE4ycTJBMDFuMlNNZURlRTFNL2JIY29GS2hRSnVwUWpMTDVqaFk3QzAwbmZZSm80WGxBNVE5NGU2QlB3Z2xOSmtBcFFGSkRSS1RPK24rT04vZlhTY1YvU2dQZURrb3dwSWlOUFdFcGlGeW9abm50eDdIY1kyb1cvbmljU1ZiWGxOdXljR1FmTGlleThGS1JBUjlKRmNFaTBYMkQyMzFzZlpSU3BPM2lsME9teDFNMEVIbStOeDNlWFFLNGNibmRNY280czhEdGJDaHkweE5abnFLVk1USTlsSGdWa08rTHVaL2paMWlzRWZhQWo0dmxtbTJQSFF0RUY4ZjZ4T1M4OWUvZ3Jka3hzY0liQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
637485
content-length
0
expires
0
bidinfo.aspx
bw.scupio.com/adpinline/ Frame B897 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.40774645862445946
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9c81432404f969542d753d4625af0724d0c6d1ee41a7079564246ea4a99c1e8d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 01 Sep 2022 12:53:09 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
1467
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082901&jk=393929793189162&bg=!qqmlqe3NAAaXrHhMt6w7ACkAdvg8WpXFXPt662DMk69PzrlwZzrLJCWsYO9nRdDT6wKV7MskRJGxtQIAAAFLUgAAAAFoAQcKAFz7wxpS0q9IIzj5NScBDP758nd8JuuQHqiCKLgYyPR9Y2AKqogg10phPtMCSYSBCqVpdFJWH7raBW3n5UK_8-bQx0qTImRDvoUalg36q1BZbXmILlndxGB8hxzoLpkCrLTQ7shVn4W3KGSfb3oED1RD_bHHeJHRWLux-E7u9jSxemuLeZwME0wc67vggOePXJ2DuhuxhmWYCHdZX-dPKgITL9tOwdJN0yFDysEk4JSczcnqSpkyn7-w12Lmy98cBHnk7RMMUgY2hoEtpCrYAJ_CTi-zW_qDnACD7r-UwWWqOHmtdmJIV3XUBEEbjW1OQXmAqZ6QckHkP_9l1XObLXtBmhF7qO4LhHUfaqG_IU1A-ghL93yuzc3bW3SXNMhPv7PsJ3Bv2N4LoriqTIE1AAmh2OLvByerxOPc-yiqcAd5I4om1hmb7smlpGGwgg2Db7ZoKz5ui7I8ibFQg2dHGUF4WNwN9OK3AOzQe4HmM0JSGcaNd_kWZL2GbeBw2x3EzZpRK9GvBXDsdbPT_WBRO2IHKW6W4UjNxqSx5DXmvMNZS9dhftR28JGaAQ72U0a_ng50ewS-15t8fUVJAkRy4z7QN0y-gg9yT1YV5jlf-mms5ez_i2DBW-pA1O6UY5z573ZfTPi9NmmW67vJDEp7DT8EcN-mIGFmliKWvlGpa_jSKTqPtcU648oqiCoQC5V85Sw6MzrC2v5PJfQUqZBE2Ka0TSWG4kOJYqU48p6GrWd_T5WBVp7CE2tBev2XjTNyvTwsN605e_yk0ULgc9-o777mpwB5EHCNepIYdGTbi4SbdoTzEYb049AcEIRQ6NUBshi-0awkL6ZrG-JsQkGp-Nu6pvK_v_yNuoRF-2yP6G3_Ja1oSCOgQbO_O2NU8L949EuncIOd5vKIlZYOQCx291coty8tXrGhpUBNkagp7vErGFLaHeUuNSG87vwTTKixKwuK44l4T6ZetvZXUJJTY4K9RAGLbohbcNUZP-Q2z9835qI4aUu-1kl0KkPEo0gvJeXmLclLuugmh-aXdw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.plurk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
ls.html
img.scupio.com/html/ Frame 307B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2816
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 01 Sep 2022 12:06:14 GMT
etag
W/"583295c9-4dc"
expires
Thu, 08 Sep 2022 12:06:14 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-id
34UGzXncppL3jVMXIXNlCDmRrGaLXPgSjMPl1iG4b9CkxpPGqeqjXQ==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame 9B8B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q01BMjAyMjA5MDEyMDUzMDg3MjI4MDg%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEM4VNIF40btmfCTl8O264Tg&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEM4VNIF40btmfCTl8O264Tg&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 12:53:10 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
text/javascript
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEM4VNIF40btmfCTl8O264Tg&google_cver=1&google_ula=3918219,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 7175
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: www.plurk.com
URL: https://www.plurk.com/p/ob9jem
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 01 Sep 2022 12:53:10 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 01 Sep 2022 12:53:10 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame 9B8B 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1662036790381&cd[SBST]=25&cd[PuID]=plurk
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 01 Sep 2022 12:53:10 GMT
/
sync.aralego.com/idSync/ Frame 9B8B 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CMA20220901205308722808
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:10 GMT
connection
close
content-length
35
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 7175 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Thu, 01 Sep 2022 12:53:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40853
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Fri, 02 Sep 2022 00:14:03 GMT
khaos.jpg
token.rubiconproject.com/ Frame 7175 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
sync.php
pixel-apac.rubiconproject.com/exchange/ Frame 7175 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Content-Type
image/gif
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame B897 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:10 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 02 Sep 2022 12:53:10 GMT
syncframe
gum.criteo.com/ Frame 2E96 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.plurk.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 12:53:10 GMT
server
Kestrel
server-processing-duration-in-ticks
1374520
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 2E96
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=2&topUrl=www.plurk.com&bundle=sXwFR19VJTJCOHlKb3ZUNlRITjF3cVZJbUY5RkolMkZrM2JsSDg4bEt5Z1hISk0zZU1vaFh...
  • https://mug.criteo.com/sid?cpp=-CSbU3xqUjBLOVE0dXhMUWdTYUd1RnMrSHp6UVl2VmlXWnNRc09GWHNkSUtGWDl3TG15a2JlWVV5VFFiaWl3KzhJcEZKZ2liWWYzRDlPUklLTko1QmhvL08wekJhWGNTYldsVWZ4aHdtK1cwbkt1U0xXTWlaQWVqMU1CdG...
422 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-CSbU3xqUjBLOVE0dXhMUWdTYUd1RnMrSHp6UVl2VmlXWnNRc09GWHNkSUtGWDl3TG15a2JlWVV5VFFiaWl3KzhJcEZKZ2liWWYzRDlPUklLTko1QmhvL08wekJhWGNTYldsVWZ4aHdtK1cwbkt1U0xXTWlaQWVqMU1CdGxVRjk2VkRkS1NseE1kL2lYU0NVYjZQL1hmR2YvTmtwbC8zRFpIbCttN2d3NHBwekQwRGJqZzc4MWlPTnJocng4ZkVoQkptVFE1ajh2dERCdWpqMGpBZStCTy9Kd2c0UmtOZmppWU1IcHpMdGZ0bFhQdTJjRmppamUwVXVzR2hPQm5EUC8zeCtKamxYWXlCTGNMalJoYTN6d0d1V0N2cDN4cDN4SFJPT3RuSWNrSWhZazV2RT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2b7cc6e8097231ed5f8980ee8b6a9f83861a7b3e2d7fe46345ed41cc8223c4b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:10 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2859619
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:10 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=-CSbU3xqUjBLOVE0dXhMUWdTYUd1RnMrSHp6UVl2VmlXWnNRc09GWHNkSUtGWDl3TG15a2JlWVV5VFFiaWl3KzhJcEZKZ2liWWYzRDlPUklLTko1QmhvL08wekJhWGNTYldsVWZ4aHdtK1cwbkt1U0xXTWlaQWVqMU1CdGxVRjk2VkRkS1NseE1kL2lYU0NVYjZQL1hmR2YvTmtwbC8zRFpIbCttN2d3NHBwekQwRGJqZzc4MWlPTnJocng4ZkVoQkptVFE1ajh2dERCdWpqMGpBZStCTy9Kd2c0UmtOZmppWU1IcHpMdGZ0bFhQdTJjRmppamUwVXVzR2hPQm5EUC8zeCtKamxYWXlCTGNMalJoYTN6d0d1V0N2cDN4cDN4SFJPT3RuSWNrSWhZazV2RT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
699339
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 01 Sep 2022 12:53:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
282610
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 866C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=awlsenxwYlBvL1ZXdGphZnVaMmNaaW1OVG05QUc0dTZweVVZbVZobENFL0lFVG1RN3N6a0J4RDlwcDlMajZzd2g5dlFLZlovdVlwV0xOc3JySkpBTFNXZTVpcXVXYy9FbXJMOURkenpOOHVoWU9FdlRtR2pvcXBzYnRqdT...
404 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=awlsenxwYlBvL1ZXdGphZnVaMmNaaW1OVG05QUc0dTZweVVZbVZobENFL0lFVG1RN3N6a0J4RDlwcDlMajZzd2g5dlFLZlovdVlwV0xOc3JySkpBTFNXZTVpcXVXYy9FbXJMOURkenpOOHVoWU9FdlRtR2pvcXBzYnRqdTFRR1VtRGdxamQxKzhTUCsyK2haMzJ5cWFzVU53K2dvbXRWcWVLWUJ1b29BK3pvTExlYUJiRkJ1TTNvdDE3RUpkUUdkejQ1R3FLV203bGVyOStKanp5VDJsS3ZUT2FlRVFwOE1MNStWWktTdUpCaGZqODFObmdxUVFzeGlyVE95VlJ1dW0zRFNKT1J6WXNXdVVKUVZNMkpHQXl3dUhGSmFDMXZQbkZrOUNib2FyT3lPMW0vYz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
884bdfd5d83941ca75f6643c2f2e44ddeacaa6c5264d07e3a017b7747b381abe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:11 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1911862
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:11 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=awlsenxwYlBvL1ZXdGphZnVaMmNaaW1OVG05QUc0dTZweVVZbVZobENFL0lFVG1RN3N6a0J4RDlwcDlMajZzd2g5dlFLZlovdVlwV0xOc3JySkpBTFNXZTVpcXVXYy9FbXJMOURkenpOOHVoWU9FdlRtR2pvcXBzYnRqdTFRR1VtRGdxamQxKzhTUCsyK2haMzJ5cWFzVU53K2dvbXRWcWVLWUJ1b29BK3pvTExlYUJiRkJ1TTNvdDE3RUpkUUdkejQ1R3FLV203bGVyOStKanp5VDJsS3ZUT2FlRVFwOE1MNStWWktTdUpCaGZqODFObmdxUVFzeGlyVE95VlJ1dW0zRFNKT1J6WXNXdVVKUVZNMkpHQXl3dUhGSmFDMXZQbkZrOUNib2FyT3lPMW0vYz18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
508129
content-length
0
expires
0
idSync
sync.aralego.com/ Frame 866C 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:12 GMT
connection
close
content-length
35
content-type
image/gif
cm
c.holmesmind.com/ Frame 866C
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Protocol
H3
Server
35.201.76.93 -, , ASN (),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:12 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Thu, 01 Sep 2022 12:53:12 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=awlsenxwYlBvL1ZXdGphZnVaMmNaaW1OVG05QUc0dTZweVVZbVZobENFL0lFVG1RN3N6a0J4RDlwcDlMajZzd2g5dlFLZlovdVlwV0xOc3JySkpBTFNXZTVpcXVXYy9FbXJMOURkenpOOHVoWU9FdlRtR2pvcXBzYnRqdTFRR1VtRGdxamQxKzhTUCsyK2haMzJ5cWFzVU53K2dvbXRWcWVLWUJ1b29BK3pvTExlYUJiRkJ1TTNvdDE3RUpkUUdkejQ1R3FLV203bGVyOStKanp5VDJsS3ZUT2FlRVFwOE1MNStWWktTdUpCaGZqODFObmdxUVFzeGlyVE95VlJ1dW0zRFNKT1J6WXNXdVVKUVZNMkpHQXl3dUhGSmFDMXZQbkZrOUNib2FyT3lPMW0vYz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 01 Sep 2022 12:53:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
541361
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 01 Sep 2022 12:53:12 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
551089
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame B897
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.plurk.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=tnE2T3xkWkprQ1dNaUlqNkV2bUVlQ0E0cEQvS2cwdEQ4aU9xSWV6UVRQUk13aHpMUDZveUJzRHhtM3pzWEkxb24xSFhvSU5ER3l2eXhBdFRlNlVpbkF5SFJubUd1UVd3bmdXckwrdk1ObkJ3Mk1wdDhoYTZNUEJaSmdIb2...
414 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tnE2T3xkWkprQ1dNaUlqNkV2bUVlQ0E0cEQvS2cwdEQ4aU9xSWV6UVRQUk13aHpMUDZveUJzRHhtM3pzWEkxb24xSFhvSU5ER3l2eXhBdFRlNlVpbkF5SFJubUd1UVd3bmdXckwrdk1ObkJ3Mk1wdDhoYTZNUEJaSmdIb21URnllMjcwaW1ZM2dFdnhXdEpqRytPY202dHpnWVNoYjg5OC9Ud1g2MEVQejV1cksxendIYzJ5eWh2ZTVydnhPMGN1bkw1b0hyQlpGa3ZyQTRRN00ybmgzZ0piN0ltdXdBdTNSYWY5NmNpbStBbFlpMUNHMHdlRkk5Y2llSVlrVmU4ZnYxajJCcHZxRW1mTk9zYm9IU05VNStSOWZNZUVtS0xJSS96NHM0dHhqbVBuVVU0QT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0916738045b765c065e81ce122336cd6dd7fad93ce2978a4ae4c29e63d725208
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:12 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1958164
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 01 Sep 2022 12:53:12 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=tnE2T3xkWkprQ1dNaUlqNkV2bUVlQ0E0cEQvS2cwdEQ4aU9xSWV6UVRQUk13aHpMUDZveUJzRHhtM3pzWEkxb24xSFhvSU5ER3l2eXhBdFRlNlVpbkF5SFJubUd1UVd3bmdXckwrdk1ObkJ3Mk1wdDhoYTZNUEJaSmdIb21URnllMjcwaW1ZM2dFdnhXdEpqRytPY202dHpnWVNoYjg5OC9Ud1g2MEVQejV1cksxendIYzJ5eWh2ZTVydnhPMGN1bkw1b0hyQlpGa3ZyQTRRN00ybmgzZ0piN0ltdXdBdTNSYWY5NmNpbStBbFlpMUNHMHdlRkk5Y2llSVlrVmU4ZnYxajJCcHZxRW1mTk9zYm9IU05VNStSOWZNZUVtS0xJSS96NHM0dHhqbVBuVVU0QT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
489434
content-length
0
expires
0
idSync
sync.aralego.com/ Frame B897 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:13 GMT
connection
close
content-length
35
content-type
image/gif
cm
c.holmesmind.com/ Frame B897 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 -, , ASN (),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:53:13 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tnE2T3xkWkprQ1dNaUlqNkV2bUVlQ0E0cEQvS2cwdEQ4aU9xSWV6UVRQUk13aHpMUDZveUJzRHhtM3pzWEkxb24xSFhvSU5ER3l2eXhBdFRlNlVpbkF5SFJubUd1UVd3bmdXckwrdk1ObkJ3Mk1wdDhoYTZNUEJaSmdIb21URnllMjcwaW1ZM2dFdnhXdEpqRytPY202dHpnWVNoYjg5OC9Ud1g2MEVQejV1cksxendIYzJ5eWh2ZTVydnhPMGN1bkw1b0hyQlpGa3ZyQTRRN00ybmgzZ0piN0ltdXdBdTNSYWY5NmNpbStBbFlpMUNHMHdlRkk5Y2llSVlrVmU4ZnYxajJCcHZxRW1mTk9zYm9IU05VNStSOWZNZUVtS0xJSS96NHM0dHhqbVBuVVU0QT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 01 Sep 2022 12:53:12 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
550745
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackChunkpmd_name_ function| gettext function| _ function| ngettext function| format object| _i18n object| pmd function| $ function| jQuery function| setImmediate function| clearImmediate function| swal function| sweetAlert object| Handlebars function| $bu_getBrowser object| __translation function| _gaq_push function| $static_path function| $theme_path object| GLOBAL string| GoogleAnalyticsObject function| ga string| LANG object| Languages object| regeneratorRuntime object| Cal function| protocolRelative function| cookieCapping function| formatDate function| ensureDateField function| getBody function| shuffle function| renderHTML function| ensureProperHTML object| CLIQUES_DEFAULT object| CLIQUES_DEFAULT_TRANS object| EventsManager function| FeatureManager object| Features object| BroadcastStation object| Users object| SiteState object| HistoryManager function| copyTextToClipboard number| _popWindowCount number| _popWindowLayers object| _popWindows function| InfoOverlay object| FriendFanEditor function| FriendsSelectList function| UserComplete object| TopBar object| NotificationList function| PopView function| HoverPopView function| AddHoverToolTip function| PopWindow object| OpenX object| Themes object| LANG_QUAL function| PlurkPoster object| EmoticonStatic object| EmoticonCustom object| EmoticonSelector object| PlurkAdder function| ShareControl function| PrivateOptions object| PlurksManager object| ResponsesManager object| Media object| pollManager object| PlurkElement function| PlurkEditor function| TimelineHolderLayout function| HorizontalTimelineHolderLayout function| VerticalTimelineHolderLayout function| PlurkTimelineHolder object| _typingResponses function| ResponsesHolder object| PrivatePlurking function| BookmarkEditor function| TagsSelectList function| TagComplete object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| Scupioads object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| hasOwnProperty object| scupiosdk object| plurk object| __cfBeacon object| _buorgres object| annoplurk object| tl_banana object| tl_native function| PlurkTimeline object| cbox object| gaplugins object| gaData object| GoogleGcLKhOms object| google_image_requests

25 Cookies

Domain/Path Name / Value
.plurk.com/ Name: plurkcookiea
Value: "jNfoY+hizBbvtk/Nfy/nIdkUF7MvRfh8Vl1YWu0juUQ=?from_url=Ii9wL29iOWplbSI=&invitation_from_uid=MTQ1MjE1NTE="
.plurk.com/ Name: _ga
Value: GA1.2.15015758.1662036788
.plurk.com/ Name: _gid
Value: GA1.2.2115613520.1662036788
.plurk.com/ Name: _gat
Value: 1
.plurk.com/ Name: __gads
Value: ID=25b5a49c9f54babf-22eaae330fce0000:T=1662036787:S=ALNI_MYCcKI1xlzpB6i8ufjyp_5O7za4MA
.doubleclick.net/ Name: IDE
Value: AHWqTUkyiu_T4tsJzYiH8SwmtUuHLHWePmjQpW5nJfXml-oe0x_Dia-d3BOIaAAW7Kc
.casalemedia.com/ Name: CMID
Value: YxCrNCn2nmsd.C11U7WmpgAA
.casalemedia.com/ Name: CMPS
Value: 5155
.casalemedia.com/ Name: CMPRO
Value: 5155
.adnxs.com/ Name: uuid2
Value: 7670652989019109734
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Il_>%^:n!@wnfH8K6pQK`!5=E<*L5?%M3dW'0J5+-`u24'xI0u^9xg0f(iC!yoe9WrDC*bpRz*qF1`*b_Bx*/Kuo
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 80f2b01904abb173
.c.appier.net/ Name: _auid
Value: IpiobK12CAyNi5IVNKsQYw
.casalemedia.com/ Name: CMTS
Value: 5178
.retailads.net/ Name: ppb2172
Value: 1572569234
.futalis.de/ Name: raSIDb
Value: 1572569234
pb.media01.eu/ Name: ASP.NET_SessionId
Value: 5lyjkbqdxqjn3ukijqxivfoy
pb.media01.eu/ Name: DTU
Value: 50054CFF6E4A35A8C5F17C868E3A5978
.scupio.com/ Name: OrgKeyValue
Value: CMA20220901205308722808
.criteo.com/ Name: uid
Value: fe2205f1-3684-4f18-88eb-ee8c7d9a2d3a
.scupio.com/ Name: gx
Value: H4sIALYbEWMA%2fxNmYGDg4ubYN%2f3M2XsdbdYCrEIsHPYCTACdKBApFwAAAA%3d%3d
.scupio.com/ Name: fxc
Value: 1
.aralego.com/ Name: gdpr
Value: 1
.aralego.com/ Name: sspid
Value: 341ed174-bd5c-359d-8448-c1a71dffaad9
.scupio.com/ Name: gxc
Value: 1

9 Console Messages

Source Level URL
Text
other warning URL: https://www.plurk.com/p/ob9jem
Message:
A preload for 'https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js' is found, but is not used due to an integrity mismatch.
other warning URL: https://www.plurk.com/p/ob9jem(Line 1)
Message:
A preload for 'https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css' is found, but is not used due to an integrity mismatch.
javascript warning URL: https://s.plurk.com/495af0539345c435a779.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/tag/js/gpt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://s.plurk.com/495af0539345c435a779.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/tag/js/gpt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069224, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082901.js?cb=31069224, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://www.plurk.com/p/ob9jem
Message:
The resource https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.plurk.com/p/ob9jem
Message:
The resource https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6905d107589a21ffae0603390bf420c4.safeframe.googlesyndication.com
ad-server.eu
ad.holmesmind.com
ad2.apx.appier.net
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
assets.plurk.com
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
cdn.retailads.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900030.redintelligence.net
hb.aralego.com
ib.adnxs.com
img.scupio.com
imgs.plurk.com
mug.criteo.com
pagead2.googlesyndication.com
pb.media01.eu
pixel-apac.rubiconproject.com
prebid-asia.creativecdn.com
prebid.scupio.com
pv.medialead.de
rec.scupio.com
s.plurk.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.aralego.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.plurk.com
103.132.192.30
104.18.18.126
13.32.99.7
136.243.149.243
139.162.58.205
142.250.185.226
144.76.91.199
145.239.193.130
162.210.196.208
167.233.14.134
178.250.0.157
178.250.2.131
18.66.147.44
185.89.210.20
210.59.219.175
210.59.219.180
210.59.219.181
23.205.235.133
2606:4700:440e::6812:2fe6
2606:4700::6810:dd13
2606:4700::6811:113c
2606:4700::6811:190e
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:828::2001
2a00:1450:4001:829::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
2a00:1450:400e:80c::200a
2a01:4f8:d0a:2321::2
2a02:2638:1::13
2a02:2638::3
2a03:2880:f12d:181:face:b00c:0:25de
2a0b:4d07:401::1
3.11.195.34
34.96.119.68
35.201.76.93
35.78.141.198
52.56.221.73
54.76.176.197
65.9.66.110
69.173.144.138
69.173.158.64
88.198.250.30
92.123.9.160
002885d15671018d6cbea9225dc9ece35a412108c16c533924d127bcc8e8bfdf
0387af5d15c0c58b15fb8abadce6af5cb206968ff91f7e502c10c3232e5b6889
08d8de7971dcdb7c65bbf059c51f67330cfd4b190c13e9990152144744545f82
0916738045b765c065e81ce122336cd6dd7fad93ce2978a4ae4c29e63d725208
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1a4e4cd4b7f6d3263476d502e570ac4e498ff04748f9b538466429b41a3dc3
0f596ea866e2b183792b33f3e44268db49d404e5f7e5879562e593a6eca1f8f5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15338805e3e31a4a132759997796f1a4ac6836eb1c095a4c0d52c4159dac6368
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1643007a857a11ec4b8dfc6b94790225b34a65e522cc78f4a9175de0f6d0f3d6
1b98ba65804117309185fd18cda5608fa31f342b3c626715722721ebc93f4231
1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661
1e7d43630a261b51e2a419b892c4fa8aed22dcbc1cfc7e5f8a575771d5fbe67c
1fc4e11a1589d2800482409836d332bd70aa39a1094fc8d738660dcaf890455a
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
27ccb5d582e13a4bb51ac4e0386f2c29dc8e90ab2d5d4ba1f655d949c6e384a9
27da3756018ae05b269754ebd953626726286c2b6545a8119aa95f2442d0491e
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2b7cc6e8097231ed5f8980ee8b6a9f83861a7b3e2d7fe46345ed41cc8223c4b6
2dc9a1c2111185e85b712bba38d54be78740cc9ae1a128a0a8393e37767d81ae
3171eac423f4c20884352b6f5c97fbf2e58661b17d7dc96b45b7447da44c8b8c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43771081fe0908d9be14a6e38ad59a6e25ccc454e3cd1eb18d67e7e247c6ae98
47a20e81ebd7dbf6e6b87e350b031dfbaaa06b15e4137b6e2aa1dba7ae2b2b34
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
51c423ebba9e0a0d4bc646cf9c54b705f677b1a7f3e085c3575dc753bb9b1f1f
54398c5caecfa6770438fb665f6fa847664560dc67b0f334ea25f9f8aa2e293e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6459304624b5d6a6c1bcfe58c1192be251ee35d3d2b6a320445e84502849928e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
679e26b40ef050634430e94114a23ac6a9e625385955aee7b0590f323c60df4d
67edf6b4b3c2327acbfed9d9381285ab7619d3179275b08620248aea15da0687
6a872092091ce6d690c6d641aea3a90d1bab7cf9ba113b3a66ec95043182037b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c73f428ace68329e7a9555184802e5b62ecd72ac1ee270bf9b8f53dd3c2ef6d
72de2bd2a4285a1f136569643574404489cb379b916ffb5b47b2b17af7c6b443
7580d50a5ba36e70c36ba6e0f1c35b40d8a5319b64e9210c77997ec729f70624
80f8c60acea782444c41fac597dca5d5172b5eb16b2588577d20c26737929004
8328e713bc7dd608b369bf7f779fc7f4b632e45bb7ea1b7592d6305acc402b7e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8530a1cc2f5eea1961414e2f95e909f4326f3383376aefb8664c344c44ca6930
884bdfd5d83941ca75f6643c2f2e44ddeacaa6c5264d07e3a017b7747b381abe
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ff5afc613108361a2a48f39142a556908bbf27efb5789e20a358ab8f544076f
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91932fa536b235582114c91ac5eb987f883e630d8183949ab12cf1327bc30938
929eae34b486d82f772a9a30fcd059a99926fabb95b734c82f4ed708feb6816b
938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
949c4aa2fe31014abfcc939e32c6c9c27ec1c8711c1a4abcd5cf953dda19d6bd
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
998f7df25fbb5d70e111ac9197abcf70efec826fe0da4504b16ba8808af0aea5
9c81432404f969542d753d4625af0724d0c6d1ee41a7079564246ea4a99c1e8d
9de001d0d85ea06a1538d20894999d70408d9f7380479841c56516ec4f5b91ee
9fd5ec7f5b99890f907f401505fa3dbfb2393bd9a7a66ea315a5e356bdf36985
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bf152ec4f3386cf9ee04e912013cd1a78692834e80081dfb5bc8936164585c4c
bfd0b5726e1ebb44c138c17360e3f3ec43f3701be2d933ed36ce8822cbc57227
bfe4f0e5444dcf2a6fad52cc77813fcddc6d36a2b3fd4cb861c73cf8b7496e9c
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c5c62e6c67ef7f70f91831fed0d21b6566a10247e8535bc1ffb8aab6f1e6cb2d
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d313ec409b68d3855cf0cef8a20f8c580b5fc1ed05daa8889860dbe4d004c5c8
d5c6c689bbde21b52922430d4a371e4897a0937daca6caf38213f6fafa6cda92
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51a7e6710418fa43758820b5791171303d7e460a69ba4b5b849119aff4e1054
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
ee2d9a022695360ae6503ca37eb953d322a577e69a88d031174ce948e6c31c24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0218e55b8d93ed70a588a95b79263fa8c166380d70364aa5ceb763177c42949
f641ad0c0e2731c3ab3eaabdfd3699fa311335b36cd38285a4a7e5fd41f8a896
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c
f96466ebb04e9e9fbf8ef62455458168b2190722dd98880c936fa4d8f40eee34
fa08cb642b02869cdd89ab7d88c36e6419e46d4f92af2b2feb0068ac8b7c050c
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505