urlscan.io logo urlscan.io
SecurityTrails logo

hilight.kapook.com Open in urlscan Pro
27.254.43.243  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3g77Y89
Effective URL: https://hilight.kapook.com/view/154646
Submission: On January 31 via manual from TH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 91 IPs in 14 countries across 68 domains to perform 425 HTTP transactions. The main IP is 27.254.43.243, located in Thailand and belongs to CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH. The main domain is hilight.kapook.com. The Cisco Umbrella rank of the primary domain is 155580.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 16th 2020. Valid for: 2 years.
This is the only time hilight.kapook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 1 54.236.80.213 14618 (AMAZON-AES)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
5 27.254.43.243 9891 (CSLOX-IDC...)
96 27.254.43.242 9891 (CSLOX-IDC...)
3 2a00:1450:400... 15169 (GOOGLE)
5 202.183.165.226 9891 (CSLOX-IDC...)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.222.214.19 16509 (AMAZON-02)
1 12 2a03:2880:f22... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
7 184.30.24.198 16625 (AKAMAI-AS)
4 2a03:2880:f02... 32934 (FACEBOOK)
2 178.79.242.181 22822 (LLNW)
4 2a00:1450:400... 15169 (GOOGLE)
2 203.154.91.10 4618 (INET-TH-A...)
4 2600:9000:224... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
9 2a00:1450:400... 15169 (GOOGLE)
2 5 2a03:2880:f12... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
17 52.222.214.20 16509 (AMAZON-02)
8 36 142.250.184.226 15169 (GOOGLE)
3 104.111.224.62 16625 (AKAMAI-AS)
1 27.254.43.245 9891 (CSLOX-IDC...)
2 2a00:1450:400... 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
1 188.65.124.58 41690 (DAILYMOTI...)
1 188.65.124.90 41690 (DAILYMOTI...)
1 85.202.161.8 7489 (HOSTUS-GL...)
1 204.237.133.116 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a03:2880:f01... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 43.134.100.94 132203 (TENCENT-N...)
1 2a03:2880:f00... 32934 (FACEBOOK)
3 2a03:2880:f04... 32934 (FACEBOOK)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 87.240.190.78 47541 (VKONTAKTE...)
1 217.20.155.208 47764 (MAILRU-AS...)
1 2607:f8b0:402... 15169 (GOOGLE)
3 2a03:2880:f24... 32934 (FACEBOOK)
1 2a03:2880:f20... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 119.81.183.209 36351 (SOFTLAYER)
1 195.161.16.148 8342 (RTCOMM-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
8 23.106.249.95 59253 (LEASEWEB-...)
3 4 37.157.5.142 198622 (ADFORM)
2 2 213.155.156.180 1299 (TWELVE99 ...)
5 104.36.113.17 62713 (AS-PUBMATIC)
3 7 185.29.132.245 30419 (MEDIAMATH...)
10 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
3 3 151.101.66.49 54113 (FASTLY)
1 1 34.237.23.137 14618 (AMAZON-AES)
1 1 23.88.75.188 24940 (HETZNER-AS)
2 104.36.113.24 62713 (AS-PUBMATIC)
3 3 141.94.170.64 16276 (OVH)
4 6 15.197.193.217 16509 (AMAZON-02)
2 2 52.208.103.128 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 169.50.137.182 36351 (SOFTLAYER)
2 2 37.252.172.38 29990 (ASN-APPNEX)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
3 3 18.194.122.86 16509 (AMAZON-02)
1 1 51.68.39.188 16276 (OVH)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 27.254.43.241 9891 (CSLOX-IDC...)
2 31.220.27.134 39572 (ADVANCEDH...)
1 83.222.114.187 42632 (MNOGOBYTE...)
1 81.222.128.214 20597 (ELTEL-AS)
1 146.185.195.94 50340 (SELECTEL-MSK)
4 2.19.35.65 16625 (AKAMAI-AS)
1 185.64.190.75 62713 (AS-PUBMATIC)
4 2602:803:c003... 26667 (RUBICONPR...)
18 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 141.95.34.105 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
1 52.209.129.133 16509 (AMAZON-02)
3 185.29.134.249 30419 (MEDIAMATH...)
4 2602:803:c003... 26667 (RUBICONPR...)
8 104.92.74.8 16625 (AKAMAI-AS)
1 2.21.141.175 16625 (AKAMAI-AS)
1 136.243.149.243 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
1 4 116.202.48.214 24940 (HETZNER-AS)
1 35.244.174.68 15169 (GOOGLE)
4 8.39.36.142 26667 (RUBICONPR...)
3 3 8.39.36.141 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 54.76.176.197 16509 (AMAZON-02)
1 54.36.108.3 16276 (OVH)
3 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
1 198.47.127.20 62713 (AS-PUBMATIC)
1 185.64.189.226 62713 (AS-PUBMATIC)
2 202.183.165.85 9891 (CSLOX-IDC...)
425 91
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    54.236.80.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-80-213.compute-1.amazonaws.com
ir.shareaholic.com
1    2606:4700:20::681a:c04 (United States)

ASN13335 (CLOUDFLARENET, US)
ffe35e.dwerls.eu.org
5    27.254.43.243 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
hilight.kapook.com
96    27.254.43.242 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
my.kapook.com
www.kapook.com
api-center.kapook.com
i.kapook.com
3    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    202.183.165.226 (Bangkok, Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
PTR: p352-nasbkkST3.C.csloxinfo.net
cdn.thelead.tech
connect.thelead.tech
9    2606:4700:10::6816:4e7b (United States)

ASN13335 (CLOUDFLARENET, US)
code.th.giraff.io
cdn.th.giraff.io
1    52.222.214.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-19.fra56.r.cloudfront.net
pubmatic.mainroll.com
12    2a03:2880:f22d:1e6:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
7    184.30.24.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
vpaid.pubmatic.com
4    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    178.79.242.181 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net
api.dmcdn.net
4    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    203.154.91.10 (Ban Bang Yang, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-91-10.inter.net.th
lvs.truehits.in.th
4    2600:9000:224a:a000:1d:47ad:2280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.bluebillywig.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
9    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
17    52.222.214.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-20.fra56.r.cloudfront.net
stats.mainroll.com
36    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
3    104.111.224.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-62.deploy.static.akamaitechnologies.com
ssl-avd.innity.net
avd.innity.net
1    27.254.43.245 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
cacheportal.kapook.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
29    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
adservice.google.de
1    188.65.124.58 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed1.dm.gg
pebed.dm-event.net
1    188.65.124.90 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com
api.pxl.dailymotion.com
1    85.202.161.8 (Rovigo, Italy)

ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK)
PTR: 85.202.161.8.adnuntius.com
delivery.adnuntius.com
1    204.237.133.116 (Philadelphia, United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
6    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    43.134.100.94 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
data.th.giraff.io
1    2a03:2880:f006:21:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
scontent-amt2-1.xx.fbcdn.net
3    2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
scontent-ams4-1.xx.fbcdn.net
2    2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
1    87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-190-240-87.vk.com
vk.com
1    217.20.155.208 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip208.155.odnoklassniki.ru
connect.ok.ru
1    2607:f8b0:4023:1404::5e (Columbus, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
3    2a03:2880:f245:ca:face:b00c:0:43fe (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
scontent-ams4-1.cdninstagram.com
1    2a03:2880:f206:c4:face:b00c:0:43fe (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
scontent-amt2-1.cdninstagram.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
6    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
cb8d1f4986f623ba0acd23f7d05df274.safeframe.googlesyndication.com
675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com
4949fd248cb1b5b9b5af33da392e16d8.safeframe.googlesyndication.com
3    119.81.183.209 (Central, Hong Kong)

ASN36351 (SOFTLAYER, US)
PTR: d1.b7.5177.ip4.static.sl-reverse.com
avd.innity.com
1    195.161.16.148 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
a.giraff.io
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
8    23.106.249.95 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
a.th.giraff.io
4    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.180 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com
d5p.de17a.com
5    104.36.113.17 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
7    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
10    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.237.23.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-23-137.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    23.88.75.188 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de
csync.loopme.me
2    104.36.113.24 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-7.cloudy.ovh
pixel.onaudience.com
6    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    2a05:d018:d29:3602:5ce0:1e2e:863d:4da1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    18.194.122.86 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-122-86.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    27.254.43.241 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
cms.kapook.com
2    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    83.222.114.187 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
1    81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru
ssp.adriver.ru
1    146.185.195.94 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel23.imcmdb.net
stat.media
4    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
1    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
4    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
smarttag.rubiconproject.com
18    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    141.95.34.105 (France)

ASN16276 (OVH, FR)
PTR: p34.id5-sync.com
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    52.209.129.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
3    185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
4    2602:803:c003:200::77 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
8    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2.21.141.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-175.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
1    136.243.149.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de
hal9000.redintelligence.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
4    116.202.48.214 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de
hal900013.redintelligence.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
1    54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu
cdn.contentspread.net
3    2a02:26f0:f7::5c7b:e051 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
1    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
2    202.183.165.85 (Bangkok, Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
PTR: p211-nasbkkST3.C.csloxinfo.net
s359.kapook.com
Apex Domain
Subdomains		 Transfer
105 kapook.com
hilight.kapook.com — Cisco Umbrella Rank: 155580
my.kapook.com — Cisco Umbrella Rank: 152217
www.kapook.com — Cisco Umbrella Rank: 165668
cacheportal.kapook.com — Cisco Umbrella Rank: 177964
api-center.kapook.com — Cisco Umbrella Rank: 212498
cms.kapook.com — Cisco Umbrella Rank: 197315
i.kapook.com — Cisco Umbrella Rank: 290071
s359.kapook.com — Cisco Umbrella Rank: 184326
1 MB
45 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
cb8d1f4986f623ba0acd23f7d05df274.safeframe.googlesyndication.com
675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com
4949fd248cb1b5b9b5af33da392e16d8.safeframe.googlesyndication.com
197 KB
37 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
655 KB
30 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 473
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
vpaid.pubmatic.com — Cisco Umbrella Rank: 5222
image6.pubmatic.com — Cisco Umbrella Rank: 595
image2.pubmatic.com — Cisco Umbrella Rank: 1032
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image4.pubmatic.com — Cisco Umbrella Rank: 848
vid.pubmatic.com — Cisco Umbrella Rank: 7994
aktrack.pubmatic.com — Cisco Umbrella Rank: 924 Failed
simage4.pubmatic.com — Cisco Umbrella Rank: 1179
t.pubmatic.com — Cisco Umbrella Rank: 4653
203 KB
27 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2482
smarttag.rubiconproject.com — Cisco Umbrella Rank: 10721
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10534
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
token.rubiconproject.com — Cisco Umbrella Rank: 689
88 KB
20 giraff.io
code.th.giraff.io — Cisco Umbrella Rank: 63100
data.th.giraff.io — Cisco Umbrella Rank: 60069
a.giraff.io — Cisco Umbrella Rank: 56171
a.th.giraff.io — Cisco Umbrella Rank: 70711
cdn.th.giraff.io — Cisco Umbrella Rank: 64822
160 KB
18 mainroll.com
pubmatic.mainroll.com — Cisco Umbrella Rank: 120921
stats.mainroll.com — Cisco Umbrella Rank: 28331
31 KB
13 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 639
scontent-amt2-1.xx.fbcdn.net — Cisco Umbrella Rank: 12141
scontent-ams4-1.xx.fbcdn.net — Cisco Umbrella Rank: 12636
770 KB
12 instagram.com
www.instagram.com — Cisco Umbrella Rank: 1105
platform.instagram.com Failed
473 KB
11 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
tags.mathtag.com — Cisco Umbrella Rank: 3608
pixel.mathtag.com — Cisco Umbrella Rank: 1240
7 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
4 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
326 KB
7 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
graph.facebook.com — Cisco Umbrella Rank: 117
35 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
3 KB
6 gstatic.com
fonts.gstatic.com
csi.gstatic.com
www.gstatic.com
45 KB
5 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 32669
hal900013.redintelligence.net — Cisco Umbrella Rank: 317735
8 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
ads.yahoo.com — Cisco Umbrella Rank: 913
3 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5557
adservice.google.de — Cisco Umbrella Rank: 8028
2 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
dis.criteo.com — Cisco Umbrella Rank: 691
2 KB
5 thelead.tech
cdn.thelead.tech — Cisco Umbrella Rank: 82102
connect.thelead.tech — Cisco Umbrella Rank: 85161
13 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
imasdk.googleapis.com — Cisco Umbrella Rank: 418
216 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
2 KB
4 cdninstagram.com
scontent-ams4-1.cdninstagram.com — Cisco Umbrella Rank: 13885
scontent-amt2-1.cdninstagram.com — Cisco Umbrella Rank: 13274
129 KB
4 bluebillywig.com
cdn.bluebillywig.com — Cisco Umbrella Rank: 26363
367 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
54 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
197 KB
3 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1220
188 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
2 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
id.crwdcntrl.net — Cisco Umbrella Rank: 1894
1 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
882 B
3 innity.com
avd.innity.com — Cisco Umbrella Rank: 25770
2 KB
3 innity.net
ssl-avd.innity.net — Cisco Umbrella Rank: 40185
avd.innity.net — Cisco Umbrella Rank: 35033
13 KB
2 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 48812
2 KB
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 812
id.rlcdn.com — Cisco Umbrella Rank: 738
330 B
2 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11367
483 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
2 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
903 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5889
637 B
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
141 KB
2 truehits.in.th
lvs.truehits.in.th — Cisco Umbrella Rank: 43562
10 KB
2 dmcdn.net
api.dmcdn.net — Cisco Umbrella Rank: 24872
20 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 440
9 KB
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 47781
1 KB
1 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 72240
102 KB
1 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 46801
629 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
536 B
1 stat.media
stat.media — Cisco Umbrella Rank: 20469
265 B
1 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 13446
201 B
1 com.ru
rtb.com.ru — Cisco Umbrella Rank: 29732
240 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2987
534 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3523
104 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
518 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3169
489 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 424
542 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
612 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1175
216 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 973
647 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751
501 B
1 ok.ru
connect.ok.ru — Cisco Umbrella Rank: 22099
2 KB
1 vk.com
vk.com — Cisco Umbrella Rank: 5015
479 B
1 adnuntius.com
delivery.adnuntius.com — Cisco Umbrella Rank: 43298
2 KB
1 dailymotion.com
api.pxl.dailymotion.com — Cisco Umbrella Rank: 47035
1 KB
1 dm-event.net
pebed.dm-event.net — Cisco Umbrella Rank: 16831
363 B
1 eu.org
ffe35e.dwerls.eu.org
806 B
1 shareaholic.com
ir.shareaholic.com — Cisco Umbrella Rank: 845083
265 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4192
322 B
0 cookiepix.com Failed
pix.cookiepix.com Failed
425 68
Domain Requested by
52 my.kapook.com hilight.kapook.com
my.kapook.com
39 i.kapook.com securepubads.g.doubleclick.net
675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com
hilight.kapook.com
code.createjs.com
27 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
hilight.kapook.com
smarttag.rubiconproject.com
675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com
21 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
18 tpc.googlesyndication.com 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
17 stats.mainroll.com hilight.kapook.com
12 www.instagram.com 1 redirects hilight.kapook.com
www.instagram.com
10 simage2.pubmatic.com ads.pubmatic.com
9 cm.g.doubleclick.net 8 redirects hilight.kapook.com
9 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
9 www.googletagservices.com hilight.kapook.com
securepubads.g.doubleclick.net
0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com
8 eus.rubiconproject.com smarttag.rubiconproject.com
eus.rubiconproject.com
hilight.kapook.com
8 a.th.giraff.io code.th.giraff.io
7 sync.mathtag.com 3 redirects tags.mathtag.com
sync.mathtag.com
hilight.kapook.com
6 cdn.th.giraff.io hilight.kapook.com
6 match.adsrvr.org 4 redirects ads.pubmatic.com
hilight.kapook.com
6 www.google.com hilight.kapook.com
0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 image2.pubmatic.com ads.pubmatic.com
5 adservice.google.com s0.2mdn.net
securepubads.g.doubleclick.net
5 www.facebook.com 2 redirects hilight.kapook.com
connect.facebook.net
5 ads.pubmatic.com hilight.kapook.com
ads.pubmatic.com
vpaid.pubmatic.com
5 hilight.kapook.com hilight.kapook.com
4 pixel.rubiconproject.com hilight.kapook.com
4 hal900013.redintelligence.net 1 redirects hilight.kapook.com
hal900013.redintelligence.net
4 beacon-ams3.rubiconproject.com smarttag.rubiconproject.com
hilight.kapook.com
4 smarttag.rubiconproject.com ads.rubiconproject.com
4 ads.rubiconproject.com securepubads.g.doubleclick.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 adservice.google.de securepubads.g.doubleclick.net
4 connect.thelead.tech cdn.thelead.tech
4 cdn.bluebillywig.com pubmatic.mainroll.com
cdn.bluebillywig.com
client
4 www.google-analytics.com hilight.kapook.com
www.google-analytics.com
4 connect.facebook.net hilight.kapook.com
connect.facebook.net
3 code.createjs.com securepubads.g.doubleclick.net
675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com
3 token.rubiconproject.com 3 redirects
3 tags.mathtag.com smarttag.rubiconproject.com
tags.mathtag.com
3 www.gstatic.com 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
3 x.bidswitch.net 3 redirects
3 pixel.onaudience.com 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 avd.innity.com avd.innity.net
hilight.kapook.com
3 scontent-ams4-1.cdninstagram.com www.instagram.com
3 scontent-ams4-1.xx.fbcdn.net www.facebook.com
3 www.kapook.com hilight.kapook.com
3 code.th.giraff.io hilight.kapook.com
3 fonts.googleapis.com hilight.kapook.com
0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
my.kapook.com
2 s359.kapook.com
2 pv.medialead.de 2 redirects
2 675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 s.uuidksinc.net hilight.kapook.com
2 ups.analytics.yahoo.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 ib.adnxs.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 api-center.kapook.com my.kapook.com
2 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 avd.innity.net ssl-avd.innity.net
hilight.kapook.com
2 vpaid.pubmatic.com imasdk.googleapis.com
2 graph.facebook.com my.kapook.com
code.th.giraff.io
2 data.th.giraff.io code.th.giraff.io
2 imasdk.googleapis.com s0.2mdn.net
2 s0.2mdn.net cdn.bluebillywig.com
s0.2mdn.net
2 mug.criteo.com hilight.kapook.com
2 gum.criteo.com 1 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 lvs.truehits.in.th hilight.kapook.com
2 api.dmcdn.net hilight.kapook.com
api.dmcdn.net
2 cdn.jsdelivr.net hilight.kapook.com
1 t.pubmatic.com ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 cdn.contentspread.net hal900013.redintelligence.net
1 ad-server.eu hal900013.redintelligence.net
1 pb.media01.eu hal900013.redintelligence.net
1 4949fd248cb1b5b9b5af33da392e16d8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ads.yahoo.com hilight.kapook.com
1 id.rlcdn.com hilight.kapook.com
1 cb8d1f4986f623ba0acd23f7d05df274.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.mathtag.com tags.mathtag.com
1 hal9000.redintelligence.net hilight.kapook.com
1 aktrack.pubmatic.com hilight.kapook.com
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 vid.pubmatic.com vpaid.pubmatic.com
1 stat.media hilight.kapook.com
1 ssp.adriver.ru hilight.kapook.com
1 rtb.com.ru hilight.kapook.com
1 cms.kapook.com hilight.kapook.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 csync.loopme.me 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 a.giraff.io code.th.giraff.io
1 scontent-amt2-1.cdninstagram.com www.instagram.com
1 csi.gstatic.com imasdk.googleapis.com
1 connect.ok.ru code.th.giraff.io
1 vk.com code.th.giraff.io
1 scontent-amt2-1.xx.fbcdn.net www.facebook.com
1 www.google.de hilight.kapook.com
1 stats.g.doubleclick.net www.google-analytics.com
1 hbopenbid.pubmatic.com ads.pubmatic.com
1 delivery.adnuntius.com ads.pubmatic.com
1 api.pxl.dailymotion.com api.dmcdn.net
1 pebed.dm-event.net api.dmcdn.net
1 cacheportal.kapook.com my.kapook.com
1 ssl-avd.innity.net my.kapook.com
1 pubmatic.mainroll.com hilight.kapook.com
1 cdn.thelead.tech hilight.kapook.com
1 ffe35e.dwerls.eu.org 1 redirects
1 ir.shareaholic.com 1 redirects
1 bit.ly 1 redirects
0 pix.cookiepix.com Failed hilight.kapook.com
0 platform.instagram.com Failed hilight.kapook.com
425 124
Subject Issuer Validity Valid
*.kapook.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-16 -
2022-10-18		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
cdn.thelead.tech
R3		 2022-01-24 -
2022-04-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-25 -
2022-10-24		 a year crt.sh
*.mainroll.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-09 -
2022-02-07		 3 months crt.sh
*.dmcdn.net
ZeroSSL RSA Domain Secure Site CA		 2022-01-10 -
2022-04-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
lvs.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2021-09-15 -
2022-10-14		 a year crt.sh
*.bluebillywig.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-11-09 -
2022-02-07		 3 months crt.sh
*.innity.net
DigiCert SHA2 Secure Server CA		 2021-05-12 -
2022-05-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.dm-event.net
ZeroSSL RSA Domain Secure Site CA		 2021-12-15 -
2022-03-15		 3 months crt.sh
api.pxl.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2021-12-30 -
2022-03-30		 3 months crt.sh
ads.adnuntius.delivery
R3		 2022-01-25 -
2022-04-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
connect.thelead.tech
R3		 2022-01-24 -
2022-04-24		 3 months crt.sh
th.giraff.io
R3		 2022-01-21 -
2022-04-21		 3 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.ok.ru
GeoTrust RSA CA 2018		 2021-02-18 -
2022-03-21		 a year crt.sh
*.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-11-09 -
2022-02-07		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-09 -
2022-11-11		 a year crt.sh
giraff.io
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
uuidksinc.net
R3		 2022-01-14 -
2022-04-14		 3 months crt.sh
rtb.com.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-03-01 -
2022-03-07		 a year crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
stat.media
R3		 2021-11-29 -
2022-02-27		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
redintelligence.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
contentspread.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh

This page contains 45 frames:

Primary Page: https://hilight.kapook.com/view/154646
Frame ID: 80C7FDB945B46EC1340B0E05FEE69C12
Requests: 175 HTTP requests in this frame

Frame: https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Frame ID: 456E0BD4E66403301FB3E1BF2CA268DD
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Frame ID: 919979B4AFDFEC08A0466C3B5C3DAEDF
Requests: 14 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 4B353E3B116636EEF52862B427B94377
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8618F3AD4E37E893F97775068A53FBCD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 547C77A5A0E1714DF0ABCFB82904FB4D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 6B14187BD5DF16B233A4FBEA1E9ACBC6
Requests: 5 HTTP requests in this frame

Frame: https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 40C7090EEC310D5EC6BB38316658EFFA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AC68C4358C40696CD8F862BD732A40AC
Requests: 19 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2A29EBF64F56A376B8A9055B7C7E010B
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85
Frame ID: D6BFDD4DC8443914582470C52BAF424E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5549981198087158650
Frame ID: 1B3239EFF9F2A245A4298BAB14C6F63D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6e6061f7-b949-4a00-8a52-c95c38474c22&gdpr=0&gdpr_consent=
Frame ID: C6CCD921E831C0D6E8DB31DD9E8B8970
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 543206B43B81BA8E5278840E6984F4E1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059314664121694357
Frame ID: D53C1B3CB896F3E88057DD7C6AE6FFDF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yfe5SQACqVGINQBB&gdpr=0&gdpr_consent=&_test=Yfe5SQACqVGINQBB
Frame ID: F0C0D07DFEB697882998EC4DC6EBDCFE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ks-iSAfMT0R_lSHsoTbHFrnVm6k
Frame ID: 6B02287DB23FDB0B98F813B6D3525B34
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 950D1A7E8641BF394B45272F74C5054B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn8WawQut6kMjqZo_YpKKnUh6zD8WEqTbZkU9mGrjn7Cev9DY7YXZTTpTzqXS1sIjb8kTZSjcqQTqX5y4_c9QuTYczQ_C8Y03BYBML32wM_dFehJZLI4kdRPmbA0alRy8djeU4ItMwv8djx9Qrmuvfx6sHsDzvK70g15rVd1BFZwQBampil44-BzoRWo6BTJABiHDvboK6qyR43syNdep6iE6insPPLhP2Hta2pHnomUP6XaYKC-54XKF-iBG6iNKYWIyb80WVhmPjAGGdda0HoQfUzQ8BPOdXbOemD9Ni1V0oce7CKHd_0QgeerRrXIDZpTE6PhxpHuu5dvYqG23MXWvxSvbf&sai=AMfl-YT0bEZLd7l7DXWClXwHrILH6gKNdtg_Q-fTbqu7uk142k_eN4WH-LEWSldGlgpQCFtuMcW41gumTPyu69NC1hV90lbtCXAcgMbaEWb9WPypDVbop7FGZpMPBMm9OnNY&sig=Cg0ArKJSzLd-xbQLorW9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A71765D65970BDA2B6967E508578B353
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufdBmDiv5R3WLvw-nr6_IFYH05QE-ZZ0yge9RkYCuKZl-PLcKVNCUj7gqW-ZhfZstj2AJcdaFYol682HOUIr3sBYUfsArHHc8nviIbJ0syrnTRTon3D-5yU8ICVepWQyqxtTwcKX4vclj1-8Su5ytxUtFtMSH1CZ7szsgcJ0xJcj1iraUMNDKJqqpHM-yrJ4QsE-_7qpq7fa8EFq3YcYgNZfj5K1VBy4fzuHnsV5Xkw8EGtLVYLqDPwy6qcbMnyqY5nBXhBuwNNyC0iLQ7dI_ntlSSTBxFBg848YWLO_AZa1SWefVzujxyRZfqfeN_hqCxnCuPa2vALyY&sai=AMfl-YQW6wRW0gZZVIHNoOrOV280D1jHMYbbwdoxaFcPbBNO8uCDRL-Imr9iDsIeaSKEpvpUQ-IA2IdX7dfcf4G_KrkjHY4HNgBbw4hL4ejD_1nSQU3ofcPPGglwZSq7oqZa&sig=Cg0ArKJSzFiR97mewzFdEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2803BF53F7E427EAEF0F8F2E604AB026
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKNha0ZHkK035T2XsNIg6mBlh3zvbNj8OB-cYIEEKf7XeZie31AJShjzqDTKDKYX0T_xF9JAr9EJC95nV-HpK9jJmU1lg13NyxGjTl7RItKkkNpnmbQC8eiytWhYwSsuzwWTcOjCwnHkcXK0NPkbkpODJrDmNqC73iEWSHt9F7OJNrp9zULNn0A-Gnn89pagyPXR9tUT3oJrMGSlEYpRzT8h5u6q-oYp974ARsOit0TDlpDkiT9zNkqUS5o3ktabovzUwFC7-1IZmCUTEtk2LT3W-4gU2fvMGuUJid3JrQkr2CnRKK1SY9O8gT-6bsBIcJIV0&sai=AMfl-YQ4Af4CgdC1pyYwTSAKV_qBX5fKEvmsDQjiBqsXVIMlZtagxmNB2T_mzTO6t5on2kgR-2WKXNjD1PzmbQ_6ADxniVWmNhHeouInhGoN3yz6UNB4MT-sGN-JbXzD53lq&sig=Cg0ArKJSzK_aJqESgM0WEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 366976D33BA0BAFA7E3C4E0FC217882C
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZqIBOgleKgTK11zhpugMYskwv_KFeXukpS_zzV4TVg-pNoCagkN8yZ5qvCxrWaBu58JDiyB3kpK0trmpV31HZG1TFjOB-AtYJMt9ii9GUzj2J54P5dQUW86G3dwc-5fkokvrTFJK7wNBqYSZG1VwvnxCo6HCmhpe3FbUKWNKC4sYyXgdnRTGvQ9KLg5AQG_mmsrVc5n55zHb6OYH9dbxSMN6rzsRtE4E97KdO060oBBBzN0raMnrW-ok6BWSr6ee75jj5HEWHWBrULAaNZZS-ov-SHEpp3WPXze-yf4uHzxQPmLx4omCoGGLnrtxClq89fGNM&sai=AMfl-YT1MMEpcMrppVeNpw0WjB24l0LrMwat9ewIWk5Tsc5H6JHtI4c9W6qUxEQjKX1UAWGp57k4FQbFg5ojTMoJq8-y0LhpfZCw-7PgkW9g1U_cjaxqgCDuQYl24zyfZveU&sig=Cg0ArKJSzO97ivGvA0crEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9A297C199579F4D8DB3D59C04D4759E4
Requests: 16 HTTP requests in this frame

Frame: https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EAA645552DDCF9D1A9C713154D79DC1E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js
Frame ID: DA2CDC3339D3BB629876881A0ECC7E75
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 499A0AD2350AA198A6AEF83AC9018146
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 5835F859A38712ED71C72FDA6590ABDC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 7B70E5E700AE6088FF0D7A77F2B42A7D
Requests: 2 HTTP requests in this frame

Frame: https://cb8d1f4986f623ba0acd23f7d05df274.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4D44A37E5AC49FDB343E62599F92CF20
Requests: 1 HTTP requests in this frame

Frame: https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 91482AFCB77B5FEFA649D245FA24AE49
Requests: 1 HTTP requests in this frame

Frame: https://4949fd248cb1b5b9b5af33da392e16d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 523CE9E6E584EF005A45DB8BE7147F45
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=13359400123598602142767011856013&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 81204EDD64EA614B247306F9D3AA5B3A
Requests: 1 HTTP requests in this frame

Frame: https://hal900013.redintelligence.net/request_content.php?s=13359400123598602142767011856013&a=e7302707
Frame ID: 09143F07D9F66F4F26EEF9F08F8E2FB8
Requests: 5 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=6e6061f7-b949-4a00-8a52-c95c38474c22&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Frame ID: CFC59A7E1D7604FA8157617479D1452C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: DAD87445978CA28EC3406F6B6542A5A6
Requests: 2 HTTP requests in this frame

Frame: https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 65946C6F50BA580F8FAC8B98F9291AF3
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfEr5GUylEwpIt_q6Ms31wpOD0RBntijDChYbgyLAn0m_jBzy0SrTpn44Ha1IkLU7pDTlm8HSpu5u45Q3lZpAT_KU0h4kwrQ5o1BN1Jzzrnnq7jYsiHUc89HJ64zO21FjdYCn_ydg1IiU9k9Es6htKrDigr3BO5PFJQBG0t2JIRNdM5qnZZLn86gIum8s0ce9FWVCXC1gp6FF9nC2Y44bpev0ifVNQpKlF5-xgzTC064qRIAxjvza9vNFaoG0m4OwBV_6fDiBNHwrsK9aACxHgbrzWAPSzCf1o4zpGZ-VdDmlhXzowfw-WrWKQrRFWAtJX3tZmjg&sig=Cg0ArKJSzG_cB3pi9abnEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 01B2791D9D8EB9DF660F66C7CAA94497
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV-HlijSRLQ0oHYB4dx-OUXHCDC9LsQ0msNMH441rmR5mGqba9VRL8j9rmHsN_p1VMO3P_R7lMOJPnv30y91-wMRuj64r4ZOpdSFl6-KhTwBxAnOI1hDv3zJJlZM1tzl8GbNnG-BtXBBhbZ5JwcXd47iY0MozUXvWW1FEBpWINQtr922uGbAQK9dyKHClVTM3IwaHLuJK7eVeMnQj_HBKZCF2iGMtYEdwM_MBOVtCSWfgi3zhpYHF553BgYtwyzU6PPrHFq1uSnVlX_tCcnl6ScVfwyX5n-g_qNZuDUIW3UUFgckFVQ5A4VtcTG4jQXDe5rhemEiiBOdSLPPdTuTUjwQE&sig=Cg0ArKJSzErPeIbwqSDPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7C3A7A241622BA6B9368DE2ADB4F7BD7
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 874445AE6AD2ACE584FAAF6ECFA7E84F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9A929B0F789781FFDA5E3D365A3612D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1CA53D711B7DEE425E6AD5AF6B9CDE27
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35C3AD1C6B7852702BED0EDE09273D89
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F6227249B4EDEA5C72C0D8F9CB4C3C2B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 94C22F07E0E377396A0CFA37E9BF5EEC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C55C6698C475AC4B49BCBEC42AC35C5E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D755108AA327789559B220180B1D59CC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ชิลไปไหมพี่ หนุ่มตัดหญ้าแบบสุดคูล ไม่สะดุ้งสะเทือนแม้มีทอร์นาโดอยู่ข้างหลัง

Page URL History Show full URLs

  1. https://bit.ly/3g77Y89 HTTP 301
    https://ir.shareaholic.com/e?a=1&u=https://ffe35e.dwerls.eu.org/e7e85db9f67&r=1 HTTP 301
    https://ffe35e.dwerls.eu.org/e7e85db9f67 HTTP 302
    https://hilight.kapook.com/view/154646 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • head\.(?:core|load)(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

425
Requests

92 %
HTTPS

35 %
IPv6

68
Domains

124
Subdomains

91
IPs

14
Countries

5739 kB
Transfer

15561 kB
Size

107
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3g77Y89 HTTP 301
    https://ir.shareaholic.com/e?a=1&u=https://ffe35e.dwerls.eu.org/e7e85db9f67&r=1 HTTP 301
    https://ffe35e.dwerls.eu.org/e7e85db9f67 HTTP 302
    https://hilight.kapook.com/view/154646 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Request Chain 59
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhilight.kapook.com%2F&domain=hilight.kapook.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=TMjp2nxUbkZlYVFTbHkzUXVJcXVqQi9WVjY0dno1QnpVcDlUNE9abEUzSlBNUXg4UXpqZHJPYklWYzFycTUxa0k0cUNreUV4d0FMM29TYUJkeDlVbXJmTmxGTWo0aGRxOGx0cW5SM1hrcmJpT0tBTWRpdmE3aElGVmE0dmZZeXdPWnFybHhBMDFua0RLbXgxWDF2UDdsUmdEMEdqbkhIbm9ERmFaMExqUDkwMGtSTEdiMlo2b2Z5Z1VKUmlrMnNmN3NINTlpbkxkUEs1dlBrZENOcEVZVmdXQ2xRY2YzSUtldklaZUJWV0Z0YndQVlBNPXw&cppv=2
Request Chain 84
  • https://www.facebook.com/v2.12/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200 HTTP 302
  • https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200 HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Request Chain 174
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85
Request Chain 175
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5549981198087158650
Request Chain 176
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6e6061f7-b949-4a00-8a52-c95c38474c22&gdpr=0&gdpr_consent=
Request Chain 178
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059314664121694357
Request Chain 179
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yfe5SQACqVGINQBB HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yfe5SQACqVGINQBB&gdpr=0&gdpr_consent=&_test=Yfe5SQACqVGINQBB
Request Chain 180
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ks-iSAfMT0R_lSHsoTbHFrnVm6k
Request Chain 181
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sx0nteK_QrqRzdP5cs9_hQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sx0nteK_QrqRzdP5cs9_hQ%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 183
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d2a661f7-b949-4200-b506-a61bc7fcbe88
Request Chain 184
  • https://pixel.onaudience.com/?partner=214&mapped=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=34ee950f-2228-47b3-817d-39cef14d1b39&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=774fe80c1ee2ac65b8733d0d43cae203 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=aa15d01dad8ca8cf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=588fd5dd-456d-4179-6a50-c69563c03566&reqId=8dde394d-c0f0-43e9-7ba7-e2406478a307&zcluid=aa15d01dad8ca8cf&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEFHZ3edvmG2OHxAwMWNS0y4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=588fd5dd-456d-4179-6a50-c69563c03566&reqId=8dde394d-c0f0-43e9-7ba7-e2406478a307&zcluid=aa15d01dad8ca8cf&zdid=1332
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjMxRDI3QjUtRTJCRi00MkJBLTkxQ0QtRDNGOTcyQ0Y3Rjg1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjMxRDI3QjUtRTJCRi00MkJBLTkxQ0QtRDNGOTcyQ0Y3Rjg1&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGuLMn43DQEJfeDKdy8Tfvg&google_cver=1
Request Chain 188
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6185691236742871475
Request Chain 189
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=34ee950f-2228-47b3-817d-39cef14d1b39
Request Chain 190
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4034703976099959640&gdpr=0&gdpr_consent=
Request Chain 191
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=y-h5cZ_gK3_QuCh_xO0yf8vsKSXQ4Sp1nuFNeD_H
Request Chain 193
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-qxZObjFE2uX2FmLkr_ljHg.uLrGMtLY-~A&gdpr=0&gdpr_consent=
Request Chain 194
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=24fa2d3b-5519-481d-a294-90f1c2076471&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=71bdb9d8-787d-46a1-8ebd-003a2939cef1&expires=1&user_group=5&ssp=pubmatic&bsw_param=24fa2d3b-5519-481d-a294-90f1c2076471 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=24fa2d3b-5519-481d-a294-90f1c2076471&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 195
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3957117121314086987&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 197
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b19b9bfd-2092-4201-a1dd-af70dad85a2a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 271
  • https://hal900013.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=e5464f8714&subid=&uid=e296b497604fdc21&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dc2b97ab49006d969b56403631f0b2a9f485f9d95%26mt_aid%3D6249446289772746442%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D8042410%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_cid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F00722d20-5d60-4bdc-ac2c-0b51dffcda31%2F%26redirect%3D&documentReferer=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&ancestorOrigins=https%3A%2F%2Fhilight.kapook.com&random=715718448509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900013.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=e5464f8714&subid=&uid=e296b497604fdc21&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dc2b97ab49006d969b56403631f0b2a9f485f9d95%26mt_aid%3D6249446289772746442%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D8042410%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_cid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F00722d20-5d60-4bdc-ac2c-0b51dffcda31%2F%26redirect%3D&documentReferer=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&ancestorOrigins=https%3A%2F%2Fhilight.kapook.com&random=715718448509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 278
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yfe5SQACqVGINQBB
Request Chain 279
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODA3OWMyZWFiZDIzY2U2OTg4Y2I1MWVhNmUyMTZjZDM5MzJkMWI5Zg
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL5NjVxaQQ2RocnoYORidJU&google_cver=1
Request Chain 281
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6e6061f7-b949-4a00-8a52-c95c38474c22&expires=28
Request Chain 282
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/qelvhOIyLbwEt9edP2OyJQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7554107493387294917
Request Chain 284
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ2JR7JD-P-M8E8&sigv=1&esig=2~719aa25c0466de186f614a218c42861bf2483aae
Request Chain 295
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873f714a4f7a77e9260?subid=13359400123598602142767011856013&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=13359400123598602142767011856013&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 304
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873f714a4f7a77e9260?subid=13359400123598602142767011856013 HTTP 301
  • https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_728x90.jpg

425 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 154646
hilight.kapook.com/view/
Redirect Chain
  • https://bit.ly/3g77Y89
  • https://ir.shareaholic.com/e?a=1&u=https://ffe35e.dwerls.eu.org/e7e85db9f67&r=1
  • https://ffe35e.dwerls.eu.org/e7e85db9f67
  • https://hilight.kapook.com/view/154646
59 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
039d6f79dbe15bd310fe59e1e03e4ea67d90d9a04aafb28694ae834ab9fa6a4f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 31 Jan 2022 10:26:14 GMT
content-type
text/html; charset=utf-8
kp-cache-status
EXPIRED
kp-device
desktop
content-encoding
gzip

Redirect headers

date
Mon, 31 Jan 2022 10:26:13 GMT
content-type
text/html; charset=UTF-8
location
https://hilight.kapook.com/view/154646
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncH1Umffbh3MBtr%2F5x5ISDWdaa38BzAiWSSV4BUam77%2FjbJ4uZUtomQ0TxEIxI5CvBTkfxwPcM%2FDdMsiOfwcZRePPiS0VxGRMollFh4wzGUeva3TKdEAd4z5mjZN3Ov1MRC1DquxMEm1R4FsuKGgyH%2BmxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d623d8419079273-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fontface.css
my.kapook.com/fonts/kittithada_roman/ 		387 B
587 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/kittithada_roman/fontface.css
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:15 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
W/"5c492fea-183"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:15 GMT
fontface.css
my.kapook.com/fonts/chatthai/ 		321 B
563 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/chatthai/fontface.css
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:15 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
W/"5c492fea-141"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:15 GMT
css2
fonts.googleapis.com/ 		3 KB
995 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Kanit:wght@500;700&display=swap
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf485b4aeb076cf0c562f88227041f37dfab1443486b400c468297eab8161b04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 10:26:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Jan 2022 10:26:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jan 2022 10:26:14 GMT
theme.css
my.kapook.com/css/portal/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css/portal/theme.css
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
b260601ab0f7801480f1c850c9bf953f920e0cba9b39387aadabf129c048a18b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:15 GMT
content-encoding
gzip
last-modified
Fri, 07 Jan 2022 10:38:11 GMT
etag
W/"61d81813-2978"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:15 GMT
main.css
my.kapook.com/signin_2017/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/signin_2017/css/main.css
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
303b701d48a7993b4176e72cf7e6f990959046b802acf41d0682d7344a40f4a6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:15 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
W/"5c493593-116b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:15 GMT
jquery-1.9.1.min.js
my.kapook.com/jquery/ 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery-1.9.1.min.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:15 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-169d5"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
92629
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:15 GMT
content_template2017.css
my.kapook.com/css-template2017/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css-template2017/content_template2017.css
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
61a8c08051254353c1d63a917d8726bf4ec00b058c8c788dbb24dd98005dd59b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:15 GMT
content-encoding
gzip
last-modified
Mon, 27 Dec 2021 06:35:09 GMT
etag
W/"61c95e9d-3918"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:15 GMT
lead-latest.js
cdn.thelead.tech/lead/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thelead.tech/lead/lead-latest.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.226 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p352-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
0c70dea7f7ae178cc658f383f959806d1c2476ffaaadc90e591a5a542746e306
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Tue, 08 Jun 2021 09:22:42 GMT
etag
"60bf36e2-28da"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
must-revalidate, max-age=3600
accept-ranges
bytes
content-length
10458
widget-v2_kapookcom.js
code.th.giraff.io/data/ 		297 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.th.giraff.io/data/widget-v2_kapookcom.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
715eed8f518f11d26c5ec9789bfbdea840beebbe4ff4035e17ee88fbec5bde6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 26 Jan 2022 12:27:21 GMT
server
cloudflare
etag
W/"61f13e29-4a402"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
6d623da298ca909c-FRA
expires
Mon, 31 Jan 2022 10:27:16 GMT
logo-kapook.png
my.kapook.com/img-portal/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-portal/logo-kapook.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
18c32489ad4b5869d199970a70ada9cae17a82d7588f9f6145289cfe0087433f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-7206"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
twitter.svg
my.kapook.com/review/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/review/svg/twitter.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
632f5cd08bf1e4b618918edafe034f3ce838afe3b8a010b8fd26b08e79e50599
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-43d"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1085
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
facebook.svg
my.kapook.com/review/svg/ 		492 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/review/svg/facebook.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
078485c2ef3f95d9c63732cb9445ba6814ee1b9f2cb6a2f9eaebc85a59227b3f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-1ec"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
492
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
cambodia06.jpg
hilight.kapook.com/img_cms2/user/juthamat/jutha1/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilight.kapook.com/img_cms2/user/juthamat/jutha1/cambodia06.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/ PHP/5.2.17
Resource Hash
c9150c6e68704dd479a7b1d83c815ea96d610774bc8eaea3e87d9a76941b272b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/view/154646
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
x-powered-by
PHP/5.2.17
content-type
text/html; charset=UTF-8
kapook_outstream_live.js
pubmatic.mainroll.com/a/ 		127 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pubmatic.mainroll.com/a/kapook_outstream_live.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-19.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
ea648b4afff4418fee576f5d4df8cfd012618e0951d5b1fc5d65c9f0f4a2d9f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:15 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
X-ovp-host
vms-prod-frontend-spot-10-1-17-206
Access-Control-Allow-Origin
*
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
Cache-Control
public,max-age=90
Content-Length
22694
X-Amz-Cf-Id
10QvyPkqe43t0TvMDSIH8LxKiQa8xuJXN-ZA97QKHNbxYibImOkKeA==
Expires
Mon, 31 Jan 2022 10:27:45 GMT
footer2018.css
my.kapook.com/css/portal/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css/portal/footer2018.css
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
ad4958ed3cb815e2b8b1ff4ae13807cb6c4780403d1c79fd94b2ca56005fbefb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:15 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 08:20:20 GMT
etag
W/"61790bc4-15ef"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:15 GMT
ic-sv-01.png
my.kapook.com/img-services/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-01.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
eb00caeeb5864d2c296487be10f4254f93fb6b66653755703eedbeb3a75b12e6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-b5a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
ic-sv-02.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-02.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
261bb00bef911c5669e21d2eb97c372fa56ac5b0fd511886d7365980168e9481
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-954"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
ic-sv-03.png
my.kapook.com/img-services/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-03.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
b5a3530e4b2177e1c71bbe14b92236b2fc7d1c8799108057e64890d936e431b2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-988"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
ic-sv-04.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-04.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
54822c5709873bcf9afc8091b8441dee5f4acc246672adc5c720899a6fc21f32
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-8e8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
icon-dailymotion.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-dailymotion.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
41f5f41fae57894923b9c02c9b5d619b8492bb1e4ab823a00cfd7dea2e70232c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Wed, 15 May 2019 04:45:21 GMT
etag
W/"5cdb9961-7be"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
icon-fb.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-fb.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
8819b0d3268b13f643a92860ff6db03177c44398768eddae4c7572187dfcd480
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-6f6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
icon-tw.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-tw.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
59ce937613311d1ed6f8b028b62172ac1090a451188e0dfcb48d00e65152a5ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-7c7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
icon-yt.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-yt.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
9c45c6581f154b44f31a426c185f9e63eca4a3bece818d4538e32eb6ad45078b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-6bb"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
icon-ig.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-ig.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
f8f28263933a84466cc21cbf27d39d2aab3db9a6e447d0a9c07d56f75e568c5a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-84e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
app-store.jpg
www.kapook.com/assets_2017/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kapook.com/assets_2017/images/app-store.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
eda51ab7248feccf81e351757e504a158c1dd25a63c58304eb8111829ab438a4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
last-modified
Wed, 25 Mar 2020 07:34:26 GMT
etag
"8fe-5a1a8e5e15276"
content-type
image/jpeg
cache-control
max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
2302
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:17 GMT
google-play.jpg
www.kapook.com/assets_2017/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kapook.com/assets_2017/images/google-play.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
613d3c9b1ae664647fc29af09983332254942b09d13dbc83eb8918e70843c639
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
last-modified
Wed, 25 Mar 2020 07:34:26 GMT
etag
"7cf-5a1a8e5e27b57"
content-type
image/jpeg
cache-control
max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
1999
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:17 GMT
swiper.min.js
my.kapook.com/portal_view/js/ 		94 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/portal_view/js/swiper.min.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-178a3"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
96419
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
galleryPlugin-loadmore.js
my.kapook.com/portal_view/js/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/portal_view/js/galleryPlugin-loadmore.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
2257a1847773bc2f2273720e446fb019b71e6c4b2410ab2ff8c2961b7c538a0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 19 Sep 2019 11:25:04 GMT
etag
"5d836590-43a9"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
17321
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
head.load.min.js
my.kapook.com/jquery/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/head.load.min.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-11fa"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
4602
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
jquery.easing.1.3.js
my.kapook.com/js_emocomment/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/js_emocomment/jquery.easing.1.3.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-1fa1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
8097
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
jquery.worldjwplayer.js
my.kapook.com/jquery/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery.worldjwplayer.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
bf42d056ce8cf3ccacfcfcd4319b5f5d96a9bd63b60a2d0899f30cc209bf60b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-fa1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
4001
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
oembed.js
my.kapook.com/jquery/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/oembed.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
44b1dfba3096651cfa5bf09eabf8e6ae420490fce25bfb4dcf8a46101549f9d7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-841"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
2113
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
run_oembed.js
my.kapook.com/jquery/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/run_oembed.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
1869a799ad8fcb8ed4f7ca265940db5656e2d369376e6a7c8ba2d0b041fedd79
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-507"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1287
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
ab12745d93c5.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H3
Server
2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 13:09:43 GMT
content-encoding
br
etag
"ab12745d93c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
4843
priority
u=3,i

Redirect headers

date
Mon, 31 Jan 2022 10:26:16 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
cln
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control
max-age=21600
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
0
dmp.js
my.kapook.com/js_tag/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/js_tag/dmp.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
7b725ae865db1ff6a60a6dc326de6c6689138e473de067d5309b8562ed8addc6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-466"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1126
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
tag.js
my.kapook.com/jquery/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/tag.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
38efc54eb97b294bf9f710239d5922ba7854186c13d9d39571e972fc5e6bc834
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Wed, 17 Nov 2021 04:45:52 GMT
etag
"61948900-8b3"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
2227
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
intersection-observer.js
cdn.jsdelivr.net/npm/intersection-observer@0.7.0/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/intersection-observer@0.7.0/intersection-observer.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
527444
x-jsd-version
0.7.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19180-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"57ad-m3EaUx6495LHE8zS0+QpFP8kqM0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6d623da26f236927-FRA
lazyload.min.js
cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/lazyload.min.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
527467
x-jsd-version
12.4.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19125-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1926-ftj+zhhSvu4E/RMH3S02cxSkfWc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6d623da26f266927-FRA
lazysizes.min.js
www.kapook.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kapook.com/js/lazysizes.min.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
06821251a29e71f8fd4f60349667c54d163b16d7bc8b1d47144c7f5042683eef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
gzip
last-modified
Wed, 25 Mar 2020 07:45:44 GMT
etag
"1b91-5a1a90e454b08-gzip"
content-type
application/javascript
cache-control
max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
3307
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:17 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156743/740/ 		327 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f58089bd78c9c0bec016b4f773e16b083c2bd6b23e1241df58c6aedeff3410ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 07:51:06 GMT
server
Apache/2.2.15 (CentOS)
etag
"fe0ad3-51cfc-5ceafec82592e"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=63254
accept-ranges
bytes
content-type
text/javascript
content-length
101313
expires
Tue, 01 Feb 2022 04:00:30 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26237
x-xss-protection
0
pragma
public
x-fb-debug
3rQoKVdehXdjdLqC+OOI+G6kXvFEyxuxy0btM7HwFjtTk0FT9btg6FAhJ9Xvttx2ZDj6i8R4PdOSwgu01ajbzQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Mon, 31 Jan 2022 10:26:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
client.min.js
api.dmcdn.net/pxl/cpe/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/pxl/cpe/client.min.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
f6328097b88e89b824f66b7327ac9625e7fdb720231b031c89171303dd5c2fff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
age
80284
server-timing
total;dur=17, dc;desc="dc3"
x-amz-request-id
08NFK5WDBEFNN0ST
x-amz-id-2
jfPvNrlFda4RGBTl6ok5LRD41dRvkQAGwCAOStkD0VNgUI54zP0wcn3BzcJzZ9+b5gNp8k9D354=
last-modified
Wed, 24 Nov 2021 09:47:44 GMT
server
DMS/1.0.42
etag
"ef9fd4ac3739dcc0cf8dcd8e9f0beeeb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
content-length
736
timing-allow-origin
*
x-llid
a80a748aace3eb55d401e18053041c04
expires
Mon, 31 Jan 2022 12:08:12 GMT
sdk.js
connect.facebook.net/th_TH/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/th_TH/sdk.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e0f1921ba1e745bea92f3b6a079db158c2bc72723894eefac1548b12cf56b1f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
hjKbgocbxGFD+SFKandNJg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
NVJF95yOmn9fdMaHscR04i1h/adxVmCfAHwpshsMsiQKE9eC1+KlG29ELGew6FYNWP3S8pqH/N95KSMGwKNKww==
x-fb-trip-id
917726464
x-fb-content-md5
46dc0b96943cac99e5d2ae651e84f7b6
x-frame-options
DENY
date
Mon, 31 Jan 2022 10:26:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"fbceb76faa7c0cf963f0d21630b79752"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 31 Jan 2022 10:41:14 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3082
date
Mon, 31 Jan 2022 09:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 31 Jan 2022 11:34:54 GMT
arrow-down.svg
my.kapook.com/portal_config_desktop/header/svg/ 		213 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/portal_config_desktop/header/svg/arrow-down.svg
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
6501f17d0120035bb709b4bb2e848af8bf31f4b9ec55834387015602daadb02c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.kapook.com/css/portal/theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-d5"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
213
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
kit55p-webfont.woff2
my.kapook.com/fonts/kittithada_roman/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/kittithada_roman/kit55p-webfont.woff2
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/fonts/kittithada_roman/fontface.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
1d2a8c794add60a46cd6b6baccd0f696f532a5890f4ae056e77ea862782f3cd6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://my.kapook.com/fonts/kittithada_roman/fontface.css
Origin
https://hilight.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
"5c492fea-5160"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
20832
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
CSChatThaiUI.woff2
my.kapook.com/fonts/chatthai/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/chatthai/CSChatThaiUI.woff2
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/fonts/chatthai/fontface.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
7c56eaccdfaf45898b493d44f6063c20f365137a89bc2a883f2b7a53a3f5ea2d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://my.kapook.com/fonts/chatthai/fontface.css
Origin
https://hilight.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
"5c492fea-3fb4"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
16308
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
a0000034.js
lvs.truehits.in.th/dataa/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs.truehits.in.th/dataa/a0000034.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.91.10 Ban Bang Yang, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-91-10.inter.net.th
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
54c0ed253f95f410a51570a99ff208c11492b09c0745a60c0dee9906000649f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
last-modified
Thu, 27 Jan 2022 07:02:00 GMT
server
nginx/1.14.0 (Ubuntu)
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
cache-control
max-age=604800
content-type
application/x-javascript
content-length
9086
expires
Mon, 7 Feb 2022 10:26:17 GMT
player.js
cdn.bluebillywig.com/apps/player/20220124.131048/ 		2 MB
332 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bluebillywig.com/apps/player/20220124.131048/player.js
Requested by
Host: pubmatic.mainroll.com
URL: https://pubmatic.mainroll.com/a/kapook_outstream_live.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:a000:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ce61d49a5513168c8d96e140f0a257dd8efb4df1fdf5b18289c1c5635ddb720

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:18:18 GMT
content-encoding
gzip
age
479
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
access-control-allow-origin
*
last-modified
Mon, 24 Jan 2022 13:12:44 GMT
server
AmazonS3
etag
W/"2a337b48f4bb5cd76b3f01cc57bfefe6"
access-control-allow-methods
PUT, GET, POST
content-type
application/javascript
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
public,max-age=1209600
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
sBuE62aAYiTohw3COAOR5vJRHit8J58SkFe1C18xCiknDhm-m0ltZg==
ico-hilight.svg
my.kapook.com/svg-portal/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/svg-portal/ico-hilight.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
47fd2d89da6d57a193dcdfde77680f8b0511740db8df42efe176f7683e835e8b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Wed, 08 May 2019 06:43:54 GMT
etag
"5cd27aaa-3e2c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
15916
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
154646
hilight.kapook.com/view/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilight.kapook.com/view/154646
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/view/154646
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
kp-device
desktop
kp-cache-status
HIT
content-type
text/html; charset=utf-8
nKKU-Go6G5tXcr5mOBWzVaF5NQ.woff2
fonts.gstatic.com/s/kanit/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v11/nKKU-Go6G5tXcr5mOBWzVaF5NQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa82e29a1ef9355dada5b0c14c0f6ca778b5231c554cfa77bbd164b675ad6dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hilight.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 20:57:52 GMT
x-content-type-options
nosniff
age
394104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13116
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:15:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 20:57:52 GMT
icomoon.woff
my.kapook.com/fonts/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/icomoon.woff?-3adk29
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
e0fe3cf3f4b694a7bc4bb1b11462e00a89eebf156fdb9436f7f01c38fea73e26
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://my.kapook.com/css/portal/theme.css
Origin
https://hilight.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
W/"5c492fea-11d4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff
access-control-allow-origin
https://hilight.kapook.com
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
nKKU-Go6G5tXcr5mOBWnVaE.woff2
fonts.gstatic.com/s/kanit/v11/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v11/nKKU-Go6G5tXcr5mOBWnVaE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d6c6301cab1440d031c7e5f865dc8018b0c1b7e685359578b1557f9d4338243
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hilight.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 20:57:52 GMT
x-content-type-options
nosniff
age
394104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:15:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 20:57:52 GMT
embeds.js
platform.instagram.com/en_US/ 		0
0
162488171107136
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/162488171107136?v=2.9.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e1da7fa08df711187371d2ac7a206c90c6bc02cac01d1e29f636ba118088df04
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88997
x-xss-protection
0
pragma
public
x-fb-debug
KjrGeD0t13MxOOjnBE+pjrMYaXNPXwJzaDvkwyN1/ktq2taCUcIgCxmvtE587+XM5kJ+iy7Clvk9nv2daAAyGA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 31 Jan 2022 10:26:16 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
circle-list.png
my.kapook.com/img-services/ 		989 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/circle-list.png
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/footer2018.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
a67b319836d86d61b5073a465f042bc9d0583ee4705bde230cf7e542c0ac8a38
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.kapook.com/css/portal/footer2018.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-3dd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
sdk.js
connect.facebook.net/th_TH/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/th_TH/sdk.js?hash=ff3d4e86490db23835f96c452ecd6a0e
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/th_TH/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e7f235828288c65ffa78a438c0acd8c03e9d5a94839c626cfb6c2f5a502ffe5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://hilight.kapook.com/
Origin
https://hilight.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
OrWOq4vZqZFl+Bf5uR6erQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83629
x-fb-rlafr
0
x-fb-debug
0Tx5imSDXNaK7SWcaulZ/aGMJsh/zJNEcXfRLSr+KzQ9vrwjgfpDpYNSVjiv28XrxXBM34t7dqKNG0tW/wcSog==
x-fb-content-md5
8c1d979cef303b5e8231d9767161e8c0
x-frame-options
DENY
date
Mon, 31 Jan 2022 10:26:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"b952aa410bf7eb86f8db839f1bdd741c"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 31 Jan 2023 10:01:10 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhilight.kapook.com%2F&domain=hilight.kapook.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://hilight.kapook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://hilight.kapook.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1829
date
Mon, 31 Jan 2022 10:26:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhilight.kapook.com%2F&domain=hilight.kapook.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=TMjp2nxUbkZlYVFTbHkzUXVJcXVqQi9WVjY0dno1QnpVcDlUNE9abEUzSlBNUXg4UXpqZHJPYklWYzFycTUxa0k0cUNreUV4d0FMM29TYUJkeDlVbXJmTmxGTWo0aGRxOGx0cW5SM1hrcmJpT0tBTWRpdmE3aElGVmE0dm...
345 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TMjp2nxUbkZlYVFTbHkzUXVJcXVqQi9WVjY0dno1QnpVcDlUNE9abEUzSlBNUXg4UXpqZHJPYklWYzFycTUxa0k0cUNreUV4d0FMM29TYUJkeDlVbXJmTmxGTWo0aGRxOGx0cW5SM1hrcmJpT0tBTWRpdmE3aElGVmE0dmZZeXdPWnFybHhBMDFua0RLbXgxWDF2UDdsUmdEMEdqbkhIbm9ERmFaMExqUDkwMGtSTEdiMlo2b2Z5Z1VKUmlrMnNmN3NINTlpbkxkUEs1dlBrZENOcEVZVmdXQ2xRY2YzSUtldklaZUJWV0Z0YndQVlBNPXw&cppv=2
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
0a634bbd16a8b70972cf493dcf05d7ce52e460b74f9752d31188ece01f97ff12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:15 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2470
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:15 GMT
location
https://mug.criteo.com/sid?cpp=TMjp2nxUbkZlYVFTbHkzUXVJcXVqQi9WVjY0dno1QnpVcDlUNE9abEUzSlBNUXg4UXpqZHJPYklWYzFycTUxa0k0cUNreUV4d0FMM29TYUJkeDlVbXJmTmxGTWo0aGRxOGx0cW5SM1hrcmJpT0tBTWRpdmE3aElGVmE0dmZZeXdPWnFybHhBMDFua0RLbXgxWDF2UDdsUmdEMEdqbkhIbm9ERmFaMExqUDkwMGtSTEdiMlo2b2Z5Z1VKUmlrMnNmN3NINTlpbkxkUEs1dlBrZENOcEVZVmdXQ2xRY2YzSUtldklaZUJWV0Z0YndQVlBNPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1996
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57497199f9b1d717565cff26dd8727c37937159984fc901b27c6202efaaf65a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27099
x-xss-protection
0
server
sffe
etag
"1118 / 140 of 1000 / last-modified: 1643622412"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 31 Jan 2022 10:26:16 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=162488171107136&ev=PageView&dl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&rl=&if=false&ts=1643624776185&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.1.1643624776184.1989623901&it=1643624776115&coo=false&rqm=GET
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 31 Jan 2022 10:26:16 GMT
ima3.js
s0.2mdn.net/instream/html5/ 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/html5/ima3.js
Requested by
Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/apps/player/20220124.131048/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fee8b4efec9b0317fa9c53cffbda34f21dace30ad3104e5af3cadf6217fc354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127062
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 31 Jan 2022 10:26:16 GMT
admanager.679faa4c.js
cdn.bluebillywig.com/apps/player/20220124.131048/ 		401 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bluebillywig.com/apps/player/20220124.131048/admanager.679faa4c.js
Requested by
Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/apps/player/20220124.131048/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:a000:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adf602f121b9f16fd0039da97beefb628d40a6b6175da0adef38ef335678d873

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:24:22 GMT
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
age
115
x-cache
Hit from cloudfront
content-length
401
last-modified
Mon, 24 Jan 2022 13:12:44 GMT
server
AmazonS3
etag
"93673b131addce34f374c91b679faa4c"
access-control-allow-methods
PUT, GET, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
public,max-age=1209600
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
Pg9FaWZBJDJbHpJjtPAkyfW7TkhrPJ2iA-A3422D51HQvEOtiSFheA==
ubuntu.css
cdn.bluebillywig.com/fonts/ 		555 B
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bluebillywig.com/fonts/ubuntu.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:a000:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bab7d34016a2aa37f5485e329365c108bd98722d78bf0f687ba9c5e60176d00b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:24:40 GMT
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
age
97
x-cache
Hit from cloudfront
content-length
555
last-modified
Tue, 18 May 2021 09:41:13 GMT
server
AmazonS3
etag
"2a6307abebf25c55ddb0722a4b7ef277"
access-control-allow-methods
PUT, GET, POST
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
public, max-age=31536000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
AKnnY14-u2xCdlHEh6HjsrIwhVla2P1D--8GzmPkFoimiz3tgzHIoA==
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624776341&pp=pubmatic&ev=xst&id=IKUgzR17z6dy&et=Session&cid=0&xu=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&xr=&pt=%5Buntitled%5D&aup=1&aum=1&aul=0&sn=0
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:16 GMT
Via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
dwmeDZnh2YDrcYJ9YtmN27_qLs3fCHWTl_WkvbzXRf6ZDTz6WfcstA==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?vu=7B363D17%2dC80A%2d42C9%2d81B2%2d02D89626B15C&pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624776342&pp=pubmatic&pt=%5Buntitled%5D&pv=6.x&ev=it&id=0&ct=Kapook%20Outstream&pd=&vs=n%2Fa&rs=1600x1200&fs=0&mt=mainroll&du=0&xu=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&xr=&aup=1&aum=1&aul=0&ut=commercial&sn=1
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:16 GMT
Via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
22cNCbRImkz8FVAUHnhT3pOQfUbaws1kxbU2ZKnxgGDVk60vcQpviA==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TMjp2nxUbkZlYVFTbHkzUXVJcXVqQi9WVjY0dno1QnpVcDlUNE9abEUzSlBNUXg4UXpqZHJPYklWYzFycTUxa0k0cUNreUV4d0FMM29TYUJkeDlVbXJmTmxGTWo0aGRxOGx0cW5SM1hrcmJpT0tBTWRpdmE3aElGVmE0dmZZeXdPWnFybHhBMDFua0RLbXgxWDF2UDdsUmdEMEdqbkhIbm9ERmFaMExqUDkwMGtSTEdiMlo2b2Z5Z1VKUmlrMnNmN3NINTlpbkxkUEs1dlBrZENOcEVZVmdXQ2xRY2YzSUtldklaZUJWV0Z0YndQVlBNPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1051
date
Mon, 31 Jan 2022 10:26:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
ubuntu.woff2
cdn.bluebillywig.com/fonts/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.bluebillywig.com/fonts/ubuntu.woff2
Requested by
Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/fonts/ubuntu.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:a000:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Request headers

Referer
https://cdn.bluebillywig.com/fonts/ubuntu.css
Origin
https://hilight.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:24:39 GMT
via
1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
age
97
x-cache
Hit from cloudfront
content-length
34260
last-modified
Tue, 18 May 2021 09:41:13 GMT
server
AmazonS3
etag
"5b23eeb3a32b30e91682d601535d2a89"
access-control-allow-methods
PUT, GET, POST
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
public, max-age=31536000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
TYueY5CFj98sgfaUh88Wc_yI5CkiCG_3cRiMGGakG0qZ3dKnB3IiKg==
js
www.google-analytics.com/gtm/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TTM3PW3&cid=1026036103.1643624776
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
895fd654c1a483a254f11b77466ffd000197084a85fab00b98e5875689fa2be2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34735
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jan 2022 10:26:16 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624776430&pp=pubmatic&ev=xst&id=5iIyfuJAmjMZ&et=View&cid=0&pid=IKUgzR17z6dy&pet=Session&fs=0&xu=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&xr=&pt=%5Buntitled%5D&iet=default&ut=commercial&sn=2
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:16 GMT
Via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
OUH8orYVVUQvLvUTiWh4TjQIQ9s5NFu2hSK3pe7DzfHjPaZPUA64Vw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624776434&pp=pubmatic&ev=xit&id=kapook_outstream_live&et=~~02~~Unit&cid=0&pid=5iIyfuJAmjMZ&pet=View&ap=inarticle&sn=3
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:16 GMT
Via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
9xUnRYGCWIrib0pxSCPz26NICkoLj6jDNSqTcklrb_s2gNQJJgLQ0Q==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624776435&pp=pubmatic&ev=xov&id=kapook_outstream_live&et=~~02~~Unit&cid=0&pid=5iIyfuJAmjMZ&pet=View&ap=inarticle&sn=4
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:16 GMT
Via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
WaSklb6Q3yoSN1fG3RViF39Vu4Y9ZG9nwUaxo-Tn2pspuWDIT32Z9w==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624776457&pp=pubmatic&ev=xit&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.719%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F154646&sn=5
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:16 GMT
Via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
8VRm_jJFa8i6fM_jBJbnKMKSUAMQv740vKAzh__F10IecWSAg7khlQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pubads_impl_2022012505.js
securepubads.g.doubleclick.net/gpt/ 		354 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
57ee1c89673fa47b2b3e28d42c8119c5d66b5e6cd2b9001418a969ca4c515299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 09:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122166
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 15:13:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 31 Jan 2023 09:54:18 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		175 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hilight.kapook.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
2e39e1139f7fd668659dcd0f8c644e400b5e7aa0e87baa7cd05c34199140b78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118
x-xss-protection
0
expires
Mon, 31 Jan 2022 10:26:16 GMT
skrollr.min.js
my.kapook.com/jquery/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/skrollr.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
638b569a555e5237e935eaa674fca4ef1317347d53c41171b811759c47534d0e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-211b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
8475
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
jquery.fbbutton.js
my.kapook.com/jquery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery.fbbutton.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
ab0335a147eedff460c9dcd5fd249b78606c81898e57db7397d1a4bacb962d5e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Wed, 09 Jun 2021 14:06:01 GMT
etag
"60c0cac9-2714"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
10004
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
main_2020.js
my.kapook.com/angular/app/content_relate/js/ 		779 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/app/content_relate/js/main_2020.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
ebd473d7f288cf6fc7cd00a65cece7f14fa649b25b4f47effd1acc7ad5f4c1eb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 14 May 2020 02:53:48 GMT
etag
"5ebcb2bc-30b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
779
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
jquery.tagCenter.js
my.kapook.com/jquery/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery.tagCenter.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
33ceac8852b43e0afb94ba6646ebda4654e9aba3c178e3d4819e4de6be134c8c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-2176"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
8566
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
/
www.instagram.com/p/BU23z2nBI9_/embed/captioned/ Frame 456E 		60 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4aafeeab30ce0f4af8831983cc3f7dacc43b5c930d3c098014d1f9beae058017
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

content-type
text/html; charset=utf-8
x-accel-buffering
no
vary
Accept-Language, Cookie, Accept-Encoding
content-language
de
date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only
require-corp;report-to="coep"
report-to
{"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial
AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop"
x-content-type-options
nosniff
x-xss-protection
0
x-ig-push-state
c2
x-aed
48
access-control-expose-headers
X-IG-Set-WWW-Claim
x-ig-request-elapsed-time-ms
58
x-ig-origin-region
cln
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
priority
u=3,i
container_56d8ee121c51b14f6e964404.js
ssl-avd.innity.net/143/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl-avd.innity.net/143/container_56d8ee121c51b14f6e964404.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/js_tag/dmp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
aaf3814524bd89364709ba29a2bfc51a8934b7e55b925b9d706d3c3ae9f9f53b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:15:51 GMT
Server
nginx/1.18.0
ETag
"5f48bd37-20f7-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=291910
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3228
Expires
Thu, 03 Feb 2022 19:31:26 GMT
1
cacheportal.kapook.com/tag/compound/tag/154646/hilight/ 		363 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cacheportal.kapook.com/tag/compound/tag/154646/hilight/1
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.245 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
c769cb63e1f8a3cefe119a30c81af5ede42388736cc4f8b35895b2f08f58eb32

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 31 Jan 2022 10:26:17 GMT
access-control-allow-methods
OPTIONS, HEAD, GET, POST, PUT, DELETE
access-control-allow-credentials
false
kp-cache-status
EXPIRED
content-type
application/json
app.min.js
api.dmcdn.net/pxl/cpe/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/pxl/cpe/app.min.js
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/client.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
8fb6a3fed795d18c97e59795ac6fe8f7d4ad804e2844b9129d562d94b06f04fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
age
62039
server-timing
total;dur=20, dc;desc="dc3"
x-amz-request-id
TY5GXVD47N8ZPHDV
x-amz-id-2
aa3BQF9S9z9jKJ4yIpy9Wju5NmxnsxVLyZ2aRxmzalQXEKHQnZLoTIJPUzxRIukG99pbUakjBy0=
last-modified
Wed, 24 Nov 2021 09:47:44 GMT
server
DMS/1.0.42
etag
"71ea3dac5743ec86f436a091fcfc3deb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
content-length
18563
timing-allow-origin
*
x-llid
a574f94df9ee7365ac28ad566a4fa9c3
expires
Mon, 31 Jan 2022 17:12:17 GMT
feedback.php
www.facebook.com/plugins/ Frame 9199
Redirect Chain
  • https://www.facebook.com/v2.12/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.co...
  • https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_...
  • https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_...
144 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/th_TH/sdk.js?hash=ff3d4e86490db23835f96c452ecd6a0e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6cf786190315cf8d916712dd0fd5cecbcdd1461b3466b072d206fa2fcce0742f
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
wwG9RZtspnUc3UTglc69YaAXqHtSTbWCoRCrmTE31I/SlCjbnkx1GAeTNJJY85RgcTrvpi5hM9UT49NxNqFtQg==
date
Mon, 31 Jan 2022 10:26:16 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
LuJyZDmhc0oOh7RzdMFHSxjZbtnsiIwzhU5vCI1flTaS1ca2rSD8laElGg35RFhj0Wnlc/ki9HG+XFVpU2kO3g==
content-length
0
date
Mon, 31 Jan 2022 10:26:16 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624776598&pp=pubmatic&ev=xiv&id=kapook_outstream_live&et=~~02~~Unit&cid=0&pid=5iIyfuJAmjMZ&pet=View&abd=0&ap=inarticle&sn=6
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:16 GMT
Via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
CgUvMUDR-UdF3vFwcn_JwY1M5D9K0p1ayu81WQvzAyrOG2oXvKRVRg==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 4B35 		601 KB
196 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 28 Jan 2022 22:02:05 GMT
expires
Sat, 28 Jan 2023 22:02:05 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 24 Jan 2022 19:11:17 GMT
content-type
text/html
age
217451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 31 Jan 2022 10:26:16 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624776646&pp=pubmatic&ev=xls&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.719%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F154646&sdk=GOOGLE_IMA&sn=7
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:16 GMT
Via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
4yp9JpZT1_JphZbtQE4SlL4RdxEFsD9PKXUSxkPnyntxVQQl0yMUfA==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=993890396&t=pageview&_s=1&dl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&ul=en-us&de=UTF-8&dt=%E0%B8%8A%E0%B8%B4%E0%B8%A5%E0%B9%84%E0%B8%9B%E0%B9%84%E0%B8%AB%E0%B8%A1%E0%B8%9E%E0%B8%B5%E0%B9%88%20%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B8%95%E0%B8%B1%E0%B8%94%E0%B8%AB%E0%B8%8D%E0%B9%89%E0%B8%B2%E0%B9%81%E0%B8%9A%E0%B8%9A%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B8%84%E0%B8%B9%E0%B8%A5%20%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%94%E0%B8%B8%E0%B9%89%E0%B8%87%E0%B8%AA%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%B7%E0%B8%AD%E0%B8%99%E0%B9%81%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%B5%E0%B8%97%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B8%99%E0%B8%B2%E0%B9%82%E0%B8%94%E0%B8%AD%E0%B8%A2%E0%B8%B9%E0%B9%88%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%AB%E0%B8%A5%E0%B8%B1%E0%B8%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAAADQAAAAC~&jid=2046304603&gjid=1686871897&cid=1026036103.1643624776&tid=UA-36103152-15&_gid=676114989.1643624776&_r=1&_slc=1&z=1202756914
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=993890396&t=event&ni=1&_s=2&dl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&ul=en-us&de=UTF-8&dt=%E0%B8%8A%E0%B8%B4%E0%B8%A5%E0%B9%84%E0%B8%9B%E0%B9%84%E0%B8%AB%E0%B8%A1%E0%B8%9E%E0%B8%B5%E0%B9%88%20%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B8%95%E0%B8%B1%E0%B8%94%E0%B8%AB%E0%B8%8D%E0%B9%89%E0%B8%B2%E0%B9%81%E0%B8%9A%E0%B8%9A%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B8%84%E0%B8%B9%E0%B8%A5%20%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%94%E0%B8%B8%E0%B9%89%E0%B8%87%E0%B8%AA%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%B7%E0%B8%AD%E0%B8%99%E0%B9%81%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%B5%E0%B8%97%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B8%99%E0%B8%B2%E0%B9%82%E0%B8%94%E0%B8%AD%E0%B8%A2%E0%B8%B9%E0%B9%88%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%AB%E0%B8%A5%E0%B8%B1%E0%B8%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Screentime&ea=Time%20on%20Screen&el=all-def&ev=1&_u=KGBAAAADQAAAAC~&jid=&gjid=&cid=1026036103.1643624776&tid=UA-36103152-15&_gid=676114989.1643624776&z=1770693158
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 03:07:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26313
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8618 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 31 Jan 2022 11:08:15 GMT
b4e213565be7.css
www.instagram.com/static/bundles/es6/EmbedSimpleBase.css/ Frame 456E 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSimpleBase.css/b4e213565be7.css
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a92612b9748a86d86668384da155e92c39074bde96917e864157360085f35fc6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 20:07:38 GMT
content-encoding
br
etag
"b4e213565be7"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
2923
priority
u=3,i
9b50885cec20.js
www.instagram.com/static/bundles/es6/de_DE.js/ Frame 456E 		282 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/de_DE.js/9b50885cec20.js
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
160bef5003dca72fd1cc96b6f8d575c16944b1c29fd2b2f5d4b5a3c0cb821f25

Request headers

Referer
https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Origin
https://www.instagram.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 17:12:33 GMT
content-encoding
br
etag
"9b50885cec20"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
70612
priority
u=3,i
cd913610ddcc.js
www.instagram.com/static/bundles/es6/EmbedSimple.js/ Frame 456E 		355 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSimple.js/cd913610ddcc.js
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dff6b11ecdcbf5b149582c406bf5a5cfe58af04ba84c14b2762e2061da5c5123

Request headers

Referer
https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Origin
https://www.instagram.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 17:12:28 GMT
content-encoding
br
etag
"cd913610ddcc"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
92016
priority
u=3,i
/
www.facebook.com/tr/ Frame 547C 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://hilight.kapook.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://hilight.kapook.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Mon, 31 Jan 2022 10:26:16 GMT
angular.min.js
my.kapook.com/angular/1.3.15/ 		123 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/1.3.15/angular.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
bc2258efd8fc7f792e0e6ccf033267cc3932082ee5c145ad2114afe64060942f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:24:24 GMT
etag
"5c492fe8-1ebd5"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
125909
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
angular-aria.min.js
my.kapook.com/angular/1.3.15/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/1.3.15/angular-aria.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
55b807de0d07c7c4f7c6eb0768f98c852883f1d1ff44f768a6c8d28dd8313e3b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:24:24 GMT
etag
"5c492fe8-d05"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
3333
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
angular-sanitize.min.js
my.kapook.com/angular/1.3.15/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/1.3.15/angular-sanitize.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
1c37b9f272a717c741e9294666fec7c6f3bdfb63ca3544803f4770668047c788
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:24:24 GMT
etag
"5c492fe8-17c0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
6080
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
angular-resource.min.js
my.kapook.com/angular/1.3.15/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/1.3.15/angular-resource.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
fc856d4345031aa1129a23530aa157b64f231ae829b8e1954a2c80ae14ac9d71
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:24:24 GMT
etag
"5c492fe8-dfe"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
3582
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
fontface.css
my.kapook.com/fonts/display/ 		326 B
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/display/fontface.css
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
bd14d25fb8b5f98af810efea7049fad966e15e3c4bae892398398cacf2950e19
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
W/"5c492fea-146"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
relate_th.css
my.kapook.com/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css/relate_th.css
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
786c04f75c9e13cec3f0aceccba3e6a87d9e1dff0a905fbf89c32ec104793c88
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:25 GMT
etag
W/"5c492fe9-b0e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
headLoadComplete.js
my.kapook.com/jquery/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/headLoadComplete.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
1cf1f7132ec2b6e9966d683b1fe193d130ae40191ec77e5449f3c3de6cb4456c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-646"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1606
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:16 GMT
/
pebed.dm-event.net/ 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.58 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed1.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 31 Jan 2022 10:26:16 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
5d5cee4ac52b3f494eabac4d
api.pxl.dailymotion.com/players/ 		926 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.pxl.dailymotion.com/players/5d5cee4ac52b3f494eabac4d?fields=config
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
nginx/1.19.3 /
Resource Hash
f651e0344ed67b104b79c3b8cfb88260a7f5bc6bc9ed9a70737ac09b7bdc7289
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:16 GMT
Content-Encoding
gzip
Vary
Origin
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Length
444
X-Dm-Lb-Name
icscale-01-01
Expires
Mon, 31 Jan 2022 10:36:16 GMT
Last-Modified
Fri, 12 Jun 2020 13:48:43 GMT
Server
nginx/1.19.3
Access-Control-Max-Age
0
Access-Control-Allow-Methods
HEAD, DELETE, GET, PATCH, PUT, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://hilight.kapook.com
Access-Control-Expose-Headers
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization, X-HTTP-Method-Override, Content-Type, Accept
X-Proxy-Cache
HIT
i
delivery.adnuntius.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://delivery.adnuntius.com/i?tzo=-60&format=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.202.161.8 Rovigo, Italy, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK),
Reverse DNS
85.202.161.8.adnuntius.com
Software
/
Resource Hash
9cc602f514742dc13959b6dc67765e28d60b12c19034fc652a42916583a02ed1

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
gzip
content-type
application/json;charset=utf-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
x-adn-backend-server-id
f0a9f006
x-adn-diagnostic-request-id
25b3e6d16d09b366712810c8061b3d51
content-length
1345
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 Philadelphia, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hilight.kapook.com
date
Mon, 31 Jan 2022 10:26:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36103152-15&cid=1026036103.1643624776&jid=2046304603&gjid=1686871897&_gid=676114989.1643624776&_u=KGBAAAACQAAAAC~&z=11188796
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 31 Jan 2022 10:26:16 GMT
content-type
text/plain
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pLn_eZcQXUG.css
static.xx.fbcdn.net/rsrc.php/v3/yX/l/2,cross/ Frame 9199 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/2,cross/pLn_eZcQXUG.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
feaf4424e8e47e15f934187396a3aa63ddeb0002ee50ac0a69bdea461ce35a4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0jIzcw7Wz91M8bPYPmWqew==
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
8629
x-fb-rlafr
0
x-fb-debug
lmR7NDjy30xEzd6NaewiWJv14INWQvoa5zMsOftWhyM5xcWGhfmf/Gcog4/ZRcANkCEXRQNNyoewThDar4+/FQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 30 Jan 2023 16:46:08 GMT
0LIv7hPw_zV.css
static.xx.fbcdn.net/rsrc.php/v3/yh/l/2,cross/ Frame 9199 		125 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yh/l/2,cross/0LIv7hPw_zV.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
91e5875e998edb8674602fc61fb02103aee56ba337fd1cd5f45f3339f6314479
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
VFxsKr9m/xgRNuvhriDOjQ==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20403
x-fb-rlafr
0
x-fb-debug
+c4I+wZB3yj6uPbJDkcaqc6KcYMO3g+YqBFQ1XodQBezlmBjb/FgifIqSdNqBTcSQ72gp2ExF+iOQclhL2owmg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 27 Jan 2023 21:35:19 GMT
KN1FoJz1PpP.js
static.xx.fbcdn.net/rsrc.php/v3/yq/r/ Frame 9199 		307 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yq/r/KN1FoJz1PpP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e7bfece69986376cbc9f073834ae0e1a39e4d3366f46dd84ae6b273be1ad90e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
JWyxSI62qWdvqh9LW3cjrw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
84316
x-fb-rlafr
0
x-fb-debug
H/oy6JtwVrQitouOge3GLrk07SM4LHAutBpImNr12nxDu+PG7zku0/xY8Hi5KoFFSzP4aq5EtpaaXv39lOPe5g==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 Jan 2023 21:12:05 GMT
InPlH9RGJvF.js
static.xx.fbcdn.net/rsrc.php/v3i_oH4/yf/l/th_TH/ Frame 9199 		159 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i_oH4/yf/l/th_TH/InPlH9RGJvF.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
536652dd14b87d10392834e28ced44e606f3d95ecf2808b1df25bb1d90fa4701
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZhkkTeD9z6mqzNgvDyvN6g==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
45091
x-fb-rlafr
0
x-fb-debug
59+55tU673qKewI3cgZnsz0cWq/c6VRkv7j8wB+JC5hYTGDj1TrXm95dy1iNr3eyMin4zLyr0dcwLNGBf7sMcA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 27 Jan 2023 10:14:29 GMT
Dn-gGTen_7I.js
static.xx.fbcdn.net/rsrc.php/v3iAyw4/yY/l/th_TH/ Frame 9199 		1 MB
334 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAyw4/yY/l/th_TH/Dn-gGTen_7I.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d6b1ef2d417cb9da35554378e046faf97dee74af09f3f057408e6405018a2217
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kIGgoP8NN4ACkbH3SQVHmA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
341985
x-fb-rlafr
0
x-fb-debug
naiPntdT5MhWlxDTpnvDm6tTKbC63fVkq2EuWkwcLvqN5D+mROEISnYQhr06Iozwf6J1+7iXofE1MIOVCHvWqA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 28 Jan 2023 02:32:23 GMT
RICrecDQjt5.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 9199 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/RICrecDQjt5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2442d64a8a90cf982824a1dca7e8a1fb1d343ee500285b4e7a29c0dc560a486b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Bn3zKyb+/fDiXbzfDYRQZA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
8491
x-fb-rlafr
0
x-fb-debug
+CbMqiMqXlv1HBlnxfNDTR6657FsLYT2xfSRMytnP5OLS0JbdH1fU1d0OJqhXVejt1Hvpya632SOdkAbbdKNcA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 19 Jan 2023 20:14:32 GMT
0mXUH8sNNO_.js
static.xx.fbcdn.net/rsrc.php/v3ijN54/y6/l/th_TH/ Frame 9199 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ijN54/y6/l/th_TH/0mXUH8sNNO_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eff48724203b13bd047a0fa681890c2d24d8c49b65c966cb7fb87ab99a7ad117
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qwB6LdM6bpSdDIEDymjAbA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
11808
x-fb-rlafr
0
x-fb-debug
N7YjdGhl5ZsjmUPSSsICAOec8knkWwXarJF9vVavPXSz/v+cEM+OuNQ2X87PRKyOGBwYwWwI/zf7ZLuiRrwNqw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 26 Jan 2023 18:22:51 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36103152-15&cid=1026036103.1643624776&jid=2046304603&_u=KGBAAAACQAAAAC~&z=40684749
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36103152-15&cid=1026036103.1643624776&jid=2046304603&_u=KGBAAAACQAAAAC~&z=40684749
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advert.gif
code.th.giraff.io/data/ 		34 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.th.giraff.io/data/advert.gif
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
cf-cache-status
HIT
age
34
cf-polished
origFmt=gif, origSize=43
content-disposition
inline; filename="advert.webp"
content-length
34
last-modified
Thu, 21 Oct 2021 12:25:13 GMT
server
cloudflare
etag
"61715c29-2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 31 Jan 2022 10:26:42 GMT
cache-control
max-age=60
accept-ranges
bytes
cf-ray
6d623da75a6c909c-FRA
cf-bgj
imgq:85,h2pri
bulk
connect.thelead.tech/event/ 		76 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.thelead.tech/event/bulk
Requested by
Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.226 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p352-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
fd24324708424bc6ca927a66fb888fc4f909e27b459c0bef6f5f0cf96838e133
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 31 Jan 2022 10:26:17 GMT
vary
Origin
content-length
76
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
v2_kapookcom.js
data.th.giraff.io/track/ 		80 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.th.giraff.io/track/v2_kapookcom.js?r=&u=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&rand=0.3957899301177201&v=1_108_0&vis=1&callback=cbGeo205507866&sp=h
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
43.134.100.94 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
4ffca20268700828a4dda19ed5ab6a886f9bba14d04c879979a79bf1ef3e9354

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 9199 		251 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yh/l/2,cross/0LIv7hPw_zV.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yh/l/2,cross/0LIv7hPw_zV.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
x-content-type-options
nosniff
content-md5
VO922XrIvf6dPbMlbETwCQ==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
257139
x-fb-rlafr
0
x-fb-debug
WkjZNrktGjcK55kpVT/7fo/7g+SBa/d4dQIMYnHGbyIrMpxebKQYsnOGhFS8lKtdUDe6nSzuQO9a6P47gr6Hdw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 17 Jan 2023 17:58:54 GMT
odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 9199 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
x-content-type-options
nosniff
content-md5
8E8V7SJfv5OQxsrCIaL7hQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1131
x-fb-rlafr
0
x-fb-debug
rc2jEOBwe4XfT95dQzv4/dBvGVbOBMEcfad1zW5YPZN8iie1KTqFcN/bRKSuji+mNI9XCJ4pD0+Qmfaf5taivQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 28 Jan 2023 23:40:26 GMT
21230754_1777183392579089_2120598259671062681_n.jpg
scontent-amt2-1.xx.fbcdn.net/v/t1.18169-1/cp0/c0.0.48.48a/p48x48/ Frame 9199 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-amt2-1.xx.fbcdn.net/v/t1.18169-1/cp0/c0.0.48.48a/p48x48/21230754_1777183392579089_2120598259671062681_n.jpg?_nc_cat=109&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=iQsRLHuEs3MAX9dCOXK&_nc_ht=scontent-amt2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT9SDdKJlklDLdhKlT6WgsLJ2bm-6Q3pAFWMBvvCNHB1PQ&oe=621DD3D3
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ccde853e3803f5f4aa73c1530b0079b804177d46024d7088881aab990e6f651f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum
2029103340
date
Mon, 31 Jan 2022 10:26:17 GMT
x-fb-trip-id
1709462857
last-modified
Sat, 02 Sep 2017 23:43:05 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3423781199
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
itWFLqsAEqDThWEHaJCTA17MpsJDluf_jwVJ2w_gi5XZsknaNPscZ-b9__-3WsrLUyQ9KisagK4oGBtmRNLAvQ
cross-origin-resource-policy
cross-origin
x-needle-checksum
3385460804
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1407
323706_107010229414778_387809446_o.jpg
scontent-ams4-1.xx.fbcdn.net/v/t31.18172-1/cp0/c13.4.48.48a/p56x56/ Frame 9199 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.xx.fbcdn.net/v/t31.18172-1/cp0/c13.4.48.48a/p56x56/323706_107010229414778_387809446_o.jpg?_nc_cat=110&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=W8ECyg9U6voAX_gTpzD&_nc_ht=scontent-ams4-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT_jtMgroSlJMB4wuVIEc1GL1fxPnSUrLtuDhixZjZu7BA&oe=621BC8EB
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7a19395df49e314f95d80fcbe521c142f070beb113f31e1c29c53229e3af8133

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum
1301139145
date
Mon, 31 Jan 2022 10:26:17 GMT
x-fb-trip-id
1709462857
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3687487359
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
LYqjP4sUVY_Qp3YAftqXMMWlKDLqDh9Wh-4PEW5mDUUZVkpkwCRRaQ94VgU9eUjIt-ObOKGZvoZnBH9NYctcvA
cross-origin-resource-policy
cross-origin
x-needle-checksum
2697525858
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1351
84241059_189132118950875_4138507100605120512_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t1.30497-1/cp0/c14.0.48.48a/p48x48/ Frame 9199 		943 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.xx.fbcdn.net/v/t1.30497-1/cp0/c14.0.48.48a/p48x48/84241059_189132118950875_4138507100605120512_n.jpg?_nc_cat=1&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=-vB4yJqytlQAX--JasK&_nc_ht=scontent-ams4-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT8UVBtoGsEy_eSzM7HMewB4C4qBezvWd0dXwOVSwNZDGQ&oe=621B77A6
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e1b39537b4c41a887a67a106ce707c08ef9f388978cde7d79c032adda12c51c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum
2005931516
date
Mon, 31 Jan 2022 10:26:17 GMT
x-fb-trip-id
1709462857
last-modified
Thu, 30 Jan 2020 18:41:46 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3648183006
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3771084146
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
943
206759399_1843579745846507_8662739955903176159_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t1.6435-1/cp0/c0.6.48.48a/p48x48/ Frame 9199 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.xx.fbcdn.net/v/t1.6435-1/cp0/c0.6.48.48a/p48x48/206759399_1843579745846507_8662739955903176159_n.jpg?_nc_cat=110&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=u5LqWjOuBtIAX9Saulc&_nc_ht=scontent-ams4-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT_mI0V0qbXLg873l8WWzNooSVlQ4JV4ld5aAm0EXBxELQ&oe=621D1E28
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd7923704812%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff1b0463cab0839%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bfefa051db42fc478a08732213675b32111498697eb9b200717a1d638f07568e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum
3929238557
date
Mon, 31 Jan 2022 10:26:17 GMT
x-fb-trip-id
1709462857
last-modified
Mon, 28 Jun 2021 12:06:51 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3950427698
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2889749081
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1435
app_t.js
my.kapook.com/angular/app/content_relate/js/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/app/content_relate/js/app_t.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
2f54e8a76f78dc7236969087cfef1e06b5ef42fc4f96ab8c5dd29180e36267ec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
last-modified
Thu, 24 Jan 2019 03:24:25 GMT
etag
"5c492fe9-258d"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
9613
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:17 GMT
signin-drt.js
my.kapook.com/signin_2020/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/signin_2020/js/signin-drt.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
760ab9911c00c318c2ccfa343765c3c40fe4fd218137dc639cff9aacec12f8f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
last-modified
Wed, 20 May 2020 08:35:07 GMT
etag
"5ec4ebbb-c3e"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
3134
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:17 GMT
/
graph.facebook.com/v2.3/ 		262 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/v2.3/?id=https://hilight.kapook.com/view/154646&fields=og_object{engagement}&access_token=222400011275296|668e04dcb5543692e87188b1e4d8c92f&callback=jQuery19109607846639328783_1643624776039&_=1643624776040
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
838272d2a935721c3d5ad7ae1d0e38bb8ab0f715d960b264dbb3424c8a739dea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
etag
"75780e112357d3259865b525a0e85de1e9da6f91"
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
cross-origin-resource-policy
cross-origin
x-fb-rev
1004998486
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
185
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
i5LI47aO7kWp5Qjb2dvuCTFLmTbatXsGYs0EPkj801xQPCQyD+OMz1Vl36aAvURnQHO3j4A/z2IfFkivBiuQnQ==
x-fb-trace-id
BGFiZRF5dOE
date
Mon, 31 Jan 2022 10:26:17 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
A0F8WgtJdl2QCXo10iUS6ra
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v5.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 4B35 		941 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.719&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
560005b8eea65871f2ef7546da54f37827d92059ed24ff6ee8c0531dd55a9065

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
578
expires
Mon, 31 Jan 2022 10:26:17 GMT
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/143/container_56d8ee121c51b14f6e964404.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:40:46 GMT
Server
nginx/1.20.1
ETag
"61725cee-5149-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2526194
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6407
Expires
Tue, 01 Mar 2022 16:09:31 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.18.0
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=819754
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2875
Expires
Wed, 09 Feb 2022 22:08:51 GMT
/
graph.facebook.com/ 		231 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&callback=_grf_5987842169894515
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
687329e5aacc15e5587781f383704d562c43d8c540314468b4d7964d7d012629
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004998486
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
174
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
fat85zf0+GTNortATEBYcWdZevlfOrES/BstKnY0yztPSOdZKV3kcuU05ItiuMTLAn7VBdwo+mkrMw6K129R7w==
x-fb-trace-id
DC3Pxb3uSv2
date
Mon, 31 Jan 2022 10:26:17 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
A5cWsmzOEu6VweOHcchJFRf
cache-control
no-store
facebook-api-version
v5.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
share.php
vk.com/ 		21 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&index=0
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx / KPHP/7.4.110064
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
gzip
x-frontend
front226206
server
kittenx
x-powered-by
KPHP/7.4.110064
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
41
dk
connect.ok.ru/ 		25 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.155.208 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
ip208.155.odnoklassniki.ru
Software
apache /
Resource Hash
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security max-age=63072000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
br
vary
Accept-Encoding
rendered-blocks
WidgetExtLike
content-security-policy-report-only
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection
1; mode=block
pragma
no-cache
server
apache
strict-transport-security
max-age=63072000;includeSubdomains;preload
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options
nosniff
expires
Mon, 26 Jul 1997 05:00:00 GMT
goggen.php
lvs.truehits.in.th/ 		91 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs.truehits.in.th/goggen.php?hc=a0000034&rand=938048&bv=0&rf=bookmark&web=AkWPgAuc%2bNuSV1EEc3%2bzpw%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=54440BB0.1&fp=d&fv=-&truehitspage=hilight_content&truehitsurl=https%3a//hilight.kapook.com/view/154646
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.91.10 Ban Bang Yang, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-91-10.inter.net.th
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:17 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx/1.14.0 (Ubuntu)
content-type
image/jpeg
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
csi
csi.gstatic.com/ Frame 4B35 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kz2jr6jw&c=5075516511755&slotId=2537758255877.5&fb=ima_html5-lima&sdkv=h.3.496.0&ppt=Blue%20Billywig%20Player&ppv=6.x&mrd=9&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=44737473%2C44750824
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::5e Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 6B14 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8cf949a76f5f0889678adc2519ea0b25762cf4614092ac817f95b2da733478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18591
x-xss-protection
0
last-modified
Fri, 28 Jan 2022 21:07:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:38:47 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624777285&pp=pubmatic&ev=xld&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.719%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F154646&sdk=GOOGLE_IMA&sn=8
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:17 GMT
Via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
bo1mF3v9SMjV9IVO3GjuZI38G9MNOLxfWMLVhf0zY_JNDdU-GUs9DA==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624777286&pp=pubmatic&ev=xst&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.719%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F154646&sdk=GOOGLE_IMA&sn=9
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:17 GMT
Via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
cJxXUec0hrNnBe0-j6pPcIK-KdaBOI8CHWl2swKqeJFxWsOUQRtVYQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624777287&pp=pubmatic&ev=xit&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=5iIyfuJAmjMZ&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.719%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F154646&auc=kapook_outstream_live&lic=kapook_outstream_desktop&vastid=%5Bunknown%5D&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&sdk=GOOGLE_IMA&sn=10
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:17 GMT
Via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
UpeTDgAafHMVnB00SzHWSUOpkgYnUdaAJ6y4zHmCdfd8xausNW3n6w==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624777288&pp=pubmatic&ev=xls&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=5iIyfuJAmjMZ&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.719%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F154646&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&sdk=GOOGLE_IMA&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&vastid=%5Bunknown%5D&auc=kapook_outstream_live&lic=kapook_outstream_desktop&sn=11
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:17 GMT
Via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
ApH5wQVYgiMqxpkxg78jH31k0JAtuD2pAKAq95orAxqromPA9RC5-A==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624777289&pp=pubmatic&ev=xld&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=5iIyfuJAmjMZ&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.719%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F154646&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&sdk=GOOGLE_IMA&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&vastid=%5Bunknown%5D&auc=kapook_outstream_live&lic=kapook_outstream_desktop&sn=12
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:17 GMT
Via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
wuRhF2t2sD_c5hV9oHJET3W07A6Yh9jj_RvzCjMFKLrZen7_I6i3Bw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
my-profile.html
my.kapook.com/signin_2020/templates/ 		1 KB
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/signin_2020/templates/my-profile.html
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/angular/1.3.15/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d3b3a603c3c709ff564c8f2e3ea5703116008e997674664f3f341ead54bd6958
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept
application/json, text/plain, */*
Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 08:52:41 GMT
etag
W/"5ed8b659-4b4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:17 GMT
44884218_345707102882519_2446069589734326272_n.jpg
scontent-ams4-1.cdninstagram.com/v/t51.2885-19/ Frame 456E 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.cdninstagram.com/v/t51.2885-19/44884218_345707102882519_2446069589734326272_n.jpg?_nc_ht=scontent-ams4-1.cdninstagram.com&_nc_cat=1&_nc_ohc=P5m1Bw-PoA4AX8FDjK7&edm=AJBgZrYBAAAA&ccb=7-4&ig_cache_key=YW5vbnltb3VzX3Byb2ZpbGVfcGlj.2-ccb7-4&oh=00_AT83q7mb26UZFaRPQtLtz9xnRNuvd6VvDX5RQTK8qrlTiw&oe=61FF2F0F&_nc_sid=78c662
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f245:ca:face:b00c:0:43fe Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2b9c0914d8f3f0aa6cf86705df70b7b21e9ca2f9013a346463788e7cebd0158f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum
2903063741
date
Mon, 31 Jan 2022 10:26:17 GMT
x-fb-trip-id
1460883810
last-modified
Wed, 21 Nov 2018 19:35:46 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3129229475
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3129229475
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
28350
18888565_1020692311400431_4150847641158156288_n.jpg
scontent-ams4-1.cdninstagram.com/v/t51.2885-15/e15/ Frame 456E 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.cdninstagram.com/v/t51.2885-15/e15/18888565_1020692311400431_4150847641158156288_n.jpg?_nc_ht=scontent-ams4-1.cdninstagram.com&_nc_cat=107&_nc_ohc=H1VZhvHfNSwAX97MVd6&edm=AJBgZrYBAAAA&ccb=7-4&oh=00_AT_npbWoiB-L0jfYqyXiQSZc7fS8QG5armR9TmlTl6QXcA&oe=61FA5AA1&_nc_sid=78c662
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f245:ca:face:b00c:0:43fe Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a23d3f944b7fb9a83d30c6ec095056c662757a603c757e482fe3fb02f8cee724

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum
1353394591
date
Mon, 31 Jan 2022 10:26:17 GMT
x-fb-trip-id
1460883810
last-modified
Sat, 03 Jun 2017 00:30:48 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=104665260
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
PD87oIGGpsWIfrk--0-Mzs2muVBOfP_eMPT7IAriNcUfHPA5uYKRw5V8f1iGeGeKhb2mKom27ehJOrEoaIHAog
cross-origin-resource-policy
cross-origin
x-needle-checksum
577835563
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
86430
160330835_3714505558669373_53444060697068813_n.jpg
scontent-amt2-1.cdninstagram.com/v/t51.2885-15/e35/s150x150/ Frame 456E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-amt2-1.cdninstagram.com/v/t51.2885-15/e35/s150x150/160330835_3714505558669373_53444060697068813_n.jpg?_nc_ht=scontent-amt2-1.cdninstagram.com&_nc_cat=105&_nc_ohc=kEjU8-1n_oMAX8f4slE&edm=AJBgZrYBAAAA&ccb=7-4&oh=00_AT-fdHFHX9W0rf-igJJYF1vL3gbwSPKG8jZ0v59imFfqqw&oe=61FDF54A&_nc_sid=78c662
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f206:c4:face:b00c:0:43fe Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb1d7199f1d5f92f4041fc9492d6585df3fe7649cc089470022cb6a11d03c552

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum
2929240873
date
Mon, 31 Jan 2022 10:26:17 GMT
x-fb-trip-id
1425083115
last-modified
Tue, 16 Mar 2021 03:39:30 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1213526084
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
h4DqOlYuENdVm6uYPHp4dpvmpnMimUkigelD0bxA658C_07uMJOoNuFom4Fx-xGZi441KnYDyZaSBo6fZgTweQ
cross-origin-resource-policy
cross-origin
x-needle-checksum
2068453649
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
7224
152435817_277376173779908_2381735007719802053_n.jpg
scontent-ams4-1.cdninstagram.com/v/t51.2885-15/e35/s150x150/ Frame 456E 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.cdninstagram.com/v/t51.2885-15/e35/s150x150/152435817_277376173779908_2381735007719802053_n.jpg?_nc_ht=scontent-ams4-1.cdninstagram.com&_nc_cat=108&_nc_ohc=hTL_-sjdRu0AX_oJLb1&edm=AJBgZrYBAAAA&ccb=7-4&oh=00_AT_lzQJZkE3CvmL_t-BAKK53QD3jv3wANYkvgY-5LzWRfQ&oe=61FEE386&_nc_sid=78c662
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f245:ca:face:b00c:0:43fe Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
10a5e3dc12778209ae477e5cfa5bef90ffdf5f39eef4462d082a4859a8a27d4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum
617341105
date
Mon, 31 Jan 2022 10:26:17 GMT
x-fb-trip-id
1460883810
last-modified
Sun, 21 Feb 2021 03:10:56 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2992675959
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
ZnqLR-wAAdo7_n3UHKc-BtewPlCoO6su5x-8gITTrs_KFKUZ4kGFsSKs1wpa0O7DsgZqxvFqJkSjwSsI_bJS6Q
cross-origin-resource-policy
cross-origin
x-needle-checksum
2533567698
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
8734
a9bfede29ffd.css
www.instagram.com/static/bundles/es6/EmbedRichBase.css/ Frame 456E 		136 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedRichBase.css/a9bfede29ffd.css
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e82fe46ea35e4f8b5b77af10326e4c8b4ed4de59d17a765236e2920edd9528ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 19:22:58 GMT
content-encoding
br
etag
"a9bfede29ffd"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
16190
priority
u=3,i
476d4bbbff27.js
www.instagram.com/static/bundles/es6/EmbedRich.js/ Frame 456E 		1009 KB
235 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedRich.js/476d4bbbff27.js
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
80e9cee2b987f990e3f0f54b0abe631d50f353ba3527e87bfdc404d1db9d9415

Request headers

Referer
https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Origin
https://www.instagram.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 17:12:30 GMT
content-encoding
br
etag
"476d4bbbff27"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
240948
priority
u=3,i
6c7742894eb6.png
www.instagram.com/static/bundles/es6/sprite_embed_6c7742894eb6.png/ Frame 456E 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.instagram.com/static/bundles/es6/sprite_embed_6c7742894eb6.png/6c7742894eb6.png
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSimpleBase.css/b4e213565be7.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
23beda30424ac7c49957ce15299d0199803995498851441548cf89108a12871b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/static/bundles/es6/EmbedSimpleBase.css/b4e213565be7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 20:07:58 GMT
content-encoding
br
etag
"6c7742894eb6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
12978
priority
u=3,i
a9bfede29ffd.css
www.instagram.com/static/bundles/es6/EmbedRich.css/ Frame 456E 		136 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedRich.css/a9bfede29ffd.css
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSimple.js/cd913610ddcc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e82fe46ea35e4f8b5b77af10326e4c8b4ed4de59d17a765236e2920edd9528ef

Request headers

Referer
https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Origin
https://www.instagram.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:14:30 GMT
content-encoding
br
etag
"a9bfede29ffd"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
16190
priority
u=3,i
2fdc79aa66b0.png
www.instagram.com/static/bundles/es6/sprite_video_2fdc79aa66b0.png/ Frame 456E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.instagram.com/static/bundles/es6/sprite_video_2fdc79aa66b0.png/2fdc79aa66b0.png
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedRichBase.css/a9bfede29ffd.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
54c2687de64bd6df6f87c864412becc0ba8c43282e84fd5ef7949c347498b2c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.instagram.com/static/bundles/es6/EmbedRichBase.css/a9bfede29ffd.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 21:03:48 GMT
content-encoding
br
etag
"2fdc79aa66b0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
4684
priority
u=3,i
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		216 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1837806884664836&correlator=2151422480771485&output=ldjh&impl=fifs&eid=31063820%2C31064559%2C31064613%2C44752541&vrg=2022012505&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=16357739%2CBloomblock_Hilight_300x250_ATF_(18)%2CHilight_news_300_2_PC%2Chilight_news_728_pc%2Chilight_news_970_pc%2C1px_hilight_PC_inread%2Cskin_hilight%2Cgallery_desktop_728%2CHilight_inter_mob&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=1x1%7C300x250%2C300x250%7C1x1%7C300x600%2C728x90%7C1x1%2C970x250%7C1x1%2C1x1%2C1x1%7C1500x900%2C728x90%7C1x1%2C1x1&ists=1&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&prev_scp=pwtsid_pubmatic%3D18e2623769a4473%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D19b59f9b93ed298%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D203e3be6a979e74%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D21f9d426ce7bd37%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D22094cfda90d06e%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2354a67dd7d9f58%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2420ead02e2bf63%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D25aaa0e7df8a262%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&cookie_enabled=1&bc=31&abxe=1&dt=1643624777495&lmt=1643624777&dlt=1643624774515&idt=2219&frm=20&biw=1600&bih=1200&oid=2&adxs=1069%2C1069%2C436%2C315%2C231%2C100%2C-9%2C-9&adys=456%2C534%2C2540%2C424%2C680%2C301%2C-9%2C-9&adks=3445020646%2C719977154%2C937166789%2C4208516631%2C1060165196%2C1675199816%2C509936929%2C3326566163&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&vis=1&scr_x=0&scr_y=0&psz=300x1975%7C300x1975%7C728x-1%7C1138x32%7C798x1965%7C1500x-1%7C0x-1%7C0x-1&msz=300x0%7C300x250%7C728x-1%7C1002x32%7C798x0%7C1500x-1%7C0x-1%7C0x-1&ga_vid=1026036103.1643624776&ga_sid=1643624778&ga_hid=993890396&ga_fc=true&fws=0%2C512%2C0%2C0%2C0%2C512%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C0%7C0%7C0%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
4e4087eebf0773399b2b0f9622cb190d2632bc6beb7286e649bb48828b44eab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47137
x-xss-protection
0
google-lineitem-id
5445907630,5446139414,5445910228,5445903754,-2,-2,5410249604,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138319899124,138319434761,138319899841,138319897714,-2,-2,138315487331,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 40C7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 31 Jan 2022 10:26:17 GMT
expires
Tue, 31 Jan 2023 10:26:17 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2022012505.js
securepubads.g.doubleclick.net/gpt/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022012505.js?cb=31064559
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
c4d3bb7501412910640b50392cc9e51316f91509b99cd5fb124d1363546191d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 23:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
472318
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12991
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 15:13:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Jan 2023 23:14:19 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame AC68 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=136237
expires
Wed, 02 Feb 2022 00:16:54 GMT
date
Mon, 31 Jan 2022 10:26:17 GMT
vary
Accept-Encoding
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 6B14 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.719&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
/
avd.innity.com/dc/cb/ 		59 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.183.209 Central, Hong Kong, ASN36351 (SOFTLAYER, US),
Reverse DNS
d1.b7.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
2312b20796576ca482f317d6fd14bbf030dbdb6eeaefa08112a2c8249629fb59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jan 2022 10:26:18 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
application/javascript
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
list
a.giraff.io/rtb/match/ 		310 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.giraff.io/rtb/match/list
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
195.161.16.148 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
88b64e35a757c98dc1f37c8985aa47ebcc1aa69ef9cb19ae9f71e546dd9e17f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hilight.kapook.com
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
text/plain; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
me
api-center.kapook.com/v1/market/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-center.kapook.com/v1/market/me
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
kuid
Origin
https://hilight.kapook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-type
application/json; charset=UTF-8
content-length
21
vary
Accept-Encoding
access-control-allow-origin
https://hilight.kapook.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-headers
X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid,Kcuid,Token,Origin
me
api-center.kapook.com/v1/market/ 		55 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-center.kapook.com/v1/market/me
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/angular/1.3.15/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
237109949b73d2ee41a8d07042fc132ef14bcb34f443374eb98622686f62ca9f

Request headers

Accept
application/json, text/plain, */*
Kuid
Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hilight.kapook.com
access-control-allow-credentials
true
access-control-allow-headers
X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid,Kcuid,Token,Origin
content-length
79
ic_create.svg
my.kapook.com/signin_2017/svg/ 		630 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/signin_2017/svg/ic_create.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
591e83b3346c9a91bb0ac1c9c658fae064d1b61e238b2efb2f213215323a9882
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-276"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
630
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:17 GMT
ic_settings.svg
my.kapook.com/signin_2017/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/signin_2017/svg/ic_settings.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
27cccbf9ebf3d40c6f0e333a63884e8970b1ad2d87b45665cdba5bc299895fff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-476"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1142
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:17 GMT
sign-out.svg
my.kapook.com/signin_2017/svg/ 		709 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/signin_2017/svg/sign-out.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
9dfde2ba9c506a2ff3279b128416b5c9b53f819ffffa56c0756d7619a74543fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-2c5"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
709
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:17 GMT
switch2.svg
my.kapook.com/portal_config_desktop/header/svg/ 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/portal_config_desktop/header/svg/switch2.svg
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
5a298162070e6c98a3babbbacfb38fb188d1ea28e7f14c61524426b4414f2cba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.kapook.com/css/portal/theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-2f4"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
756
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:17 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame AC68 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80060379&p=156743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c4b5831681f69d6f57e2c49e8ba57da3a215671da52b420f56b42532b9a06dd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
399294.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399294.js?json=1&async=1&cs=utf-8&rand=0.08822980495897892&num=1&as=&callback=callback12876843699856733
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
1709875a319aaf84a4aa61ce208629664c11b250b17cf65122d722a8a6235f9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2A29 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.719&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

last-modified
Tue, 11 Jan 2022 05:13:08 GMT
etag
"1302647-9687-5d547824a78f1"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13928
content-type
text/html; charset=UTF-8
cache-control
public, max-age=136237
expires
Wed, 02 Feb 2022 00:16:54 GMT
date
Mon, 31 Jan 2022 10:26:17 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6B14 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.719&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
gzip
last-modified
Tue, 11 Jan 2022 05:13:08 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-9687-5d547824a78f1"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=136237
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13928
expires
Wed, 02 Feb 2022 00:16:54 GMT
fad5b93b9bd8.js
www.instagram.com/static/bundles/es6/EmbedAsyncLogger.js/ Frame 456E 		2 KB
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedAsyncLogger.js/fad5b93b9bd8.js
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSimple.js/cd913610ddcc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9546d11843004426bcd74f3713d0e531ae5cc97e28c8228fd68c7b5db8639ab3

Request headers

Referer
https://www.instagram.com/p/BU23z2nBI9_/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fhilight.kapook.com&rp=%2Fview%2F154646
Origin
https://www.instagram.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 21:05:27 GMT
content-encoding
br
etag
"fad5b93b9bd8"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
697
priority
u=3,i
match
c1.adform.net/serving/cookie/ Frame D6BF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 10:26:17 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 31 Jan 2022 10:26:17 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 1B32
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5549981198087158650
42 B
212 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5549981198087158650
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 10:26:17 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
sfopug013:0:38191
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5549981198087158650
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame C6CC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6e6061f7-b949-4a00-8a52-c95c38474c22&gdpr=0&gdpr_consent=
42 B
495 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6e6061f7-b949-4a00-8a52-c95c38474c22&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 10:26:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug020:0:375
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Mon, 31 Jan 2022 10:26:17 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x10 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6e6061f7-b949-4a00-8a52-c95c38474c22&gdpr=0&gdpr_consent=
Expires
Mon, 31 Jan 2022 10:26:16 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 5432 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 31 Jan 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
724248
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame D53C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059314664121694357
42 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059314664121694357
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 10:26:16 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug016:0:367
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 31 Jan 2022 10:26:17 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059314664121694357
Pug
simage2.pubmatic.com/AdServer/ Frame F0C0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yfe5SQACqVGINQBB&gdpr=0&gdpr_consent=&_test=Yfe5SQACqVGINQBB
1 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yfe5SQACqVGINQBB&gdpr=0&gdpr_consent=&_test=Yfe5SQACqVGINQBB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 10:26:17 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug011:0:444
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yfe5SQACqVGINQBB&gdpr=0&gdpr_consent=&_test=Yfe5SQACqVGINQBB
accept-ranges
bytes
date
Mon, 31 Jan 2022 10:26:17 GMT
via
1.1 varnish
x-served-by
cache-hhn4053-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1643624778.793872,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6B02
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ks-iSAfMT0R_lSHsoTbHFrnVm6k
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ks-iSAfMT0R_lSHsoTbHFrnVm6k
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 10:26:17 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug016:0:644
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Mon, 31 Jan 2022 10:26:18 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ks-iSAfMT0R_lSHsoTbHFrnVm6k
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 950D
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 31 Jan 2022 10:26:17 GMT
content-type
text/html; charset=utf-8
x-lat
amspug005:2:573
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Mon, 31 Jan 2022 10:26:17 GMT
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AC68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sx0nteK_QrqRzdP5cs9_hQ%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sx0nteK_QrqRzdP5cs9_hQ%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
184.30.24.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=63254
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 01 Feb 2022 04:00:31 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame AC68
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d2a661f7-b949-4200-b506-a61bc7fcbe88
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d2a661f7-b949-4200-b506-a61bc7fcbe88
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 31 Jan 2022 10:26:17 GMT
Server
MT3 4133 baa842e master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d2a661f7-b949-4200-b506-a61bc7fcbe88
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 10:26:16 GMT
mw
mwzeom.zeotap.com/ Frame AC68
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=34ee950f-2228-47b3-817d-39cef14d1b39&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=774fe80c1ee2ac65b8733d0d43cae203
  • https://spl.zeotap.com/?zdid=1332&zcluid=aa15d01dad8ca8cf
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=588fd5dd-456d-4179-6a50-c69563c03566&reqId=8dde394d-c0f0-43e9-7ba7-e2406478a307&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEFHZ3edvmG2OHxAwMWNS0y4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=588fd5dd-456d-4179-6a50-c69563c03566&reqId=8dde394d-c0f0-43e9-7ba7-e24...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEFHZ3edvmG2OHxAwMWNS0y4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=588fd5dd-456d-4179-6a50-c69563c03566&reqId=8dde394d-c0f0-43e9-7ba7-e2406478a307&zcluid=aa15d01dad8ca8cf&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6d623daf5fd96943-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEFHZ3edvmG2OHxAwMWNS0y4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=588fd5dd-456d-4179-6a50-c69563c03566&reqId=8dde394d-c0f0-43e9-7ba7-e2406478a307&zcluid=aa15d01dad8ca8cf&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AC68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjMxRDI3QjUtRTJCRi00MkJBLTkxQ0QtRDNGOTcyQ0Y3Rjg1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjMxRDI3QjUtRTJCRi00MkJBLTkxQ0QtRDNGOTcyQ0Y3Rjg1&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug019:0:316
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AC68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGuLMn43DQEJfeDKdy8Tfvg&google_cver=1
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGuLMn43DQEJfeDKdy8Tfvg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug018:0:373
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGuLMn43DQEJfeDKdy8Tfvg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame AC68 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 30 Jan 2022 10:26:17 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AC68
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6185691236742871475
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6185691236742871475
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:2311
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:17 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6185691236742871475
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame AC68
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=34ee950f-2228-47b3-817d-39cef14d1b39
42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=34ee950f-2228-47b3-817d-39cef14d1b39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:337
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=34ee950f-2228-47b3-817d-39cef14d1b39
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame AC68
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4034703976099959640&gdpr=0&gdpr_consent=
42 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4034703976099959640&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug008:0:416
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:17 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f1107879-d896-4c64-bb17-83e42dc84e12
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4034703976099959640&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AC68
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=y-h5cZ_gK3_QuCh_xO0yf8vsKSXQ4Sp1nuFNeD_H
42 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=y-h5cZ_gK3_QuCh_xO0yf8vsKSXQ4Sp1nuFNeD_H
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug015:0:377
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=y-h5cZ_gK3_QuCh_xO0yf8vsKSXQ4Sp1nuFNeD_H
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
B31D27B5-E2BF-42BA-91CD-D3F972CF7F85
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AC68 		43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B31D27B5-E2BF-42BA-91CD-D3F972CF7F85?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:5ce0:1e2e:863d:4da1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame AC68
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-qxZObjFE2uX2FmLkr_ljHg.uLrGMtLY-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-qxZObjFE2uX2FmLkr_ljHg.uLrGMtLY-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-qxZObjFE2uX2FmLkr_ljHg.uLrGMtLY-~A&gdpr=0&gdpr_consent=
date
Mon, 31 Jan 2022 10:26:17 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame AC68
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=24fa2d3b-5519-481d-a294-90f1c2076471&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=71bdb9d8-787d-46a1-8ebd-003a2939cef1&expires=1&user_group=5&ssp=pubmatic&bsw_param=24fa2d3b-5519-481d-a294-90f1c2076471
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=24fa2d3b-5519-481d-a294-90f1c2076471&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=24fa2d3b-5519-481d-a294-90f1c2076471&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug017:0:452
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=24fa2d3b-5519-481d-a294-90f1c2076471&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 31 Jan 2022 10:26:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame AC68
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3957117121314086987&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3957117121314086987&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:427
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3957117121314086987&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 31 Jan 2022 10:26:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame AC68 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B31D27B5-E2BF-42BA-91CD-D3F972CF7F85&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:18 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame AC68
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b19b9bfd-2092-4201-a1dd-af70dad85a2a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b19b9bfd-2092-4201-a1dd-af70dad85a2a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 06:14:11 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0028:0:451
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b19b9bfd-2092-4201-a1dd-af70dad85a2a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 31 Jan 2022 10:26:17 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
thumb_5832_5732f33c211fc.jpg
cms.kapook.com/uploads/tag/6/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.kapook.com/uploads/tag/6/thumb_5832_5732f33c211fc.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.241 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
7655cfb5f171a77dbbef37a9d7f871e1a36fd57521fe9946729775c0c7a89be3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
last-modified
Wed, 11 May 2016 08:54:20 GMT
etag
"4ae0c9-1c7f-5328d2ff64700"
content-type
image/jpeg
cache-control
max-age=1800, private, must-revalidate
accept-ranges
bytes
content-length
7295
kp-cache-status
MISS, MISS
expires
Mon, 31 Jan 2022 10:56:18 GMT
/
s.uuidksinc.net/match/246/ 		74 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/246/?remote_uid=1716471958
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
directadvert-sync
rtb.com.ru/ 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.com.ru/directadvert-sync?uid=1716471958
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.187 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:17 GMT
Cache-Control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server
nginx/1.18.0
Connection
keep-alive
P3p
CP="rtb.com.ru does not have a P3P policy"
sync.cgi
ssp.adriver.ru/cgi-bin/ 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=77&external_id=1716471958
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad14.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sync.gif
stat.media/counter/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.media/counter/sync.gif?system=directadvert&ext_uid=1716471958
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
sm-server1-1.ssel23.imcmdb.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:17 GMT
Server
nginx
Content-Type
image/gif
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
expires
0
/
s.uuidksinc.net/match/618/ 		74 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/618/?remote_uid=1716471958
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:17 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A717 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn8WawQut6kMjqZo_YpKKnUh6zD8WEqTbZkU9mGrjn7Cev9DY7YXZTTpTzqXS1sIjb8kTZSjcqQTqX5y4_c9QuTYczQ_C8Y03BYBML32wM_dFehJZLI4kdRPmbA0alRy8djeU4ItMwv8djx9Qrmuvfx6sHsDzvK70g15rVd1BFZwQBampil44-BzoRWo6BTJABiHDvboK6qyR43syNdep6iE6insPPLhP2Hta2pHnomUP6XaYKC-54XKF-iBG6iNKYWIyb80WVhmPjAGGdda0HoQfUzQ8BPOdXbOemD9Ni1V0oce7CKHd_0QgeerRrXIDZpTE6PhxpHuu5dvYqG23MXWvxSvbf&sai=AMfl-YT0bEZLd7l7DXWClXwHrILH6gKNdtg_Q-fTbqu7uk142k_eN4WH-LEWSldGlgpQCFtuMcW41gumTPyu69NC1hV90lbtCXAcgMbaEWb9WPypDVbop7FGZpMPBMm9OnNY&sig=Cg0ArKJSzLd-xbQLorW9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
22392.js
ads.rubiconproject.com/ad/ Frame A717 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=8949
access-control-allow-credentials
true
content-length
8916
expires
Mon, 31 Jan 2022 12:55:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A717 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:26:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2803 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufdBmDiv5R3WLvw-nr6_IFYH05QE-ZZ0yge9RkYCuKZl-PLcKVNCUj7gqW-ZhfZstj2AJcdaFYol682HOUIr3sBYUfsArHHc8nviIbJ0syrnTRTon3D-5yU8ICVepWQyqxtTwcKX4vclj1-8Su5ytxUtFtMSH1CZ7szsgcJ0xJcj1iraUMNDKJqqpHM-yrJ4QsE-_7qpq7fa8EFq3YcYgNZfj5K1VBy4fzuHnsV5Xkw8EGtLVYLqDPwy6qcbMnyqY5nBXhBuwNNyC0iLQ7dI_ntlSSTBxFBg848YWLO_AZa1SWefVzujxyRZfqfeN_hqCxnCuPa2vALyY&sai=AMfl-YQW6wRW0gZZVIHNoOrOV280D1jHMYbbwdoxaFcPbBNO8uCDRL-Imr9iDsIeaSKEpvpUQ-IA2IdX7dfcf4G_KrkjHY4HNgBbw4hL4ejD_1nSQU3ofcPPGglwZSq7oqZa&sig=Cg0ArKJSzFiR97mewzFdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
22392.js
ads.rubiconproject.com/ad/ Frame 2803 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=8949
access-control-allow-credentials
true
content-length
8916
expires
Mon, 31 Jan 2022 12:55:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2803 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:26:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3669 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKNha0ZHkK035T2XsNIg6mBlh3zvbNj8OB-cYIEEKf7XeZie31AJShjzqDTKDKYX0T_xF9JAr9EJC95nV-HpK9jJmU1lg13NyxGjTl7RItKkkNpnmbQC8eiytWhYwSsuzwWTcOjCwnHkcXK0NPkbkpODJrDmNqC73iEWSHt9F7OJNrp9zULNn0A-Gnn89pagyPXR9tUT3oJrMGSlEYpRzT8h5u6q-oYp974ARsOit0TDlpDkiT9zNkqUS5o3ktabovzUwFC7-1IZmCUTEtk2LT3W-4gU2fvMGuUJid3JrQkr2CnRKK1SY9O8gT-6bsBIcJIV0&sai=AMfl-YQ4Af4CgdC1pyYwTSAKV_qBX5fKEvmsDQjiBqsXVIMlZtagxmNB2T_mzTO6t5on2kgR-2WKXNjD1PzmbQ_6ADxniVWmNhHeouInhGoN3yz6UNB4MT-sGN-JbXzD53lq&sig=Cg0ArKJSzK_aJqESgM0WEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
22392.js
ads.rubiconproject.com/ad/ Frame 3669 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=8949
access-control-allow-credentials
true
content-length
8916
expires
Mon, 31 Jan 2022 12:55:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3669 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:26:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9A29 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZqIBOgleKgTK11zhpugMYskwv_KFeXukpS_zzV4TVg-pNoCagkN8yZ5qvCxrWaBu58JDiyB3kpK0trmpV31HZG1TFjOB-AtYJMt9ii9GUzj2J54P5dQUW86G3dwc-5fkokvrTFJK7wNBqYSZG1VwvnxCo6HCmhpe3FbUKWNKC4sYyXgdnRTGvQ9KLg5AQG_mmsrVc5n55zHb6OYH9dbxSMN6rzsRtE4E97KdO060oBBBzN0raMnrW-ok6BWSr6ee75jj5HEWHWBrULAaNZZS-ov-SHEpp3WPXze-yf4uHzxQPmLx4omCoGGLnrtxClq89fGNM&sai=AMfl-YT1MMEpcMrppVeNpw0WjB24l0LrMwat9ewIWk5Tsc5H6JHtI4c9W6qUxEQjKX1UAWGp57k4FQbFg5ojTMoJq8-y0LhpfZCw-7PgkW9g1U_cjaxqgCDuQYl24zyfZveU&sig=Cg0ArKJSzO97ivGvA0crEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
22392.js
ads.rubiconproject.com/ad/ Frame 9A29 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=8949
access-control-allow-credentials
true
content-length
8916
expires
Mon, 31 Jan 2022 12:55:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9A29 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:26:20 GMT
container.html
0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EAA6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 10:26:17 GMT
expires
Tue, 31 Jan 2023 10:26:17 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 6B14 		27 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=449&vw=798&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&cb=1643624777562&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fhilight.kapook.com%252Fview%252F154646&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fhilight.kapook.com%252Fview%252F154646&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-1-31%2010:26:18&ranreq=0.4158721426924803&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.719&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
1774394-15.js
smarttag.rubiconproject.com/a/22392/330930/ Frame A717 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774394-15.js?&cb=0.11889610818707008&tk_st=1&rf=https%3A//hilight.kapook.com/view/154646&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7b580ea807f6193c66917134ad66b70beccff85e744f0a32ee00fbe19e2c1040

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1028
Expires
Wed, 17 Sep 1975 21:32:10 GMT
1774396-15.js
smarttag.rubiconproject.com/a/22392/330930/ Frame 2803 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774396-15.js?&cb=0.22817951689722626&tk_st=1&rf=https%3A//hilight.kapook.com/view/154646&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7adc8e2d4c1826f7743be9905958f11884651e91ec1ecfe96f6e35a354fd57ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1019
Expires
Wed, 17 Sep 1975 21:32:10 GMT
1774398-2.js
smarttag.rubiconproject.com/a/22392/330930/ Frame 3669 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774398-2.js?&cb=0.383274708894364&tk_st=1&rf=https%3A//hilight.kapook.com/view/154646&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_2&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
75a8a35556e41adae2b687bbd93d42f97364aa126759827ce9d2d59b4b4f68af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1519
Expires
Wed, 17 Sep 1975 21:32:10 GMT
1774392-57.js
smarttag.rubiconproject.com/a/22392/330930/ Frame 9A29 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774392-57.js?&cb=0.39909293029070003&tk_st=1&rf=https%3A//hilight.kapook.com/view/154646&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
bc8608d544723b3b62ea0bf64fb2333bb1c32b5b827c98bfd3e820fc6e17453d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1006
Expires
Wed, 17 Sep 1975 21:32:10 GMT
399296.js
a.th.giraff.io/data/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399296.js?json=1&async=1&cs=utf-8&rand=0.10378434054925023&num=2&as=&nodupes=1&callback=callback421147883409162
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
6d6b09c15268cacba2ea1163546c274c8ad163adcd53426531b362f169157d27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
css2
fonts.googleapis.com/ Frame EAA6 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
URL: https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 10:15:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Jan 2022 10:26:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jan 2022 10:26:18 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame DA2C 		1 KB
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
URL: https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 10:22:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame DA2C 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js
Requested by
Host: 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
URL: https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7644
x-xss-protection
0
server
cafe
etag
6659623896352890502
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 10:24:53 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame DA2C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js
Requested by
Host: 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
URL: https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 10:24:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DA2C 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
URL: https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:26:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame DA2C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
URL: https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6123
x-xss-protection
0
server
cafe
etag
15358646999216992880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 10:22:52 GMT
l
www.google.com/ads/measurement/ Frame DA2C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6NwZ4DvEiuOq2qRAYOQgxKg608h9Hy3QAjeM8L7m7JBbKnEfWHjITxKsKdmG099nMsJj-aQBKyXa_YTAfYolQcFQhnA
Requested by
Host: 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
URL: https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
fccbdb50d0e11463e1edb3d8fcf7c364.js
www.gstatic.com/mysidia/ Frame DA2C 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
URL: https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 11:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11411
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 02:23:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 29 Apr 2022 11:58:10 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame EAA6 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
URL: https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 09:11:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7952
x-xss-protection
0
server
cafe
etag
4804491876264876803
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 09:11:18 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EAA6 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
URL: https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 04:18:41 GMT
x-content-type-options
nosniff
age
22057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 31 Jan 2023 04:18:41 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EAA6 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
URL: https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 15:05:15 GMT
x-content-type-options
nosniff
age
69663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 30 Jan 2023 15:05:15 GMT
621.json
id5-sync.com/g/v2/ 		213 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/621.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.34.105 , France, ASN16276 (OVH, FR),
Reverse DNS
p34.id5-sync.com
Software
/
Resource Hash
f94165d0245922b5a66938526efc1f8fc4b37cbf8bafeb65750e3f2c66b2c8d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://hilight.kapook.com
Date
Mon, 31 Jan 2022 10:26:17 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		44 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://hilight.kapook.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ 		63 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
cd2b23bf4dd16a9fcd8b9d8a0bca1fd5cf3438379bfa2b7f8065a9d162aa0468

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:18 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache
x-server
10.45.7.171
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		108 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
dd5bac462552abcca98d3831e8c81029534e357d5629164929fc2a54f88910bf

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 02 Mar 2022 10:26:18 GMT
399297.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399297.js?json=1&async=1&cs=utf-8&rand=0.814115652763842&num=1&as=2394155&callback=callback3996098183433041
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
385432ab21be0bfb7a0736a7f4c45d617ee25ea270af23a43fbc1c14f867a9bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
2188019.jpg
cdn.th.giraff.io/cdn/images/380x200/19/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/19/2188019.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf1f358d67c766451bcfeb1e982a19af544bbb63d606f5053c6e962499c4dd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
cf-cache-status
HIT
age
62529
cf-polished
qual=85, origFmt=jpeg, origSize=30407
access-control-max-age
1728000
content-disposition
inline; filename="2188019.webp"
content-length
12112
last-modified
Mon, 17 Jan 2022 06:42:06 GMT
server
cloudflare
etag
"61e50fbe-76c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 01 Mar 2022 17:04:09 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6d623db0e87190e0-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
2220494.jpg
cdn.th.giraff.io/cdn/images/380x200/94/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/94/2220494.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ab39d3d36ff0bee70fa082fa8c4d2817d924d17cef5d265e3a8275c02d90d0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
cf-cache-status
HIT
age
1175
cf-polished
degrade=85, origSize=48406, status=webp_bigger
access-control-max-age
1728000
content-length
23023
last-modified
Mon, 31 Jan 2022 10:05:06 GMT
server
cloudflare
etag
"61f7b452-bd16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 02 Mar 2022 10:06:43 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6d623db0e87490e0-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
2074258.jpg
cdn.th.giraff.io/cdn/images/380x200/58/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/58/2074258.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c69ec200a9633b0482402270b6cd0984f2e2d569da3437e0a34f85d8680a6605

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
cf-cache-status
HIT
age
29369
cf-polished
qual=85, origFmt=jpeg, origSize=22041
access-control-max-age
1728000
content-disposition
inline; filename="2074258.webp"
content-length
7438
last-modified
Fri, 14 Jan 2022 05:21:07 GMT
server
cloudflare
etag
"61e10843-5619"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 02 Mar 2022 02:16:49 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6d623db0e87590e0-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
logo.svg
code.th.giraff.io/data/ 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.th.giraff.io/data/logo.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd396cba7949e705825c1cfc7f12946cce49176ee3d7da4ca179aa864674674d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Oct 2021 08:35:11 GMT
server
cloudflare
age
41
etag
W/"6177bdbf-30d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
6d623db06df4909c-FRA
expires
Mon, 31 Jan 2022 10:26:37 GMT
js
tags.mathtag.com/notify/ Frame 3669 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWVRrME9HRTBNREF0WTJGbFpDMDBOREkyTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNDk0NDYyODk3NzI3NDY0NDIvODY1NjkwNi84MDQyNDEwLzkvV192cXJBcEFHdlVURzhSN1NybmlnMzFBc05sS3VFMFVEaFN3SFBDRnBSby8xLzkvMC8wLzE3NDkyMjYvMC8yMjI2MzIvODY4MTU4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjI0OTQ0NjI4OTc3Mjc0NjQ0Mi96cmgvMC82NDQ0LzQzLzk5OS8yLzJhMDM6MWIyMDo2OmYwMDA6Oi8wLjAwMC8xNjQzNjI0Nzc4LzE2NDM2MjgzNzgvOS8yMjM5Mi8/d0mdp0Vqj0et9mAmUfSJ5_qqcZ4&nodeid=1612&group=zrh&auctionid=6249446289772746442&shardkey=6249446289772746442&sid=8042410&cid=8656906&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F00722d20-5d60-4bdc-ac2c-0b51dffcda31%2F
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774398-2.js?&cb=0.383274708894364&tk_st=1&rf=https%3A//hilight.kapook.com/view/154646&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_2&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
9f29f14f4abc5e9221d143a370ca21e835fc075f5221a07de534b0161d81476a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1643624778
Last-Modified
Mon, 31 Jan 2022 10:26:18 GMT
Server
MMBD/3.300.0
x-mm-latency
24 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x26, zrh-bidder-x123
Connection
close
Expires
Mon, 31 Jan 2022 10:26:17 GMT
00722d20-5d60-4bdc-ac2c-0b51dffcda31
beacon-ams3.rubiconproject.com/beacon/d/ Frame 3669 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/00722d20-5d60-4bdc-ac2c-0b51dffcda31?oo=0&accountId=22392&siteId=330930&zoneId=1774398&sizeId=2&e=6A1E40E384DA563B6D6DA04C5C035F2BA7A016684F166DD8CC768E4664EF691D931B53235C17ED01C4C144468E32820E683D50851BF2EEDF195F5B6A224F891F1F34FDA6E55E63D6C9235166DC3A56916D3DECF250967BCF1272D7461B39453D6511B9F5F768927447D71DCFC6AFDD1961D2AC2EA64CE4562AA569F9DD0273EC9B5DE5C4E039B122F6885309A3EB45C1EF562BD0382BBE76BF7F532B6CE7F1BD9AC1E4097A3C1BC7E97CF45296F1EDBB49D74B9F3BCD659D
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774398-2.js?&cb=0.383274708894364&tk_st=1&rf=https%3A//hilight.kapook.com/view/154646&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_2&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:17 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
img
tags.mathtag.com/notify/ Frame 3669 		49 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWVRrME9HRTBNREF0WTJGbFpDMDBOREkyTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNDk0NDYyODk3NzI3NDY0NDIvODY1NjkwNi84MDQyNDEwLzkvV192cXJBcEFHdlVURzhSN1NybmlnX2piY3dVaDdfdWtZVnZqSGpnakF3Zy8xLzkvMC8wLzE3NDkyMjYvMC8yMjI2MzIvODY4MTU4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjI0OTQ0NjI4OTc3Mjc0NjQ0Mi96cmgvMC82NDQ0LzQzLzk5OS8yLzJhMDM6MWIyMDo2OmYwMDA6Oi8wLjAwMC8xNjQzNjI0Nzc4LzE2NDM2MjgzNzgvOS8yMjM5Mi8/trAQfVJyX77c56VJXW8EQjFPgaQ&nodeid=1612&group=zrh&auctionid=6249446289772746442&shardkey=6249446289772746442&sid=8042410&cid=8656906&price=BEBE1D3D9FC09D73&bp=a_agbbhd&nfy_act=LD5wfn0&type=burl&client=c2s&src=imp&bfip=185.29.132.46
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774398-2.js?&cb=0.383274708894364&tk_st=1&rf=https%3A//hilight.kapook.com/view/154646&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_2&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
x-mm-bid-request-time
1643624778
Last-Modified
Mon, 31 Jan 2022 10:26:18 GMT
Server
MMBD/3.300.0
x-mm-latency
18 (1)
Content-Type
image/gif
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x84, zrh-bidder-x123
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 31 Jan 2022 10:26:17 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A717 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774394-15.js?&cb=0.11889610818707008&tk_st=1&rf=https%3A//hilight.kapook.com/view/154646&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
57497199f9b1d717565cff26dd8727c37937159984fc901b27c6202efaaf65a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27099
x-xss-protection
0
server
sffe
etag
"1118 / 114 of 1000 / last-modified: 1643622412"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 31 Jan 2022 10:26:18 GMT
usync.html
eus.rubiconproject.com/ Frame 499A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774394-15.js?&cb=0.11889610818707008&tk_st=1&rf=https%3A//hilight.kapook.com/view/154646&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jan 2022 10:26:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
47fd5bcd-2743-4457-9c87-2fac64f0d348
beacon-ams3.rubiconproject.com/beacon/d/ Frame A717 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/47fd5bcd-2743-4457-9c87-2fac64f0d348?oo=0&accountId=22392&siteId=330930&zoneId=1774394&sizeId=15&e=6A1E40E384DA563B644F654EA43A8959E2CD9FD3CE540B693F6D9EB506E93D0160C792A3941E393613E73DD64220D1AE5ABF4BC26238BE1875CB946903FC2E92A3AB70EC17F1EB0AB8EFC21D83CF2A4C63AF685AF18256F395D4E6A34E77F1DE69EE63DB030D68401A4DDBA9C0535C11109478760DFABCFE32997889F1DA11D8
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:17 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
track
aktrack.pubmatic.com/ Frame 6B14 		0
0
track
aktrack.pubmatic.com/ Frame 4B35 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156743&s=670822&a=2752542&ts=1643624777&wa=0&e=96&ier=901
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-length
0
content-type
text/html
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624778389&pp=pubmatic&ev=xpf&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.719%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F154646&why=~~02~~Error%20901%3A%20An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%20Caused%20by%3A%20Error%3A%20Error%3A%20%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A101%2C%22errorMessage%22%3A%22Invalid%2FEmpty%20VAST%20Response%20from%20PubMatic%20~~02~~%20Server%22%2C%22actualErrorMessage%22%3A%22%3CVAST%20version%3D%5C%222.0%5C%22%3E%3C%2FVAST%3E%22%7D&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&sn=13
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
yTSN63IoX-F0szsnnAMRRSGs6Aka0az69-IwjMrpsR4M7KOD-fYzlw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624778390&pp=pubmatic&ev=xit&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=5iIyfuJAmjMZ&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.719%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F154646&auc=kapook_outstream_live&lic=kapook_outstream_desktop&vastid=%5Bunknown%5D&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=0&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&sdk=&sn=14
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
M7O9TStYG6tWUhVT1HklIcNn_PSKR95yVjVz2yiJkK9WgmoAUgobhQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624778391&pp=pubmatic&ev=xpf&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=5iIyfuJAmjMZ&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.719%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F154646&why=~~02~~Error%20901%3A%20An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%20Caused%20by%3A%20Error%3A%20Error%3A%20%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A101%2C%22errorMessage%22%3A%22Invalid%2FEmpty%20VAST%20Response%20from%20PubMatic%20~~02~~%20Server%22%2C%22actualErrorMessage%22%3A%22%3CVAST%20version%3D%5C%222.0%5C%22%3E%3C%2FVAST%3E%22%7D&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&auc=kapook_outstream_live&lic=kapook_outstream_desktop&vastid=%5Bunknown%5D&sn=15
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
PSMgqv6toQvsgahg38wOf8iG5OlxMAiTkjLr6geBE0J4lNKmYISYdw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=1gzJGJl1j81q&prid=&ts=1643624778399&pp=pubmatic&ev=xfn&id=5iIyfuJAmjMZ&et=View&cid=0&pid=IKUgzR17z6dy&pet=Session&abd=0&fs=0&sn=16
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-20.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
uE0Ex6iGb_-SSACPK2Klul7KZoZUIkzEzN4nuazABom1Gs1ECZOU3A==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9A29 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774392-57.js?&cb=0.39909293029070003&tk_st=1&rf=https%3A//hilight.kapook.com/view/154646&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
2cefb3cf5a7e18de67f37a4a34e3d7581a81b73d2043b0b2b38972a5420bcf9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27097
x-xss-protection
0
server
sffe
etag
"1118 / 583 of 1000 / last-modified: 1643622412"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 31 Jan 2022 10:26:18 GMT
usync.html
eus.rubiconproject.com/ Frame 5835 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774392-57.js?&cb=0.39909293029070003&tk_st=1&rf=https%3A//hilight.kapook.com/view/154646&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jan 2022 10:26:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
b5625339-c136-4c77-9075-0ef61ccde1e1
beacon-ams3.rubiconproject.com/beacon/d/ Frame 9A29 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/b5625339-c136-4c77-9075-0ef61ccde1e1?oo=0&accountId=22392&siteId=330930&zoneId=1774392&sizeId=57&e=6A1E40E384DA563B302FAF33020F92026C6056C8EB3EDC436D1D2254FCA4AAE5ED8F4B2154AD26E6AA81677B72AD65505ABF4BC26238BE18EFE3B34989BE8F93A3AB70EC17F1EB0AB8EFC21D83CF2A4C63AF685AF18256F395D4E6A34E77F1DEDE6B6D66094905A5FE0E6058494BF28EE1501A5C29ACF5C995BCEA9A1A431B34
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:17 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2803 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774396-15.js?&cb=0.22817951689722626&tk_st=1&rf=https%3A//hilight.kapook.com/view/154646&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
01f76591dd222ad3b8e6c366ef28be06a10479115fc328c8093d04e5102bee59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27246
x-xss-protection
0
server
sffe
etag
"1118 / 337 of 1000 / last-modified: 1643622412"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 31 Jan 2022 10:26:18 GMT
usync.html
eus.rubiconproject.com/ Frame 7B70 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774396-15.js?&cb=0.22817951689722626&tk_st=1&rf=https%3A//hilight.kapook.com/view/154646&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jan 2022 10:26:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
952ff736-ac7d-4275-96ed-38be708b6764
beacon-ams3.rubiconproject.com/beacon/d/ Frame 2803 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/952ff736-ac7d-4275-96ed-38be708b6764?oo=0&accountId=22392&siteId=330930&zoneId=1774396&sizeId=15&e=6A1E40E384DA563BDE70445E26FB36082DEA045F59DD7B92DC8788C02DA3C1BB5DF572F9405156898CEF77132434D7C4683D50851BF2EEDF2B026297DA59487C1F34FDA6E55E63D6C9235166DC3A569164F8EA6123DAAC473FE7F660BD1BD2ADB064B976DDADB8AFC3F13BBAB0DCC8DD109478760DFABCFE32997889F1DA11D8
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:17 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 499A 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
73aa0b3eb13e34e7e7030368de080660d9ca41b583ad4eada429df8d631f5a47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=22548
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Mon, 31 Jan 2022 16:42:06 GMT
pubads_impl_2022012505.js
securepubads.g.doubleclick.net/gpt/ Frame A717 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
57ee1c89673fa47b2b3e28d42c8119c5d66b5e6cd2b9001418a969ca4c515299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 09:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122166
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 15:13:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 31 Jan 2023 09:54:18 GMT
usync.js
eus.rubiconproject.com/ Frame 5835 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
73aa0b3eb13e34e7e7030368de080660d9ca41b583ad4eada429df8d631f5a47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=22548
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Mon, 31 Jan 2022 16:42:06 GMT
posdjza6jyw1
hal9000.redintelligence.net/zone/ Frame 3669 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/posdjza6jyw1?subid=&gdpr=0&gdpr_consent=&rnd=6249446289772746442&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dc2b97ab49006d969b56403631f0b2a9f485f9d95%26mt_aid%3D6249446289772746442%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D8042410%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_cid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F00722d20-5d60-4bdc-ac2c-0b51dffcda31%2F%26redirect%3D
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
8218efa762dd579c3a97e371d17bdb9d30b5c32083d95548b07930412e4a08c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2946
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame 3669 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=6249446289772746442&v3=868158&v4=8042410&v5=8656906&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWVRrME9HRTBNREF0WTJGbFpDMDBOREkyTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNDk0NDYyODk3NzI3NDY0NDIvODY1NjkwNi84MDQyNDEwLzkvV192cXJBcEFHdlVURzhSN1NybmlnMzFBc05sS3VFMFVEaFN3SFBDRnBSby8xLzkvMC8wLzE3NDkyMjYvMC8yMjI2MzIvODY4MTU4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjI0OTQ0NjI4OTc3Mjc0NjQ0Mi96cmgvMC82NDQ0LzQzLzk5OS8yLzJhMDM6MWIyMDo2OmYwMDA6Oi8wLjAwMC8xNjQzNjI0Nzc4LzE2NDM2MjgzNzgvOS8yMjM5Mi8/d0mdp0Vqj0et9mAmUfSJ5_qqcZ4&nodeid=1612&group=zrh&auctionid=6249446289772746442&shardkey=6249446289772746442&sid=8042410&cid=8656906&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F00722d20-5d60-4bdc-ac2c-0b51dffcda31%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master zrh-pixel-x11 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Server
MT3 4133 baa842e master zrh-pixel-x11 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 31 Jan 2022 10:26:17 GMT
img
tags.mathtag.com/event/ Frame 3669 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=6249446289772746442&st=8042410&time=1643624778&nodeid=1612
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWVRrME9HRTBNREF0WTJGbFpDMDBOREkyTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNDk0NDYyODk3NzI3NDY0NDIvODY1NjkwNi84MDQyNDEwLzkvV192cXJBcEFHdlVURzhSN1NybmlnMzFBc05sS3VFMFVEaFN3SFBDRnBSby8xLzkvMC8wLzE3NDkyMjYvMC8yMjI2MzIvODY4MTU4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjI0OTQ0NjI4OTc3Mjc0NjQ0Mi96cmgvMC82NDQ0LzQzLzk5OS8yLzJhMDM6MWIyMDo2OmYwMDA6Oi8wLjAwMC8xNjQzNjI0Nzc4LzE2NDM2MjgzNzgvOS8yMjM5Mi8/d0mdp0Vqj0et9mAmUfSJ5_qqcZ4&nodeid=1612&group=zrh&auctionid=6249446289772746442&shardkey=6249446289772746442&sid=8042410&cid=8656906&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F00722d20-5d60-4bdc-ac2c-0b51dffcda31%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Server
MMBD/3.300.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x90, zrh-bidder-x123
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 31 Jan 2022 10:26:17 GMT
js
sync.mathtag.com/sync/ Frame 3669 		1 KB
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvWVRrME9HRTBNREF0WTJGbFpDMDBOREkyTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyNDk0NDYyODk3NzI3NDY0NDIvODY1NjkwNi84MDQyNDEwLzkvV192cXJBcEFHdlVURzhSN1NybmlnMzFBc05sS3VFMFVEaFN3SFBDRnBSby8xLzkvMC8wLzE3NDkyMjYvMC8yMjI2MzIvODY4MTU4LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNjI0OTQ0NjI4OTc3Mjc0NjQ0Mi96cmgvMC82NDQ0LzQzLzk5OS8yLzJhMDM6MWIyMDo2OmYwMDA6Oi8wLjAwMC8xNjQzNjI0Nzc4LzE2NDM2MjgzNzgvOS8yMjM5Mi8/d0mdp0Vqj0et9mAmUfSJ5_qqcZ4&nodeid=1612&group=zrh&auctionid=6249446289772746442&shardkey=6249446289772746442&sid=8042410&cid=8656906&bp=a_agbbhd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.46&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F00722d20-5d60-4bdc-ac2c-0b51dffcda31%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master zrh-pixel-x13 config:1.0.0 /
Resource Hash
c5a6c9416396a1c70ec5fddb90a0ccbd1446a6954e6b7e25fc3e9dbb226b7260

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Encoding
gzip
Server
MT3 4133 baa842e master zrh-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Type
text/javascript
Expires
Mon, 31 Jan 2022 10:26:17 GMT
usync.js
eus.rubiconproject.com/ Frame 7B70 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
73aa0b3eb13e34e7e7030368de080660d9ca41b583ad4eada429df8d631f5a47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=22548
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Mon, 31 Jan 2022 16:42:06 GMT
pubads_impl_2022012501.js
securepubads.g.doubleclick.net/gpt/ Frame 9A29 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
346e6776ffc7796ca15034c67c043bad204bb5295a56186d04625aa7b7985748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 08:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8728
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122264
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 09:35:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 31 Jan 2023 08:00:50 GMT
399299.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399299.js?json=1&async=1&cs=utf-8&rand=0.5526070515625718&num=1&as=2367467%3A2273324&nodupes=1&callback=callback33847431087436397
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
7ef9e15dad9ea0f6269903aae00eb226b923ed4ca0829e38adb07125c47ef2e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
request.php
hal900013.redintelligence.net/ Frame 3669
Redirect Chain
  • https://hal900013.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=e5464f8714&subid=&uid=e296b497604fdc21&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900013.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=e5464f8714&subid=&uid=e296b497604fdc21&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900013.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=e5464f8714&subid=&uid=e296b497604fdc21&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dc2b97ab49006d969b56403631f0b2a9f485f9d95%26mt_aid%3D6249446289772746442%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D8042410%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_cid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F00722d20-5d60-4bdc-ac2c-0b51dffcda31%2F%26redirect%3D&documentReferer=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&ancestorOrigins=https%3A%2F%2Fhilight.kapook.com&random=715718448509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Server
116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
ab3227363c362a156c2e88a6f1319a1caa60426472943549a07520cecc40cd4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
13359400123598602142767011856013
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
726
Expires
Mon, 31 Jan 2022 10:26:18 +0100

Redirect headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:18 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=e5464f8714&subid=&uid=e296b497604fdc21&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dc2b97ab49006d969b56403631f0b2a9f485f9d95%26mt_aid%3D6249446289772746442%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D8042410%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_cid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F00722d20-5d60-4bdc-ac2c-0b51dffcda31%2F%26redirect%3D&documentReferer=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&ancestorOrigins=https%3A%2F%2Fhilight.kapook.com&random=715718448509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 31 Jan 2022 10:26:18 +0100
pubads_impl_2022012601.js
securepubads.g.doubleclick.net/gpt/ Frame 2803 		355 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064575
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
097f27605ca0d079486d606eb3ab573a5685710b4f6d9d906327bcbffa45bec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 30 Jan 2022 18:58:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122255
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 09:34:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 18:58:07 GMT
integrator.js
adservice.google.de/adsid/ Frame A717 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A717 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A717 		27 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2200096906540132&correlator=3052904593708156&output=ldjh&impl=fif&eid=31064559&vrg=2022012505&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=16357739%2CBloomblock_Hilight_300x250_ATF_(18)&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C336x280%7C300x250&prev_scp=passback%3Dmagnite&cookie=ID%3Dd9868ac6063286b0-22e924b12fcd00cb%3AT%3D1643624777%3AS%3DALNI_MaoY4Vp2s8kKE3QXmRZ38eO4HX7MQ&cdm=hilight.kapook.com&bc=31&abxe=1&dt=1643624778581&lmt=1643624778&dlt=1643624778013&idt=560&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1069&adys=706&adks=3850129567&ucis=1jr5efct7xec&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&top=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1026036103.1643624776&ga_sid=1643624779&ga_hid=300010538&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
788454b8d7c4d482fd0a3110d4ee3c29ff7d4ce88935dc52d470b0fbfafbcb35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13817
x-xss-protection
0
google-lineitem-id
5409938773
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138315522807
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cb8d1f4986f623ba0acd23f7d05df274.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4D44 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cb8d1f4986f623ba0acd23f7d05df274.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 31 Jan 2022 10:26:18 GMT
expires
Tue, 31 Jan 2023 10:26:18 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
709414.gif
id.rlcdn.com/ Frame 499A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 499A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yfe5SQACqVGINQBB
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yfe5SQACqVGINQBB
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643624779.597135,VS0,VE0
x-served-by
cache-hhn4053-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yfe5SQACqVGINQBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 499A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODA3OWMyZWFiZDIzY2U2OTg4Y2I1MWVhNmUyMTZjZDM5MzJkMWI5Zg
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODA3OWMyZWFiZDIzY2U2OTg4Y2I1MWVhNmUyMTZjZDM5MzJkMWI5Zg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODA3OWMyZWFiZDIzY2U2OTg4Y2I1MWVhNmUyMTZjZDM5MzJkMWI5Zg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
750589468d5634b7e99830971becaf64
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 499A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL5NjVxaQQ2RocnoYORidJU&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL5NjVxaQQ2RocnoYORidJU&google_cver=1
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL5NjVxaQQ2RocnoYORidJU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 499A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6e6061f7-b949-4a00-8a52-c95c38474c22&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6e6061f7-b949-4a00-8a52-c95c38474c22&expires=28
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/gif

Redirect headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Server
MT3 4133 baa842e master zrh-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6e6061f7-b949-4a00-8a52-c95c38474c22&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 31 Jan 2022 10:26:17 GMT
tap.php
pixel.rubiconproject.com/ Frame 499A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/qelvhOIyLbwEt9edP2OyJQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7554107493387294917
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7554107493387294917
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/gif

Redirect headers

date
Mon, 31 Jan 2022 10:26:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7554107493387294917
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
rubicon
match.adsrvr.org/track/cmf/ Frame 499A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 499A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ2JR7JD-P-M8E8&sigv=1&esig=2~719aa25c0466de186f614a218c42861bf2483aae
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ2JR7JD-P-M8E8&sigv=1&esig=2~719aa25c0466de186f614a218c42861bf2483aae
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:19 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ2JR7JD-P-M8E8&sigv=1&esig=2~719aa25c0466de186f614a218c42861bf2483aae
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
integrator.js
adservice.google.de/adsid/ Frame 9A29 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9A29 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9A29 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2056054218578780&correlator=3217457767150209&output=ldjh&impl=fif&eid=31064562%2C31063706&vrg=2022012501&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=16357739%2Chilight_news_970_pc&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C1x1&prev_scp=passback%3Dmagnite&cookie=ID%3Dd9868ac6063286b0-22e924b12fcd00cb%3AT%3D1643624777%3AS%3DALNI_MaoY4Vp2s8kKE3QXmRZ38eO4HX7MQ&cdm=hilight.kapook.com&bc=31&abxe=1&dt=1643624778659&lmt=1643624778&dlt=1643624778041&idt=591&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=2&adxs=315&adys=424&adks=1922974829&ucis=1idxv5nnd0gz&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&top=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&vis=1&scr_x=0&scr_y=0&psz=970x0&msz=970x0&ga_vid=1026036103.1643624776&ga_sid=1643624779&ga_hid=1918297420&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
adc44a67cc045e239d9ff06bce160d60731db6958ada5e03fa90ccf1d64e572b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9695
x-xss-protection
0
google-lineitem-id
5409937915
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138315522582
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9148 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 31 Jan 2022 10:26:18 GMT
expires
Tue, 31 Jan 2023 10:26:18 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 2803 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2803 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2803 		27 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3107133697429436&correlator=369054947120636&output=ldjh&impl=fif&eid=31064575&vrg=2022012601&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=16357739%2CHilight_news_300_2_PC&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x250%7C336x280&prev_scp=passback%3Dmagnite&cookie=ID%3Dd9868ac6063286b0-22e924b12fcd00cb%3AT%3D1643624777%3AS%3DALNI_MaoY4Vp2s8kKE3QXmRZ38eO4HX7MQ&cdm=hilight.kapook.com&bc=31&abxe=1&dt=1643624778697&lmt=1643624778&dlt=1643624778019&idt=660&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1069&adys=1034&adks=999895451&ucis=dcu5wox17a8e&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&top=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1026036103.1643624776&ga_sid=1643624779&ga_hid=91870004&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
76eb36ff42d1ea0fc16db979853319b6c7cfc52a843096121254b805c2351ffb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13798
x-xss-protection
0
google-lineitem-id
5409938773
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138315522807
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4949fd248cb1b5b9b5af33da392e16d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 523C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4949fd248cb1b5b9b5af33da392e16d8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 31 Jan 2022 10:26:18 GMT
expires
Tue, 31 Jan 2023 10:26:18 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
avd.innity.com/dc/ 		43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=143&cuid=283f9763d39470b85f3cb0223acd5233&cb=1643624778723&douid=&sess=95935263.143.1643624778722&dur=0&ref=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&srf=&pk=&pt=%E0%B8%8A%E0%B8%B4%E0%B8%A5%E0%B9%84%E0%B8%9B%E0%B9%84%E0%B8%AB%E0%B8%A1%E0%B8%9E%E0%B8%B5%E0%B9%88%20%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B8%95%E0%B8%B1%E0%B8%94%E0%B8%AB%E0%B8%8D%E0%B9%89%E0%B8%B2%E0%B9%81%E0%B8%9A%E0%B8%9A%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B8%84%E0%B8%B9%E0%B8%A5%20%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%AA%E0%B8%B0%E0%B8%94%E0%B8%B8%E0%B9%89%E0%B8%87%E0%B8%AA%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%B7%E0%B8%AD%E0%B8%99%E0%B9%81%E0%B8%A1%E0%B9%89%E0%B8%A1%E0%B8%B5%E0%B8%97%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B8%99%E0%B8%B2%E0%B9%82%E0%B8%94%E0%B8%AD%E0%B8%A2%E0%B8%B9%E0%B9%88%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%AB%E0%B8%A5%E0%B8%B1%E0%B8%87&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.183.209 Central, Hong Kong, ASN36351 (SOFTLAYER, US),
Reverse DNS
d1.b7.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:18 GMT
Last-Modified
Mon, 31 Jan 2022 10:26:18 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/ 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=283f9763d39470b85f3cb0223acd5233&type=cookie&itmcb=1643624778723
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.183.209 Central, Hong Kong, ASN36351 (SOFTLAYER, US),
Reverse DNS
d1.b7.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Jan 2022 10:26:18 GMT
Last-Modified
Mon, 31 Jan 2022 10:26:18 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
view.aspx
pb.media01.eu/ Frame 8120
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873f714a4f7a77e9260?subid=13359400123598602142767011856013&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=13359400123598602142767011856013&actionid=879111&produktid=ratenkredit&dt_url=
0
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=13359400123598602142767011856013&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=e5464f8714&subid=&uid=e296b497604fdc21&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dc2b97ab49006d969b56403631f0b2a9f485f9d95%26mt_aid%3D6249446289772746442%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D8042410%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_cid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F00722d20-5d60-4bdc-ac2c-0b51dffcda31%2F%26redirect%3D&documentReferer=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&ancestorOrigins=https%3A%2F%2Fhilight.kapook.com&random=715718448509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Mon, 31 Jan 2022 11:26:18 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Mon, 31 Jan 2022 10:26:18 GMT
content-length
0

Redirect headers

Server
nginx/1.19.7
Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Keep-Alive
timeout=20
X-Powered-By
PHP/7.2.34
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials
true
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=13359400123598602142767011856013&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID
B9D59BA9:E012_91EFC182:01BB_61F7B94A_13550E5C:297E9
X-IPLB-Instance
40028
Cache-control
private
request_content.php
hal900013.redintelligence.net/ Frame 0914 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900013.redintelligence.net/request_content.php?s=13359400123598602142767011856013&a=e7302707
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=posdjza6jyw1&nw=20&renderingType=javascript&namespace=e5464f8714&subid=&uid=e296b497604fdc21&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dc2b97ab49006d969b56403631f0b2a9f485f9d95%26mt_aid%3D6249446289772746442%26mt_id%3D8656906%26mt_adid%3D222632%26mt_sid%3D8042410%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_cid%3D6e6061f7-b949-4a00-8a52-c95c38474c22%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F00722d20-5d60-4bdc-ac2c-0b51dffcda31%2F%26redirect%3D&documentReferer=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&ancestorOrigins=https%3A%2F%2Fhilight.kapook.com&random=715718448509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
fa43a878dda1b74b5e4047573ccb38b2e3ae27e6c0be2de27a46e9bc1a4fb34f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 31 Jan 2022 10:26:18 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1530
Connection
close
Content-Type
text/html; charset=utf-8
iframe
sync.mathtag.com/sync/ Frame CFC5 		629 B
747 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/iframe?mt_uuid=6e6061f7-b949-4a00-8a52-c95c38474c22&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master zrh-pixel-x3 config:1.0.0 /
Resource Hash
048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Type
text/html
Connection
close
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x3 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires
Mon, 31 Jan 2022 10:26:17 GMT
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame DAD8 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Jan 2022 10:26:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
img
sync.mathtag.com/misc/ Frame 3669 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master zrh-pixel-x24 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Server
MT3 4133 baa842e master zrh-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 31 Jan 2022 10:26:17 GMT
399300.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399300.js?json=1&async=1&cs=utf-8&rand=0.7660387851783794&num=1&as=2394155%3A2393696&callback=callback9408743076899049
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
83493fdeb3c9624ec662b644bbe6cb67658ca92099fe133b65519bcc21b235ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
2219970.jpg
cdn.th.giraff.io/cdn/images/380x200/70/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/70/2219970.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5100403fd55efee512ad647863e318d995da33be2c3cd513e351f90e6a30961c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
cf-cache-status
HIT
age
18819
cf-polished
qual=85, origFmt=jpeg, origSize=39550
access-control-max-age
1728000
content-disposition
inline; filename="2219970.webp"
content-length
17454
last-modified
Mon, 31 Jan 2022 05:05:06 GMT
server
cloudflare
etag
"61f76e02-9a7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 02 Mar 2022 05:12:39 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6d623db31e2390e0-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
usync.js
eus.rubiconproject.com/ Frame DAD8 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
73aa0b3eb13e34e7e7030368de080660d9ca41b583ad4eada429df8d631f5a47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=22548
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Mon, 31 Jan 2022 16:42:06 GMT
img
sync.mathtag.com/misc/ Frame CFC5 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=6e6061f7-b949-4a00-8a52-c95c38474c22&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master zrh-pixel-x14 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.mathtag.com/sync/iframe?mt_uuid=6e6061f7-b949-4a00-8a52-c95c38474c22&no_iframe=1&mt_lim=2&type=1,2&source=bidder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Server
MT3 4133 baa842e master zrh-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 31 Jan 2022 10:26:17 GMT
pb_ratenkredit_728x90.jpg
ad-server.eu/wm/pb/rate/aktion/ Frame 0914
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873f714a4f7a77e9260?subid=13359400123598602142767011856013
  • https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_728x90.jpg
102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_728x90.jpg
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=13359400123598602142767011856013&a=e7302707
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
6c027c52a9e2fea6d7e3442fcc8d40259dfb8906365f400cae056f7255d009e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900013.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:31:44 GMT
Last-Modified
Mon, 17 Jan 2022 11:33:47 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"61e5541b-196d2"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
104146

Redirect headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Server
nginx/1.19.7
X-IPLB-Request-ID
B9D59BA9:E012_91EFC182:01BB_61F7B94A_13550E73:297E9
X-Powered-By
PHP/7.2.34
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_728x90.jpg
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
viewability
hal900013.redintelligence.net/ Frame 0914 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900013.redintelligence.net/viewability?s=13359400123598602142767011856013&a=d802f74f&vb=m
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=13359400123598602142767011856013&a=e7302707
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900013.redintelligence.net/request_content.php?s=13359400123598602142767011856013&a=e7302707
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 0914 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/24i/tools/js/ Frame 0914 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by
Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=13359400123598602142767011856013&a=e7302707
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900013.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:26:18 GMT
Last-Modified
Tue, 03 May 2016 20:54:50 GMT
Server
nginx
ETag
"5729101a-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
399302.js
a.th.giraff.io/data/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399302.js?json=1&async=1&cs=utf-8&rand=0.7416399163671066&num=2&as=2367467%3A2273324&nodupes=1&callback=callback2916344439901677
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
eb768943f83809a545248caa9c62020cbdb6ef85f46bb7458ed058aff02db31f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
container.html
675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6594 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 10:26:18 GMT
expires
Tue, 31 Jan 2023 10:26:18 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 01B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfEr5GUylEwpIt_q6Ms31wpOD0RBntijDChYbgyLAn0m_jBzy0SrTpn44Ha1IkLU7pDTlm8HSpu5u45Q3lZpAT_KU0h4kwrQ5o1BN1Jzzrnnq7jYsiHUc89HJ64zO21FjdYCn_ydg1IiU9k9Es6htKrDigr3BO5PFJQBG0t2JIRNdM5qnZZLn86gIum8s0ce9FWVCXC1gp6FF9nC2Y44bpev0ifVNQpKlF5-xgzTC064qRIAxjvza9vNFaoG0m4OwBV_6fDiBNHwrsK9aACxHgbrzWAPSzCf1o4zpGZ-VdDmlhXzowfw-WrWKQrRFWAtJX3tZmjg&sig=Cg0ArKJSzG_cB3pi9abnEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
createjs.min.js
code.createjs.com/1.0.0/ Frame 01B2 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064575
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f7::5c7b:e051 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:19 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:41:19 GMT
300x250.js
i.kapook.com/gorralit/kapookmarket1/300x250/ Frame 01B2 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/300x250.js?1593430650619
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064575
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d094b1b98f3193b96465288be265ab2825b25a2fb049dec8d7967b308e6f0510
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:20 GMT
last-modified
Mon, 29 Jun 2020 12:17:35 GMT
etag
"5ef9dbdf-65d2"
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
26066
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 01B2 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:26:20 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6594 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com
URL: https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:18:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 31 Jan 2023 10:18:36 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 6594 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: 675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com
URL: https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f7::5c7b:e051 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:19 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:41:19 GMT
970x250.js
i.kapook.com/gorralit/kapookmarket1/970x250/ Frame 6594 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/970x250.js?1593422211847
Requested by
Host: 675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com
URL: https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
288f6e8c235a885732fe11fbb164377baa2a8571f7bb7d589cd575e1e1873031
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:20 GMT
last-modified
Mon, 29 Jun 2020 12:01:38 GMT
etag
"5ef9d822-573b"
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
22331
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6594 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com
URL: https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:26:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7C3A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV-HlijSRLQ0oHYB4dx-OUXHCDC9LsQ0msNMH441rmR5mGqba9VRL8j9rmHsN_p1VMO3P_R7lMOJPnv30y91-wMRuj64r4ZOpdSFl6-KhTwBxAnOI1hDv3zJJlZM1tzl8GbNnG-BtXBBhbZ5JwcXd47iY0MozUXvWW1FEBpWINQtr922uGbAQK9dyKHClVTM3IwaHLuJK7eVeMnQj_HBKZCF2iGMtYEdwM_MBOVtCSWfgi3zhpYHF553BgYtwyzU6PPrHFq1uSnVlX_tCcnl6ScVfwyX5n-g_qNZuDUIW3UUFgckFVQ5A4VtcTG4jQXDe5rhemEiiBOdSLPPdTuTUjwQE&sig=Cg0ArKJSzErPeIbwqSDPEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
createjs.min.js
code.createjs.com/1.0.0/ Frame 7C3A 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f7::5c7b:e051 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:19 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:41:19 GMT
300x250.js
i.kapook.com/gorralit/kapookmarket1/300x250/ Frame 7C3A 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/300x250.js?1593430650619
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d094b1b98f3193b96465288be265ab2825b25a2fb049dec8d7967b308e6f0510
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:20 GMT
last-modified
Mon, 29 Jun 2020 12:17:35 GMT
etag
"5ef9dbdf-65d2"
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
26066
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7C3A 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643200382015849"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:26:20 GMT
399303.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399303.js?json=1&async=1&cs=utf-8&rand=0.24383387089607034&num=1&as=2394155%3A2393696%3A2393590&callback=callback8807261822444472
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
88c6323c80d0b90f5823b49f2fe189c5db8e940056099d89d52eca3bf2f698d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
2219851.jpg
cdn.th.giraff.io/cdn/images/380x200/51/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/51/2219851.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43eb0e5502113a2ae9d249a1e254c8c1fe7423c03acd0cde0e33dc17554a1eb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:19 GMT
cf-cache-status
HIT
age
22071
cf-polished
degrade=85, origSize=45340, status=webp_bigger
access-control-max-age
1728000
content-length
20132
last-modified
Mon, 31 Jan 2022 04:05:07 GMT
server
cloudflare
etag
"61f75ff3-b11c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 02 Mar 2022 04:18:28 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6d623db5ac0690e0-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
view
securepubads.g.doubleclick.net/pcs/ Frame 6594 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuU31arEs78uqTCLvyZQBV3mhuXCTR9d7sEZzxZ_gGBzFGEa8Q6sIwqTpR5jBjlCTEKZpcXfOM4BNUf2CjyLPXO1attGzlWzn0YXlVQMXpz56mGqbFozK4bnfkIlV5AEs8PsYhwpATM53AhIWc3rpYYxklJJhxLo2RQ1JOQsRoUT10nL7un6y5cVr8szTg3gGFM69TazCbJGm8fNV2tdnusoMuCnRgeSuBanS9S9O3LnwD4JHR3EghK4AwKh9dir95yO3IuTBrbYOx343uuKOhDr7qk_bUTyKTnx89jbZmjt08FbD82hgqrXufjHQ7nsDM&sig=Cg0ArKJSzInzY0LdXZnGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com
URL: https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
399305.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399305.js?json=1&async=1&cs=utf-8&rand=0.9881568122274804&num=1&as=2367467%3A2273324&nodupes=1&callback=callback4684570331235067
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
6ee63205a047742c50af66337295d0ff4fa1521f3ec6aef7a78a1ef47ceff26e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
2196209.jpg
cdn.th.giraff.io/cdn/images/380x200/09/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/09/2196209.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4e7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c011babe3a2e4a9d7ce48a4785b8632b0eb93414732294302782a169d03876

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:19 GMT
cf-cache-status
HIT
age
513249
cf-polished
qual=85, origFmt=jpeg, origSize=40011
access-control-max-age
1728000
content-disposition
inline; filename="2196209.webp"
content-length
17158
last-modified
Tue, 18 Jan 2022 22:04:06 GMT
server
cloudflare
etag
"61e73956-9c4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 24 Feb 2022 11:52:09 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6d623db7c94290e0-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
v2_kapookcom
data.th.giraff.io/hit/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.th.giraff.io/hit/v2_kapookcom?u=https%3A%2F%2Fhilight.kapook.com%2Fview%2F154646&tag=pv_rv&tag=pv_ae&tag=ws_rv_1&tag=ws_ae_1&tag=ws_rv_2&tag=ws_ae_2&tag=ws_rv_3&tag=ws_ae_3&tag=ws_ae_4&tag=ws_rv_4&ht=2639&rand=0.5525387947473768
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
43.134.100.94 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:19 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://hilight.kapook.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame AC68 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156743&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
wl
t.pubmatic.com/ 		17 B
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=156743
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:19 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
cookieSync.png
pix.cookiepix.com/ Frame 01B2 		0
0
truncated
/ Frame A717 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ab8158d0cbd479a75f913cbe87d0eed29f957bf29143a2ec423c6f299f12701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 01B2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d00fa8650d8c8c239b51ae3cb9ddd93ae18667fb506af087372106e89c297bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7C3A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
729c9679f900a3150b549e9bd3e24a05d62ffd6e98e5ee6f66ae47d708472fea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Bitmap1.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 7C3A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/Bitmap1.png?1593430650587
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:20 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-40fd"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7C3A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1TkXS5-ylBpHWwJPOYc41G2nErowQlQ_z-o159iW74pQruWdLfCjFDz1785_39Iepq43_tvYt7Z6UMjiNceaQGGoJmJafE_ePRmUZxlU5BwY61RAaxbJKnK3RB6M2TpMECFNxPmUehnXWobFL_CYVvn3U0VOeZB3jC68jJ1ct1LlpaA_7vRpudgPNxeHXMqG7sHYphqpj76slAVTnCIbFnJheD7p3gAmHwYe-ht85mPPM1bRYW2t7fQNhJKJZ10om0IFC4q9347MISsxVEmRq0l4NS-q8kHhYJinYiQBSRYpOZ6UGDCj4JKTMt7xNIUBY1_P4OAz_5RKuanre96VH0tmOVQ&sig=Cg0ArKJSzLnufKJdwJ6uEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 10:26:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A717 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEErOVLY-zGCDiqURx1DCXvhGF_dReHnn94n1SgSO5Y9SNDht9N0XGznR68sRJtxbUmNmg644lXr6uhvuRS0ICd6SxG2DxGTSgoS8AhlMRkT-2pKGPzUFW9OwNngaU0kjYARMR6VP9VrOG4QCkV8fi27NmrDBLOD7qFdfSYKcB7ZBD2OdxlZuMzA4jKpom_-hom7yesPMTFPO5X5_9oaKtf1xo2g_XsOFjiqnvTULG70ipsJCBOvPcN51Od46WYiK4OWtygc3tJkRopnotbNdsvBffYCapMIBV2_niTikUEPPFLR-XK2_rLxHp8J7korQIcIzmzxHe_cJphM9PGtWZkID19DnuR9w&sai=AMfl-YTDCtDehuJkxNMSuUHSmarCWdjls5R6NF36XQQPke-11B_pINRkyOq4yOjBiJrcwP6BUk2W5Ej7jHl_XdH3ystzIjMhOUa1ta52jg1GZpiOHEgMZIUdTVeHIDyaFPtd&sig=Cg0ArKJSzNkaC4D-xZVyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 10:26:20 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A717 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012505&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b500c179f41916812a2729e3c939ed929a04037c6081347a7740b687339f07b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8929
x-xss-protection
0
truncated
/ Frame 6594 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ebdfb69e17b21341e897e40bc42ed2fd6bf7d03d711c3a3fc57ec9579ef5805

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Bitmap1.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 6594 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/Bitmap1.png?1593422211679
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/154646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-40fd"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6594 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswCtFPf-_xb1iizCT-i0V0VC6tztJhh_SfGj7YRqWjxCA11E8K09Q-SrtlgNo9c3D4SFWEqe1lOa-K3ajQRjNuRWnRbMwrlBxsCmnri1J_lLnN58WqJ0oSpZ37ZNU9D-ubMz9fZk-qraBnM9yXaSH1Q7xhrCrCgXxSRwoK6OU5cCYJIIyo1hjFBUZG_Xn44KlCrTA1o2hlRaB-WoJ8OgjYSY2iQM5VewfN0PNdaHXVyg37x4PT_V4xwC2TAy1xAo8kXCMxieLXBOaL-eq1bw4zxkmvFK0_LL5liguAmuaNMgap1MiWe3Pv9Bd7Q79Ez3DVHA&sig=Cg0ArKJSzCw_R-eYcdQZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 10:26:20 GMT
truncated
/ Frame 2803 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07b803abced20208f6b2a7c2e84b4ae99c98826c75ee5e1c4b88546df16ce95b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9A29 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfxHDhywmXON_WWVdgzbrhTlo5relaeUvnWSW41Ef2NB9990Ocl6NDHWU3xkUpVrzsRxGOSuH545yIMk5KBjIgECHbjCuh57jlgOauPODT_CFAjTslROR4s9fFhIBpVbyN6zvDsNna8g6BQRK-rBBX65kKtdjVvO0c-u36hUX_BCDDd7NOHaZhpq3BxgfNBEVfDhV0lep_VfKLGq7Tj2yUPC5l6ofgu17U59pp_M7mmlASXqD7vpqdOS7_3dhtvrNt8MfJFFcBps7u0JcVZtuHlnd2FCxdYkaiyJDBR1s1v_g0wDXOAlU_-CUHprI4cqqrz6pyFGs&sai=AMfl-YS4uYerq239324YhzP5RdHWmQGJMIlbM5bu2Ivt2-YDK7qBcVUxMMnOOn5W4NgkDGJmhN7X7PQBLtty1sXvuvy_eAbXs1oqotzRqUVRa3kmBcTXsN2KZeuf3KV6Qwtv&sig=Cg0ArKJSzLKgjFaZMnxlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 10:26:20 GMT
truncated
/ Frame 9A29 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3013a1eaedf3dec63f9ef2ef3b4ab23fb557d860aeec4e6219d00fa244f9b8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9A29 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c4ae2bddd99bdb0e764170ad510977add464488dbe439358599045976679c8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8949
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3669 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqgoEXDKA3WfM9ZSAE1CuxaXWqjxX28dlDkK3dkI_zmN3gyV2pjrGCDyPoAYGfcdUepnkFLA-dp4RUVuAKM6oBYJGIJAsDrUu3Mk8WieD4HJJ4IPF12dYT-6LTILnHHF3gu-ytieE1QxOikB9XCf4FRRIn7dP0gNWOfbUWvyHSYC5bkTDVHEIjrX1ltCw07Zbeaxmruj6pcidi2diLedMsH0E_TY-XJRFqQJJIopubbz0yCdbaDoyNQ-m8cXc8DL4-whfBndiC92oGtYhxREJwSuhJvVW2ftX9TC1Hv2gogVrR4hCdOux0Wx9C6nVKERBYqqbcFQ&sai=AMfl-YQkaWZQYhldDuxjyLoMcaXxuhinePl_lfawykb-sO-WT0vfa25mqwqcGuePJqwfopu1sALTjWHCpJDhkbDtfTE6LdQgjrS_Yxq933eBvWupnJ-Xv11eJlIVaoTaXEUA&sig=Cg0ArKJSzEp8WbaJkODAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 10:26:21 GMT
truncated
/ Frame 3669 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aac489f1d66bb04fd44663bfb3a9eafe35ad728f89cae6e2edaee44a882aa459

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Bitmap1.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 01B2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/Bitmap1.png?1593430650587
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-40fd"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 01B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9YC2FH4gUAwyeqs_ZeUSpTzU1dMjJ3dn3oBpEL6sw2hxIL_Pt8erXgnt8Oyyk0Lln_Nl03z6XcWCluPEEvl0x8UToytre9rUgaMboTwyPH1LSeOVR2Cn8kq4PCiDp_jzOIK4yNpvgVPcuP8GgkUpVMa_EAqwhqvMVOrjoDs5YGtOQGbwlTPEadlUu1fJGfh_I1tc-N8-hDGGWID0x2RVfx3440movK6RA_20Ry4IbI-7ba1b3We4KqPWXMrU-2J8Q7uEqcHA7ptAlYW7orN3JmGbiyA7L1jJubEZZLi6PPGymH7ZDSb886Vtj9GNhxK8tBJTtGZ12&sig=Cg0ArKJSzAc-0dSrlB8GEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 10:26:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2803 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK8EzT18YAfMY2L7K1Bi-yNzKIHOxAl4gk657Mu01RsXBY0A6o2B_0GcOoaoMDNUzGzCpM7DWTTZAq17TCN4GIBN8TH70U3i-eGGINwnXBGm4V04vRTR9ab7b1MLSwNoTNf_Ahjs06l6OuAeiVljV3YnowRYM4CU_prwoYLuVim8zJeuHwe2cCzpbCZATTFpTS5yQq1ZBmHFC1dkokNhW16b2wib8dDWH34bdWlp4zltNgfChSnelfwx1ym60RX0UPABlA2M-Pfvi3Fxhe2CYJ0A4N2968XWE_pft77DWvor-2EXqt4rdYC4WEB6FedrL-h8J-yf-vhZKWSA&sai=AMfl-YQIn99VYtQ75vK_8V44M4bNKW6cafL_lYbamUDqrhrqHOwNSkJU1usP0BpYqQ_xo4R7_mhGu7GVImsLPPwiZ7nxNrr4iVnwCldMpYj0Lk2Vy78Kqi0NPkY45mQ9ypC-&sig=Cg0ArKJSzP0Oa8_Hu2N7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 31 Jan 2022 10:26:21 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2803 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
963cf20265b52f825435cf871c00f16bf049941e3dfa31f389d8ca7455012b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9114
x-xss-protection
0
icon
fonts.googleapis.com/ 		569 B
366 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 10:26:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Jan 2022 10:26:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jan 2022 10:26:21 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012505&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f5b8031d141085583340d3f7e98d14b7c104ad139910348a8549986c94c1c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8988
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A717 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:26:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9A29 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012501.js?31064562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:26:21 GMT
popular-query
connect.thelead.tech/personalize/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.thelead.tech/personalize/popular-query
Requested by
Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.226 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p352-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
0f972b0b592006f47a0e2156931a7cb9aa89fc0e0a2a785a53df179ea46bd937
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 31 Jan 2022 10:26:21 GMT
vary
Origin
content-length
1534
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2803 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:26:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8744 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 10:20:56 GMT
expires
Tue, 31 Jan 2023 10:20:56 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
325
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B9A9 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
43cc457062744ce15f3d720e31815b6b7163fb9fefb5f43d6309160af901250f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6wtVjdtj4wJB7i0c3JdxHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 31 Jan 2022 10:26:21 GMT
date
Mon, 31 Jan 2022 10:26:21 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-6wtVjdtj4wJB7i0c3JdxHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012505.js?31064559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 31 Jan 2022 10:26:21 GMT
button.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 7C3A 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/button.png?1593430650587
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-1f17"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:21 GMT
button.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 6594 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/button.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-1f17"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1CA5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 10:20:56 GMT
expires
Tue, 31 Jan 2023 10:20:56 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
325
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 35C3 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
be24a99cf0817b8f1cdaad5ae50ee0417373491e651a3c8a393c455f8d6ea3f9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6EPZTpkBZS+Wm+hzmRvALA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 31 Jan 2022 10:26:21 GMT
date
Mon, 31 Jan 2022 10:26:21 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-6EPZTpkBZS+Wm+hzmRvALA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F622 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 10:20:56 GMT
expires
Tue, 31 Jan 2023 10:20:56 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
325
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 94C2 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d064fca6b8496954b2c447a45c4168f2c6f9ec09fa9ba9b05deee664c3088c66
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m6QAGXGLKG8nZAgpBVASQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 31 Jan 2022 10:26:21 GMT
date
Mon, 31 Jan 2022 10:26:21 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-m6QAGXGLKG8nZAgpBVASQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame B9A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012505&jk=2200096906540132&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
pagead2.googlesyndication.com/bg/ Frame 8744 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 09:04:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13582
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Jan 2023 09:04:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C55C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 10:20:56 GMT
expires
Tue, 31 Jan 2023 10:20:56 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
325
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D755 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
61b176bf80a9ae9e8ddd98a46b3b5863af23f104739ad481d858c9aee06ba547
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ur/yriGXXics4ZeKRkrQgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 31 Jan 2022 10:26:21 GMT
date
Mon, 31 Jan 2022 10:26:21 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ur/yriGXXics4ZeKRkrQgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 35C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012501&jk=2056054218578780&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
pagead2.googlesyndication.com/bg/ Frame 1CA5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 09:04:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13582
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Jan 2023 09:04:31 GMT
oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
pagead2.googlesyndication.com/bg/ Frame F622 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 09:04:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13582
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Jan 2023 09:04:31 GMT
111af045-7690-49f6-9fc1-cf3daf4ef4ef.jpg
s359.kapook.com/r/380/auto/testupload/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s359.kapook.com/r/380/auto/testupload/111af045-7690-49f6-9fc1-cf3daf4ef4ef.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.85 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p211-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
20f055fcd9e662e603db91a0d17a574f66e35128f61ab745557563164a1e9839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
last-modified
Sat, 29 Jan 2022 14:12:12 GMT
etag
"61f54b3c-fa2b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800, private, must-revalidate
accept-ranges
bytes
content-length
64043
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
220643-new-566613.jpg
hilight.kapook.com/r/380/auto/image_fb/45/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilight.kapook.com/r/380/auto/image_fb/45/220643-new-566613.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
44ceab4ebecd9eb4093c598a4d37035e03a284a023bda4ee9bfd5fa97e469c39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/view/154646
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
last-modified
Mon, 31 Jan 2022 07:36:28 GMT
accept-ranges
bytes
etag
"61f7917c-10459"
content-length
66649
kp-cache-status
EXPIRED
content-type
image/jpeg
a5172d52-1e10-4912-96ad-09140d627d31.jpg
s359.kapook.com/r/380/auto/pagebuilder/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s359.kapook.com/r/380/auto/pagebuilder/a5172d52-1e10-4912-96ad-09140d627d31.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.85 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p211-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
80e1b2c7c4e655d403bee383c22e263915565876f532a92044a87f87b1bee224

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
last-modified
Sat, 29 Jan 2022 16:42:04 GMT
etag
"61f56e5c-119b2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800, private, must-revalidate
accept-ranges
bytes
content-length
72114
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
220646-new-888439.jpg
hilight.kapook.com/r/380/auto/image_fb/45/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilight.kapook.com/r/380/auto/image_fb/45/220646-new-888439.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
43c131bd4bfaf88c22508d6774759f2811ea4c7d854b903d2ed680763801f6b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/view/154646
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
last-modified
Mon, 31 Jan 2022 08:23:07 GMT
accept-ranges
bytes
etag
"61f79c6b-ba52"
content-length
47698
kp-cache-status
HIT
content-type
image/jpeg
sodar
pagead2.googlesyndication.com/pagead/ Frame 94C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012601&jk=3107133697429436&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D755 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012505&jk=1837806884664836&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
pagead2.googlesyndication.com/bg/ Frame C55C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 09:04:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
4910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13582
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Jan 2023 09:04:31 GMT
button.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 01B2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/button.png?1593430650587
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-1f17"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:21 GMT
customer.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 7C3A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/customer.png?1593430650587
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-26c0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:21 GMT
customer.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 6594 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/customer.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-26c0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:21 GMT
generate_204
tpc.googlesyndication.com/ Frame 8744 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?PjU8Vw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 1CA5 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OVyqBg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame F622 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?h62UvQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame C55C 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mqgyjA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
customer.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 01B2 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/customer.png?1593430650587
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-26c0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:21 GMT
free.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 7C3A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/free.png?1593430650587
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-1815"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:21 GMT
free.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 6594 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/free.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-1815"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A717 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012505&jk=2200096906540132&bg=!Pj2lPXnNAAY6OBv_Ojg7ACkAdvg8WsLK_HgRG9jXngOz_AdbaKLlB_uPsoUJ0LhBDr102QStvmuVfAIAAAEQUgAAAAJoAQcKADIShFG6XOK-DPHL4OWxxaUSFvRHXzE_LfhNCjKzcRbhWITH-4mIHzoOkYkvePqwECndY5kC4OEzmmT6T9jAlWYIYc9rKV1RghCwlxwWuRxrPVLKg9QlDztG6ptqDNDeJ8X1pGLfnyac5HjA55pJC4Q9lAsec77RMSbnxsK8_M9kzKhEmjJW5Mgkp2svUAqemftgdd4tAB-vzUyn1X65f2Blyv_Hl2JIP5p8alc1Uh6TSLkVkxLp2OJCuxpNDUcm5Ql9PM5XLQ55OA9u0FnGcvIN1zx1vHMMLDO6PIEJye-OiH_dQXI0XANNYbCxke2Tundg-XWwwjyylcogVsrfsQWvgUCEHpqXpB0YoL0GWJmehrC-KzN9bHs5iBN1eFR8Tl2UUZcMrSidnUt6ut55Ao9SwCvAqo1bimM-dncKDaalF5ecdEQqssSQfMbn2d2vfGQSwzUCOFXPpfNdJpKwzm9lkG98RJl2lXpjLGTA0YzilLSrC6G5JbahSP9UOUkfD7rSQhsyypbaFwft4u9UlL3AJ8L56346uEAlmw__uQ37YuZ4EhUxI8OyBBH64eWI8dW3Gegdm1VVu6_mwDC4U_d82OYbnhrYlvdWAszUov9FPSebhixDpJ_5Zul_0VuQ-oV9aQQB3X4c3X78xpZYPnCYF1Icq_pUq9HkUKW9uyt9vBUSTGGYc-PaYot5A9I3qs3vwbmo8FQM2XdM-9BJGJFLU-ZR3SXM7kQLnmfc3V3UTlwO4fjvDx36Po-PFSSBHKlbYxSpBDmMdRaoyXkCJRCZwbalILHN7Yoks5OsSrwlZ4FBAjR4iCOaROvRlhNfwKHPoI3KN54G17EY28Nu_NBjMfwqasl-fX8GdE06X9-GURH7jx_xnmNNL2m7JkbzkoZKBdybleRJVdEDB6A_NjJAQxTrSSNORXgIHOvKXcBZsnNNqyCfi5Ko3evbrDEXt2HYpie8SVQQ5M2OTb_UZr1SqejC9fI2cO3y7v4B-ShRMTdfNQWu4DU5dJQwInrbANDt9J9lQh4POEM7Sd0IYt5lj6fnFYk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A29 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012501&jk=2056054218578780&bg=!_P-l_7vNAAY6OBv_Ojg7ACkAdvg8Wi502ItKEh-Hvh7sIu51W0oyAjOKkn2NFroG8MI5mXwcXjqRPgIAAAD-UgAAAARoAQcKADKOaVQS2csAqk-rt-JJTfyYWkinA09da2yXgJFOdDE7KfkOmsgfnrMwEb8tURLT0x9dLZkC0aKKz071u_oxSXJaUChhq5uLySY14uH0o3Ag3vLenyvYrE2HYtVFDbKjb6K-6kW7dA5w1aMFXzGc3G4iC5E8aZTzRrJgANEx4cpKw4MH-oQtJX_POu5ikwVD85luk_1KLo6-r1qnmLPIsOgoWkwq57TMQGXWHb41DU-cN3Wa75Kc0v23c64y-Itr-Oe4BmHsSiCKYMjpJmfLZ4kmBrzl9vhi9ELvF6e-YQkXGxtdw83B-U0wpWLTce7f3nmGOAEG7zv1w7jnOg9y_hXzIzJ-vECOKX2wpdkKzV_Bia1nrWEHwe3lDrxCcIBM92dFYR0RKeI9v_Pjj64N0t1IlcVu3dB_bVCFpkS2VPegqFGLBluquBDSxlVPbDLy5LAc_BUlfe2VnacKZrjpOUYtbPe9O2NP_vpgW_ZZ1QcLUw5darUpy6kJrSB4rwrAEZx7X8SHR1d5xwb3GcsWbRv4UO7pimvjudrcUIOT0v_6wGnxnRHrwPQPkSSCpewMaBXPLMARxHxSzoZ3hMUv57QMm7wTbbnEnhKC-ngZn_AkArsLKqm_04ztZr0vifU-P-C1KwkG-PF6T-gPGoh_EIg9vAXfWSQCrCXDQBcBeNhI5DdrzwsowHoP77QwMYQcEKnSYBzF2zyB8FT8AQq0OJ1dMS3-U-fgQcist72NsyWrCxEhItVVKkQRcrG3OSiWbkjoE8Kw5RGA4c8KU7hQROSqDJVVyxsP_DWgaKv1BGLAnL6-IOn0HLV3tefBO1GEzYL3fhh3x9jL3oQGQ1HXwtMi1Hb_hNIBVnYiGy3CbWFphWMOFhN9l5KS3WvmcX9eELzBvWbS2rtAytel6ZVXPl_u8SzrPe8JwVGGySZz8uE1rgrF8zsT4yDnVjgzKZTNvkYmKxxAO56mxnbkB83vzkRV6CBaGTAr_RQPHhSYyToXCHgxPiO0W9Dq6tt-pf_JT9BSBfw2dMU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2803 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012601&jk=3107133697429436&bg=!qKulq-_NAAY6OBv_Ojg7ACkAdvg8WsHvzXnvjqEDVRqPu6tNdkEs6R0p3LqWw_gPsYgJKeDUHSUbCgIAAADzUgAAAANoAQeZAtDehlTUtLt05fbA7NwgqXgAxrdEd-X7ZuDDOW4UWK2gwwWL0K4FfwHdzmiNbSq-iV6I3HNPmqTFemg_m1VmAbpaeOPt9NMd9vHKODjajbn7ioWM2mzgwX7waneAkNLnOHbXAspOB42PwQYCCk15k3QgvXPjAPvfSA08oQEYKKtaSomtbkP129-qCWqfR36mT61K-f2YYuAWZdrsLUpd37Bau4-_5VI0su2gw3IBGR_HSdGYtLexKlgpwmCnRpXwcY_zYHcnP7IJ86ORMpR3Q-8p2NxpJLfmVeKmSs4HR5qjTU24YYUkWhMT6CI0s7bfVfepZ319vwZoICd_0oLGpi0vQI-rT-ngkrmMTXO4-BGr3Tn_kHuqF2H_1sRodbP1aMdDwKE8qcRXI4UsrBwiIxZ3w281X51lFcn9ZmbvEulOB6obrPYjkOcU0A1U3jgnUDUXJBygy0T_gIHFSSmYHBthmmsp9UAAbKtqoNdSbjZHUoJN1PlO1-txfobr6glSPIF7vK09WBWT-Hudh4Au0jzMA5RikpI8DEPY2ShoYtkzF0qE4FE9SywLIcMQ_riH_QF8qtl0tfmahMb0A_CbT4nmo1QNNAHObaPLkZMnWvJX2fVyB8qd7Of9nYkzW2NDDQGqHvNJJHSp532O2VEJOkIjB4kH3EJzltBSavM8fwG7uraZxpVsyXcgn0i7Vd2O0Onz4CVTfrF7De_aghMdJRlpiU8InRFXfqwlHAUxLmluibcBnawotEm5g2doG2jJtoBFzigRysTdfBGHBztY4DyvnUTZ18FV_oYdxbTwEphXERfklGKAmJanXd4O_vZ7L6cyCcIyZmVYfLuO2NB9PLkKmESpCmrHpQ6UIN_y_QmAjGI6SEWCGnzUiPmj5_GifUni_UbejgEpxTcj6_y51ymzhM5aDLZQEpQh0R7XZFIc5tMcjAy6m7DxUx2WrnigEXs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012505&jk=1837806884664836&bg=!rq2lrenNAAY6OBv_Ojg7ACkAdvg8WkSDsmsKVYfmqOPYhORRMwnkBLpLpkwO226NSe5hhAnRL7jw4QIAAADbUgAAAAJoAQeZAqcNL8YqoM5358AXzpRNyfTvm0d32jeco0hzVBWghxZvRdsomWYbJSUKuJfX6hRZun4yZgB6vrV1TiV-4r8ID-jrPyT0Rp1oxomj-EeJXoMYSrsuylO3bkL1tOwE3lSl1F-nwDrk9_B_zAzY2YJ5ZgXFFNq-PXcvekXnHu72ZBJQ-MgpW3VSSLINZfAMY1TJFv0U6EwoRDX7bLYmsZzXXgAS3RoqbnvneMS70JlKzCYrtCLpr9Pgjeh8Ieffx3buGZvKhmcFiD9yVP0P4GMLdlxZAuW5xevv4utbPU_2fAuVbdQAYUn5eX1OK69gHS0KH8r95HLoRIrqPnTzwYzC7Ujr8YGEFoC_MfMlF1VvT99Yu5rllCoLE1bimEMs2n7OBFRtw-HXljc_JlIHX53iEeOZflTY3Ln889_Mx9PfkTe5z5AYHwBEBJvqzxZp7WNWxcszlyMc1qY2_vmd-B5J5Tn17DcR1u3fT6Ayl63NTh0Eyk2iXJkDiTbzuE9mHEsNMeGUJ_Msz5M7oJjp0-RKn-6WOD5Bc0HMnvkNcDGgt3mbWC-_zLHtSNAjvVS20IZKzvnUIc0NfM0OYarzm5eqDI_waUHSAzGOWGkKmaiRk8n50JLj2xA0TCslCvJK9jFf2GEfmrlD3Afb_XaWbd_4RObGyt4EkYofMPc_SOFciwrXpek5lkvLn9o_PoE_Yey4qUEWnfFB5Ad9VWNRBuhaJAFqSeIXrhrZf3LrTnDO21-5lQo2STABhGNa_iKcknbsPYe_6LN0GI7aZCFSA4_2m1UXLlMiXYZATHc-pTS2sfbbPKe_Y23Hl5_DcIT3vBwcqB9HxB_EF78SOxDheZY69Ah9XTvLw8OtkWN3jzFtb7GXeg98ax58TckKspovUaupPGKIw95xsutz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
free.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 01B2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/free.png?1593430650587
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-1815"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:21 GMT
m1.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 7C3A 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m1.png?1593430650587
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-4630"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:21 GMT
m1.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 6594 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/m1.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:21 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-4630"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7C3A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3mGW21TP6bpaVfP_3mWU6dxhIEoZnagyZK0Ivg2izvtf80QeM_K7niwpaXgKxLqdGedM_q602KjhzvKFMR0shAQC6xy4qR6GC5lFvTqiTCXm7tFc0&sig=Cg0ArKJSzJSnRBKs7qPSEAE&id=lidar2&mcvt=1000&p=706,1069,956,1369&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220126&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3850129567&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643624779012&rpt=1877&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9A29 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv880aryZHqLVIoiNogmgkq0jzTljypiWsoePEKmayshOOlAZhFT4dzwlw-0jGrijOwcyPQbjghg57OL19SDINPgcQyQk-4pHk57ehFuLWBl_Y76Am6&sig=Cg0ArKJSzCO8YB4zcZ8yEAE&id=lidar2&mcvt=1001&p=424,315,674,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220126&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=4208516631&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643624778041&rpt=2913&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6594 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsso5wybtB-BfvuT1cvVVFCbzt9E4rCj1DLRYA5a3bKvfR_hj1jzPf30Y1aGNnAsfPeoDCeC5Zhf1I4pyCQFeiFx42MzU4fSEqSIaWJ01Jwe94feNUuQ&sig=Cg0ArKJSzC2pWu_PhdXjEAE&id=lidar2&mcvt=1003&p=424,315,674,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1922974829&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643624778926&rpt=1983&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A717 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhvb8FZ1lPVlSv8lfBXVQKB1WB4u06l1Kl6lMI-fjzpAy8i7B-HKsCWiOeBFaS01YLul9MZOMc0FrWCsLP-DVYBR1Uw80luf3W8LLS6zyXinQ9Rf-f&sig=Cg0ArKJSzMg6v8l_PzOGEAE&id=lidar2&mcvt=1004&p=706,1069,956,1369&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220126&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3445020646&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643624778013&rpt=2880&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 10:26:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m1.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 01B2 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m1.png?1593430650587
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-4630"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
m2.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 7C3A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m2.png?1593430650587
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-576"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
m2.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 6594 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/m2.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-576"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
post
connect.thelead.tech/event/ 		15 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.thelead.tech/event/post
Requested by
Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.226 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p352-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 31 Jan 2022 10:26:22 GMT
vary
Origin
content-length
15
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
post
connect.thelead.tech/event/ 		15 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.thelead.tech/event/post
Requested by
Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.226 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p352-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 31 Jan 2022 10:26:22 GMT
vary
Origin
content-length
15
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
m2.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 01B2 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m2.png?1593430650587
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-576"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
m3.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 7C3A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m3.png?1593430650587
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-1be7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
m3.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 6594 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/m3.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-1be7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
m3.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 01B2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m3.png?1593430650587
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-1be7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
m4.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 7C3A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m4.png?1593430650587
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-1b32"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
m4.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 6594 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/m4.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-1b32"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
m4.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 01B2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m4.png?1593430650587
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-1b32"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
money.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 7C3A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/money.png?1593430650587
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-1af0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
money.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 6594 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/money.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-1af0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
money.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 01B2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/money.png?1593430650587
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-1af0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
t1.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 7C3A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/t1.png?1593430650587
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-142a"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
t1.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 6594 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/t1.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-142a"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:22 GMT
t1.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 01B2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/t1.png?1593430650587
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:23 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-142a"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:23 GMT
t2.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 7C3A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/t2.png?1593430650587
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:23 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-19b1"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:23 GMT
t2.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 6594 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/t2.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:23 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-19b1"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:23 GMT
t2.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 01B2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/t2.png?1593430650587
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:23 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-19b1"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:23 GMT
t3.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 7C3A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/t3.png?1593430650587
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:23 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-1107"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:23 GMT
t3.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 6594 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/t3.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:23 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-1107"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:23 GMT
t3.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 01B2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/images/t3.png?1593430650587
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 10:26:23 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:42:07 GMT
etag
W/"5ef9d38f-1107"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 07 Feb 2022 10:26:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
platform.instagram.com
URL
http://platform.instagram.com/en_US/embeds.js
Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156743&s=670822&a=2752542&ts=1643624778&wa=0&e=95&vc=2
Domain
pix.cookiepix.com
URL
https://pix.cookiepix.com/cookieSync.png?1643624780

Verdicts & Comments Add Verdict or Comment

231 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 function| $ function| jQuery object| PWT object| googletag object| slot1 object| interstitialSlot function| fbq function| _fbq string| WDMObject function| cpe string| GoogleAnalyticsObject function| ga function| skin2vdo function| close_skin string| page string| current_cat object| bluebillywig object| FB function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key function| cpeclient function| parcelRequire1a9e function| triggerEventOnJQueryObject function| triggerEventOnParentById function| setAttributeOnParentById function| bbExecuteJavascript function| onYouTubeIframeAPIReady function| webpackJsonpBbSkin function| setImmediate function| clearImmediate object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer function| Swiper object| tmpHead object| ggeac object| google_js_reporting_queue function| head number| CONTENT_ID string| SUBDOMAIN function| GET_CATEID number| contentType string| mytheme object| myarr function| getYoutubeID object| list_oembed2 number| total number| count_box number| varCounter number| interval_id function| varName object| __s object| instgrm function| getCookie string| dmpUserMaping_id object| innityDataLayer string| url_stag string| url_ctag function| loadCss function| cb string| template string| template_new string| template_compound string| template_compound_new string| template_compound_new_z2 string| template_compound_new_z3 number| cp_count function| tag_singe string| url_get_tag_info function| setsticky function| setrelative function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad object| lazyLoadInstance function| cpeAsyncInit object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_940767 function| processGoogleToken object| googleToken object| googleIMState object| google_tag_manager object| google_optimize object| skrollr object| _data object| file_dependency object| file_dependency_extend function| cpeapp undefined| google_measure_js_timing object| google_reactive_ads_global_state object| closure_lm_22934 boolean| giraffDebugInit object| giraff function| grf_change_article function| grf_run_widget function| lead function| cbGeo205507866 object| angular object| s undefined| menuStatus undefined| menuslide undefined| loginStatus undefined| loginslide undefined| loginnow undefined| loginnows undefined| jQuery19109607846639328783_1643624776039 object| innitytagmgr boolean| bG56d8ee121c51b14f6e964404 object| _innityq undefined| _grf_5987842169894515 undefined| VK undefined| ODKL object| lazySizes string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc string| _norec undefined| stat_frm string| truehitsurl object| ga1 number| VisitorT number| onSeconds string| p_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Flv function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page number| __thflag string| udf string| arg string| _narg string| rf string| truehitsurl_top string| th_rand object| truehits_div undefined| th_img undefined| th_link string| domain string| prefix_url object| app function| jsonp_callback function| clip_callback function| article_callback function| photo_callback function| parseURL function| whenerr function| varidateemail function| market_edit_button string| base_dir string| base_tpl string| member_logout string| member_login object| msgData object| closure_lm_806857 number| google_unique_id object| _innity_wtl object| _innityoq object| V object| _iampt number| dz boolean| bG5f47736a47e7049801000002 string| u function| callback12876843699856733 object| ampInaboxIframes object| ampInaboxPendingMessages function| callback421147883409162 function| callback3996098183433041 function| callback33847431087436397 object| dp function| callback9408743076899049 function| callback2916344439901677 function| callback8807261822444472 function| callback4684570331235067 object| GoogleGcLKhOms object| google_image_requests

107 Cookies

Domain/Path Name / Value
.pubmatic.com/AdServer Name: PugT
Value: 1643624775
hilight.kapook.com/view Name: verify
Value: test
.bit.ly/ Name: _bit
Value: m0vaqa-501d3006e32b88dbfa-00j
ffe35e.dwerls.eu.org/ Name: GNX-PTGKIM7c1aHiOJeyi5yuDqhfi
Value: tibnuanuukpks8hkkvhspa4spi
hilight.kapook.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.kapook.com/ Name: pbjs-pubCommonId
Value: f3f365f3-70da-4213-a623-2b3c7e7ea68a
.kapook.com/ Name: _fbp
Value: fb.1.1643624776184.1989623901
hilight.kapook.com/ Name: uuid
Value: 7B363D17-C80A-42C9-81B2-02D89626B15C
.kapook.com/ Name: _ga
Value: GA1.2.1026036103.1643624776
.kapook.com/ Name: _gid
Value: GA1.2.676114989.1643624776
hilight.kapook.com/ Name: cto_bidid
Value: GesmH19CSUVUZm43N0Z2b0slMkI1bFRmWHFlMTdtMTJPRzNqR2dKVUh3TXp3b0YwdFVhdDhQWmxHYUxrd0FsSHJzbnZGZElQS1lBNFFraEhTRyUyRlhHeFB0eEpuaHclM0QlM0Q
hilight.kapook.com/ Name: cto_bundle
Value: dYElN19YVlIwbFJqRVpGSWV5SEN1VnlrJTJGZiUyRnhDNFdLOW5xU3E1VmtPanp4WlY2Q09kdVAzWU4wWllKWktKc2I1OW5ZSkE2M01RR2tXSFNubFFBSWpNUlp3dDBOU003dW02MjNGdFJZaTBOSTJHT242VlAzSm12ZiUyRm95WkJwSmo4TlBxRg
.kapook.com/ Name: _gat
Value: 1
.delivery.adnuntius.com/ Name: usi
Value: yyq8!3c526db5d290b5ff417a3d881298d0d3
.delivery.adnuntius.com/ Name: sessionId
Value: a05b77d67942fb81561369310b3184ea
hilight.kapook.com/ Name: _grf_vis
Value: 1
.truehits.in.th/ Name: ck3rdparty
Value: 1
.kapook.com/ Name: _cbclose
Value: 1
.kapook.com/ Name: _cbclose53935
Value: 1
.kapook.com/ Name: _uid53935
Value: 54440BB0.1
.kapook.com/ Name: _ctout53935
Value: 1
.vk.com/ Name: remixlang
Value: 6
.truehits.in.th/ Name: truehitsid
Value: 4YYednL4
.th.giraff.io/ Name: gid
Value: rBYQBWH3uUkhdBgDZY+OAg==
.hilight.kapook.com/ Name: freq.5f73e63e47e7040e00000000
Value: 1
hilight.kapook.com/ Name: _grf_uid
Value: 1716471958
hilight.kapook.com/ Name: _grf_cm
Value: 1
.kapook.com/ Name: ka_iid
Value: WHudtdswoLLWuRGbfbZQfP
.kapook.com/ Name: ka_sid
Value: FMMDoYm8Dqmg7CCLJFyuG
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B31D27B5-E2BF-42BA-91CD-D3F972CF7F85
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1644796800%3A201_197_219%7C1643673600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1644796800%3A21_161_3_8_71_234_13_7_56_81_233_220_54_22%7C1644883200%3A35%7C1644451200%3A63%7C1646179200%3A203%7C1644192000%3A223_2_15
.adnxs.com/ Name: uuid2
Value: 4034703976099959640
.quantserve.com/ Name: d
Value: EM8BCwGqJfijAA
.quantserve.com/ Name: mc
Value: 61f7b949-a7994-9656c-853c8
.adfarm1.adition.com/ Name: UserID1
Value: 7059314664121694357
.mathtag.com/ Name: uuid
Value: 6e6061f7-b949-4a00-8a52-c95c38474c22
.onaudience.com/ Name: cookie
Value: aa15d01dad8ca8cf
.onaudience.com/ Name: done_redirects147
Value: 1
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: F6C006C30B5A4EBB9A3937E085DA3FD7
.adform.net/ Name: uid
Value: 9129102651398195719
.de17a.com/ Name: guid2
Value: 1.5549981198087158650
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7059314664121694357
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6e6061f7-b949-4a00-8a52-c95c38474c22&KRTB&16736-uid:6e6061f7-b949-4a00-8a52-c95c38474c22&KRTB&23019-uid:6e6061f7-b949-4a00-8a52-c95c38474c22&KRTB&23208-uid:6e6061f7-b949-4a00-8a52-c95c38474c22
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6185691236742871475&KRTB&23263-6185691236742871475
.adsrvr.org/ Name: TDID
Value: 34ee950f-2228-47b3-817d-39cef14d1b39
.doubleclick.net/ Name: IDE
Value: AHWqTUloojGx_JQOFEjqoyLAKFqRifSAqhmIw7H8zy357SsCBD5HZzh0zInCTtc_rhw
.uuidksinc.net/ Name: jcsuuid
Value: zhmimZXdTOZuDPIVS70z
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yfe5SQACqVGINQBB
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~22yy
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjmmK2Q26uyOhAFOAE.
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-34ee950f-2228-47b3-817d-39cef14d1b39&KRTB&22918-34ee950f-2228-47b3-817d-39cef14d1b39&KRTB&23031-34ee950f-2228-47b3-817d-39cef14d1b39
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Yfe5SQACqVGINQBB&KRTB&22978-Yfe5SQACqVGINQBB&KRTB&23194-Yfe5SQACqVGINQBB&KRTB&23209-Yfe5SQACqVGINQBB
.bidswitch.net/ Name: tuuid
Value: 24fa2d3b-5519-481d-a294-90f1c2076471
.bidswitch.net/ Name: c
Value: 1643624777
.bidswitch.net/ Name: tuuid_lu
Value: 1643624777
.onaudience.com/ Name: done_redirects104
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBEm592ECEG4evSUjTpDRbTNcE9K18SYFEgEBAQEK-WEBYgAAAAAA_eMAAA&S=AQAAAq8Rh8SQNSNL_qGfRS82ZnE
.turn.com/ Name: uid
Value: 3957117121314086987
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3957117121314086987
.nrich.ai/ Name: _nauid
Value: 71bdb9d8-787d-46a1-8ebd-003a2939cef1
.adsby.bidtheatre.com/ Name: __kuid
Value: b19b9bfd-2092-4201-a1dd-af70dad85a2a.412838777
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-24fa2d3b-5519-481d-a294-90f1c2076471
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 774fe80c1ee2ac65b8733d0d43cae203
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDc3SUu1MEg2TE01Skw2M02yMDc2TjFIMTFOTkw1MjBmAILE7zs9QTQUAABkawtj"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI%2FL7TE0hBAQAdugJb"
.onaudience.com/ Name: done_redirects219
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.zeotap.com/ Name: zc
Value: 588fd5dd-456d-4179-6a50-c69563c03566
.zeotap.com/ Name: zsc
Value: B%8E%3C%DE%3D%F0%8D%86K%29%CFRB%CD%11%1E%0F-%BE%AE%D4%AE%26%C7%CA%1F0%80H%3Em%F0%A8%29%16%9D%B7%83%A6%E6%E8%83R%1C%C3%16g%87%FE2%A1%D8%E9%A2%0B%CF%C3%059%DFtWS%9CV%85%19%29%29%AE%EF3%2A%85%3F%A3%E3%2A%D2q%0A%0A%FD
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-92cfa248-07cc-4f44-7f95-21eca136c716.3XGSWB0z2uw53KIZ1nm3xRP%2FRivfjIHnqqnesXycWx4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-92cfa248-07cc-4f44-7f95-21eca136c716%24ip%24185.213.155.169.0p8gn16L5sR4ZqMGOr8evfgybJ7Y1O0eaytHT0WHyz0
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-ks-iSAfMT0R_lSHsoTbHFrnVm6k
.th.giraff.io/ Name: nid
Value: F2r5X2H3uUk4hzeK0bIxAg==
hilight.kapook.com/ Name: _lr_retry_request
Value: true
hilight.kapook.com/ Name: _lr_env_src_ats
Value: false
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-y-h5cZ_gK3_QuCh_xO0yf8vsKSXQ4Sp1nuFNeD_H&KRTB&19420-y-h5cZ_gK3_QuCh_xO0yf8vsKSXQ4Sp1nuFNeD_H&KRTB&22979-y-h5cZ_gK3_QuCh_xO0yf8vsKSXQ4Sp1nuFNeD_H
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4034703976099959640&KRTB&23339-4034703976099959640
.pubmatic.com/ Name: PugT
Value: 1643624777
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGuLMn43DQEJfeDKdy8Tfvg&KRTB&16514-CAESEGuLMn43DQEJfeDKdy8Tfvg&KRTB&23025-CAESEGuLMn43DQEJfeDKdy8Tfvg
hilight.kapook.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%2234ee950f-2228-47b3-817d-39cef14d1b39%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-12-31T10%3A26%3A18%22%7D
hilight.kapook.com/ Name: id5_storage
Value: %7B%22created_at%22%3A%222022-01-31T10%3A26%3A18.234719Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5549981198087158650
.kapook.com/ Name: panoramaId_expiry
Value: 1643711178290
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: pp
Value: 156743
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.rubiconproject.com/ Name: khaos
Value: KZ2JR7JD-P-M8E8
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqKFF/dOznX7T5APvdogVCbaTd6KyMQnat7y9GyzaExIRarT6SHRVMZcvt/PmhK2LUZmJrm+KgYPWjYHTlS9mMvKxOirMlc0tKyqVI1k5poNA==
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 943c1d14b465caa7
.mathtag.com/ Name: mt_mop
Value: 9:1643624778
.innity.com/ Name: iUUID
Value: 283f9763d39470b85f3cb0223acd5233
.kapook.com/ Name: iUUID
Value: 283f9763d39470b85f3cb0223acd5233
.kapook.com/ Name: innity.dmp.143.sess
Value: 1.1643624778722.1643624778722.1643624778722
.kapook.com/ Name: innity.dmp.143.sess.id
Value: 95935263.143.1643624778722
.kapook.com/ Name: innity.dmp.cks.innity
Value: 1
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.medialead.de/ Name: trscj
Value: MTY0MzYyNDc3OHxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56Tm1OekUwWVRSbU4yRTNOMlU1TWpZd1AzTjFZbWxrUFRFek16VTVOREF3TVRJek5UazROakF5TVRReU56WTNNREV4T0RVMk1ERXpKblE5YUhSc2NBPT18YUhSMGNITTZMeTlvYVd4cFoyaDBMbXRoY0c5dmF5NWpiMjB2
.kapook.com/ Name: __gads
Value: ID=d9868ac6063286b0:T=1643624777:S=ALNI_MbQcx1mW2DPPiUGkGRuD35Y43e07g
avd.innity.com/ Name: geo
Value: EU%3BGermany%3BDE%3B%3B%3B
pb.media01.eu/ Name: ASP.NET_SessionId
Value: ybtwqhh0m4rnymf3xb23fw23
pb.media01.eu/ Name: DTU
Value: 917F2DCE5DAABEDF84E060A6E648A064
.a.th.giraff.io/ Name: s
Value: 2367467:2367467:2273324
.pubmatic.com/ Name: SPugT
Value: 1643624778

6 Console Messages

Source Level URL
Text
security error URL: https://hilight.kapook.com/view/154646
Message:
Mixed Content: The page at 'https://hilight.kapook.com/view/154646' was loaded over HTTPS, but requested an insecure script 'http://platform.instagram.com/en_US/embeds.js'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://cdn.bluebillywig.com/apps/player/20220124.131048/player.js(Line 25)
Message:
The keyword 'slider-vertical' specified to an 'appearance' property is not standardized. It will be removed in the future.
network error URL: https://hilight.kapook.com/img_cms2/user/juthamat/jutha1/cambodia06.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://pix.cookiepix.com/cookieSync.png?1643624780
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0b064684889c56ba73c6af0b3a4b4690.safeframe.googlesyndication.com
4949fd248cb1b5b9b5af33da392e16d8.safeframe.googlesyndication.com
675328474b9401c1e1afd91ad3efde7e.safeframe.googlesyndication.com
a.giraff.io
a.th.giraff.io
ad-server.eu
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.com
adservice.google.de
aktrack.pubmatic.com
api-center.kapook.com
api.dmcdn.net
api.pxl.dailymotion.com
api.rlcdn.com
avd.innity.com
avd.innity.net
beacon-ams3.rubiconproject.com
bit.ly
c1.adform.net
cacheportal.kapook.com
cb8d1f4986f623ba0acd23f7d05df274.safeframe.googlesyndication.com
cdn.bluebillywig.com
cdn.contentspread.net
cdn.jsdelivr.net
cdn.th.giraff.io
cdn.thelead.tech
cm.g.doubleclick.net
cms.kapook.com
code.createjs.com
code.th.giraff.io
connect.facebook.net
connect.ok.ru
connect.thelead.tech
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
data.th.giraff.io
delivery.adnuntius.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
eus.rubiconproject.com
ffe35e.dwerls.eu.org
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
gum.criteo.com
hal9000.redintelligence.net
hal900013.redintelligence.net
hbopenbid.pubmatic.com
hilight.kapook.com
i.kapook.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
ir.shareaholic.com
lvs.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
my.kapook.com
pagead2.googlesyndication.com
pb.media01.eu
pebed.dm-event.net
pix.cookiepix.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.instagram.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
pubmatic.mainroll.com
pv.medialead.de
rtb.com.ru
s.uuidksinc.net
s0.2mdn.net
s359.kapook.com
scontent-ams4-1.cdninstagram.com
scontent-ams4-1.xx.fbcdn.net
scontent-amt2-1.cdninstagram.com
scontent-amt2-1.xx.fbcdn.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
smarttag.rubiconproject.com
spl.zeotap.com
ssl-avd.innity.net
ssp.adriver.ru
stat.media
static.xx.fbcdn.net
stats.g.doubleclick.net
stats.mainroll.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
t.pubmatic.com
tags.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
vid.pubmatic.com
vk.com
vpaid.pubmatic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.kapook.com
x.bidswitch.net
aktrack.pubmatic.com
pix.cookiepix.com
platform.instagram.com
104.111.224.62
104.36.113.17
104.36.113.24
104.92.74.8
116.202.48.214
119.81.183.209
136.243.149.243
141.94.170.64
141.95.34.105
142.250.184.226
145.239.193.130
146.185.195.94
15.197.193.217
151.101.66.49
159.65.197.210
169.50.137.182
178.250.0.157
178.250.0.163
178.79.242.181
18.156.0.31
18.194.122.86
184.30.24.198
185.29.132.245
185.29.134.249
185.64.189.110
185.64.189.226
185.64.190.75
185.64.190.78
188.65.124.58
188.65.124.90
195.161.16.148
198.47.127.20
2.18.233.201
2.19.35.65
2.21.141.175
2001:678:cb4:bbbb::11
202.183.165.226
202.183.165.85
203.154.91.10
204.237.133.116
213.155.156.180
217.20.155.208
23.106.249.95
23.88.75.188
2600:9000:224a:a000:1d:47ad:2280:93a1
2602:803:c003:200::21
2602:803:c003:200::77
2606:4700:10::6816:4e7b
2606:4700:10::ac43:db6
2606:4700:20::681a:c04
2606:4700::6810:5714
2607:f8b0:4023:1404::5e
2620:116:800d:21:51e4:db4b:4436:b305
27.254.43.241
27.254.43.242
27.254.43.243
27.254.43.245
2a00:1288:80:800::7001
2a00:1450:4001:803::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c06::9a
2a02:2638:1::13
2a02:26f0:f7::5c7b:e051
2a02:fa8:8806:13::1370
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:2880:f206:c4:face:b00c:0:43fe
2a03:2880:f22d:1e6:face:b00c:0:4420
2a03:2880:f245:ca:face:b00c:0:43fe
2a05:d018:d29:3602:5ce0:1e2e:863d:4da1
31.220.27.134
34.120.133.55
34.237.23.137
35.244.174.68
37.157.5.142
37.252.172.38
43.134.100.94
51.68.39.188
52.208.103.128
52.209.129.133
52.222.214.19
52.222.214.20
54.236.80.213
54.36.108.3
54.76.176.197
67.199.248.11
8.39.36.141
8.39.36.142
81.222.128.214
83.222.114.187
85.114.159.118
85.202.161.8
87.240.190.78
88.198.250.30
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
01f76591dd222ad3b8e6c366ef28be06a10479115fc328c8093d04e5102bee59
039d6f79dbe15bd310fe59e1e03e4ea67d90d9a04aafb28694ae834ab9fa6a4f
048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f
06821251a29e71f8fd4f60349667c54d163b16d7bc8b1d47144c7f5042683eef
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
078485c2ef3f95d9c63732cb9445ba6814ee1b9f2cb6a2f9eaebc85a59227b3f
07b803abced20208f6b2a7c2e84b4ae99c98826c75ee5e1c4b88546df16ce95b
097f27605ca0d079486d606eb3ab573a5685710b4f6d9d906327bcbffa45bec5
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0a634bbd16a8b70972cf493dcf05d7ce52e460b74f9752d31188ece01f97ff12
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
0c70dea7f7ae178cc658f383f959806d1c2476ffaaadc90e591a5a542746e306
0cf1f358d67c766451bcfeb1e982a19af544bbb63d606f5053c6e962499c4dd5
0d00fa8650d8c8c239b51ae3cb9ddd93ae18667fb506af087372106e89c297bc
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0f972b0b592006f47a0e2156931a7cb9aa89fc0e0a2a785a53df179ea46bd937
10a5e3dc12778209ae477e5cfa5bef90ffdf5f39eef4462d082a4859a8a27d4a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
160bef5003dca72fd1cc96b6f8d575c16944b1c29fd2b2f5d4b5a3c0cb821f25
1709875a319aaf84a4aa61ce208629664c11b250b17cf65122d722a8a6235f9b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1869a799ad8fcb8ed4f7ca265940db5656e2d369376e6a7c8ba2d0b041fedd79
18c32489ad4b5869d199970a70ada9cae17a82d7588f9f6145289cfe0087433f
1ab8158d0cbd479a75f913cbe87d0eed29f957bf29143a2ec423c6f299f12701
1c37b9f272a717c741e9294666fec7c6f3bdfb63ca3544803f4770668047c788
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cf1f7132ec2b6e9966d683b1fe193d130ae40191ec77e5449f3c3de6cb4456c
1d2a8c794add60a46cd6b6baccd0f696f532a5890f4ae056e77ea862782f3cd6
1d6c6301cab1440d031c7e5f865dc8018b0c1b7e685359578b1557f9d4338243
1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
20f055fcd9e662e603db91a0d17a574f66e35128f61ab745557563164a1e9839
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
2257a1847773bc2f2273720e446fb019b71e6c4b2410ab2ff8c2961b7c538a0b
2312b20796576ca482f317d6fd14bbf030dbdb6eeaefa08112a2c8249629fb59
237109949b73d2ee41a8d07042fc132ef14bcb34f443374eb98622686f62ca9f
23beda30424ac7c49957ce15299d0199803995498851441548cf89108a12871b
2442d64a8a90cf982824a1dca7e8a1fb1d343ee500285b4e7a29c0dc560a486b
261bb00bef911c5669e21d2eb97c372fa56ac5b0fd511886d7365980168e9481
272487daf9cd9f37e459eca1cf6401edc5ebeaf16cbcf5911063ce2b82db6461
27cccbf9ebf3d40c6f0e333a63884e8970b1ad2d87b45665cdba5bc299895fff
288f6e8c235a885732fe11fbb164377baa2a8571f7bb7d589cd575e1e1873031
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2ab39d3d36ff0bee70fa082fa8c4d2817d924d17cef5d265e3a8275c02d90d0b
2b9c0914d8f3f0aa6cf86705df70b7b21e9ca2f9013a346463788e7cebd0158f
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2cefb3cf5a7e18de67f37a4a34e3d7581a81b73d2043b0b2b38972a5420bcf9e
2e39e1139f7fd668659dcd0f8c644e400b5e7aa0e87baa7cd05c34199140b78e
2f54e8a76f78dc7236969087cfef1e06b5ef42fc4f96ab8c5dd29180e36267ec
2f5b8031d141085583340d3f7e98d14b7c104ad139910348a8549986c94c1c63
303b701d48a7993b4176e72cf7e6f990959046b802acf41d0682d7344a40f4a6
33ceac8852b43e0afb94ba6646ebda4654e9aba3c178e3d4819e4de6be134c8c
346e6776ffc7796ca15034c67c043bad204bb5295a56186d04625aa7b7985748
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
385432ab21be0bfb7a0736a7f4c45d617ee25ea270af23a43fbc1c14f867a9bf
38efc54eb97b294bf9f710239d5922ba7854186c13d9d39571e972fc5e6bc834
3c4ae2bddd99bdb0e764170ad510977add464488dbe439358599045976679c8d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebdfb69e17b21341e897e40bc42ed2fd6bf7d03d711c3a3fc57ec9579ef5805
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41f5f41fae57894923b9c02c9b5d619b8492bb1e4ab823a00cfd7dea2e70232c
43c131bd4bfaf88c22508d6774759f2811ea4c7d854b903d2ed680763801f6b8
43cc457062744ce15f3d720e31815b6b7163fb9fefb5f43d6309160af901250f
43eb0e5502113a2ae9d249a1e254c8c1fe7423c03acd0cde0e33dc17554a1eb0
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
44b1dfba3096651cfa5bf09eabf8e6ae420490fce25bfb4dcf8a46101549f9d7
44ceab4ebecd9eb4093c598a4d37035e03a284a023bda4ee9bfd5fa97e469c39
45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777
47fd2d89da6d57a193dcdfde77680f8b0511740db8df42efe176f7683e835e8b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28
4aafeeab30ce0f4af8831983cc3f7dacc43b5c930d3c098014d1f9beae058017
4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4087eebf0773399b2b0f9622cb190d2632bc6beb7286e649bb48828b44eab8
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4ffca20268700828a4dda19ed5ab6a886f9bba14d04c879979a79bf1ef3e9354
5100403fd55efee512ad647863e318d995da33be2c3cd513e351f90e6a30961c
536652dd14b87d10392834e28ced44e606f3d95ecf2808b1df25bb1d90fa4701
54822c5709873bcf9afc8091b8441dee5f4acc246672adc5c720899a6fc21f32
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c0ed253f95f410a51570a99ff208c11492b09c0745a60c0dee9906000649f2
54c2687de64bd6df6f87c864412becc0ba8c43282e84fd5ef7949c347498b2c1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b807de0d07c7c4f7c6eb0768f98c852883f1d1ff44f768a6c8d28dd8313e3b
560005b8eea65871f2ef7546da54f37827d92059ed24ff6ee8c0531dd55a9065
57497199f9b1d717565cff26dd8727c37937159984fc901b27c6202efaaf65a1
57ee1c89673fa47b2b3e28d42c8119c5d66b5e6cd2b9001418a969ca4c515299
591e83b3346c9a91bb0ac1c9c658fae064d1b61e238b2efb2f213215323a9882
59ce937613311d1ed6f8b028b62172ac1090a451188e0dfcb48d00e65152a5ba
5a298162070e6c98a3babbbacfb38fb188d1ea28e7f14c61524426b4414f2cba
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
613d3c9b1ae664647fc29af09983332254942b09d13dbc83eb8918e70843c639
61a8c08051254353c1d63a917d8726bf4ec00b058c8c788dbb24dd98005dd59b
61b176bf80a9ae9e8ddd98a46b3b5863af23f104739ad481d858c9aee06ba547
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632f5cd08bf1e4b618918edafe034f3ce838afe3b8a010b8fd26b08e79e50599
638b569a555e5237e935eaa674fca4ef1317347d53c41171b811759c47534d0e
63c011babe3a2e4a9d7ce48a4785b8632b0eb93414732294302782a169d03876
6501f17d0120035bb709b4bb2e848af8bf31f4b9ec55834387015602daadb02c
687329e5aacc15e5587781f383704d562c43d8c540314468b4d7964d7d012629
6c027c52a9e2fea6d7e3442fcc8d40259dfb8906365f400cae056f7255d009e0
6ce61d49a5513168c8d96e140f0a257dd8efb4df1fdf5b18289c1c5635ddb720
6cf786190315cf8d916712dd0fd5cecbcdd1461b3466b072d206fa2fcce0742f
6d6b09c15268cacba2ea1163546c274c8ad163adcd53426531b362f169157d27
6e7bfece69986376cbc9f073834ae0e1a39e4d3366f46dd84ae6b273be1ad90e
6ee63205a047742c50af66337295d0ff4fa1521f3ec6aef7a78a1ef47ceff26e
6f8cf949a76f5f0889678adc2519ea0b25762cf4614092ac817f95b2da733478
6fee8b4efec9b0317fa9c53cffbda34f21dace30ad3104e5af3cadf6217fc354
715eed8f518f11d26c5ec9789bfbdea840beebbe4ff4035e17ee88fbec5bde6c
729c9679f900a3150b549e9bd3e24a05d62ffd6e98e5ee6f66ae47d708472fea
73aa0b3eb13e34e7e7030368de080660d9ca41b583ad4eada429df8d631f5a47
75a8a35556e41adae2b687bbd93d42f97364aa126759827ce9d2d59b4b4f68af
760ab9911c00c318c2ccfa343765c3c40fe4fd218137dc639cff9aacec12f8f2
763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9
7655cfb5f171a77dbbef37a9d7f871e1a36fd57521fe9946729775c0c7a89be3
76eb36ff42d1ea0fc16db979853319b6c7cfc52a843096121254b805c2351ffb
786c04f75c9e13cec3f0aceccba3e6a87d9e1dff0a905fbf89c32ec104793c88
788454b8d7c4d482fd0a3110d4ee3c29ff7d4ce88935dc52d470b0fbfafbcb35
7a19395df49e314f95d80fcbe521c142f070beb113f31e1c29c53229e3af8133
7adc8e2d4c1826f7743be9905958f11884651e91ec1ecfe96f6e35a354fd57ee
7b580ea807f6193c66917134ad66b70beccff85e744f0a32ee00fbe19e2c1040
7b725ae865db1ff6a60a6dc326de6c6689138e473de067d5309b8562ed8addc6
7c56eaccdfaf45898b493d44f6063c20f365137a89bc2a883f2b7a53a3f5ea2d
7ef9e15dad9ea0f6269903aae00eb226b923ed4ca0829e38adb07125c47ef2e6
80e1b2c7c4e655d403bee383c22e263915565876f532a92044a87f87b1bee224
80e9cee2b987f990e3f0f54b0abe631d50f353ba3527e87bfdc404d1db9d9415
8218efa762dd579c3a97e371d17bdb9d30b5c32083d95548b07930412e4a08c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83493fdeb3c9624ec662b644bbe6cb67658ca92099fe133b65519bcc21b235ce
838272d2a935721c3d5ad7ae1d0e38bb8ab0f715d960b264dbb3424c8a739dea
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
877fa64eb78a65e1b23fef6c4acd56fd991c23f286250122e75c89b97e2cd405
8819b0d3268b13f643a92860ff6db03177c44398768eddae4c7572187dfcd480
88b64e35a757c98dc1f37c8985aa47ebcc1aa69ef9cb19ae9f71e546dd9e17f9
88c6323c80d0b90f5823b49f2fe189c5db8e940056099d89d52eca3bf2f698d1
88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4
895fd654c1a483a254f11b77466ffd000197084a85fab00b98e5875689fa2be2
8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fb6a3fed795d18c97e59795ac6fe8f7d4ad804e2844b9129d562d94b06f04fe
91e5875e998edb8674602fc61fb02103aee56ba337fd1cd5f45f3339f6314479
9546d11843004426bcd74f3713d0e531ae5cc97e28c8228fd68c7b5db8639ab3
963cf20265b52f825435cf871c00f16bf049941e3dfa31f389d8ca7455012b7b
9c45c6581f154b44f31a426c185f9e63eca4a3bece818d4538e32eb6ad45078b
9cc602f514742dc13959b6dc67765e28d60b12c19034fc652a42916583a02ed1
9dfde2ba9c506a2ff3279b128416b5c9b53f819ffffa56c0756d7619a74543fd
9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1
9f29f14f4abc5e9221d143a370ca21e835fc075f5221a07de534b0161d81476a
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199
a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23d3f944b7fb9a83d30c6ec095056c662757a603c757e482fe3fb02f8cee724
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67b319836d86d61b5073a465f042bc9d0583ee4705bde230cf7e542c0ac8a38
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a92612b9748a86d86668384da155e92c39074bde96917e864157360085f35fc6
aa82e29a1ef9355dada5b0c14c0f6ca778b5231c554cfa77bbd164b675ad6dc5
aac489f1d66bb04fd44663bfb3a9eafe35ad728f89cae6e2edaee44a882aa459
aaf3814524bd89364709ba29a2bfc51a8934b7e55b925b9d706d3c3ae9f9f53b
ab0335a147eedff460c9dcd5fd249b78606c81898e57db7397d1a4bacb962d5e
ab3227363c362a156c2e88a6f1319a1caa60426472943549a07520cecc40cd4b
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ad4958ed3cb815e2b8b1ff4ae13807cb6c4780403d1c79fd94b2ca56005fbefb
adc44a67cc045e239d9ff06bce160d60731db6958ada5e03fa90ccf1d64e572b
adf602f121b9f16fd0039da97beefb628d40a6b6175da0adef38ef335678d873
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b260601ab0f7801480f1c850c9bf953f920e0cba9b39387aadabf129c048a18b
b500c179f41916812a2729e3c939ed929a04037c6081347a7740b687339f07b9
b5a3530e4b2177e1c71bbe14b92236b2fc7d1c8799108057e64890d936e431b2
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c
bab7d34016a2aa37f5485e329365c108bd98722d78bf0f687ba9c5e60176d00b
bc2258efd8fc7f792e0e6ccf033267cc3932082ee5c145ad2114afe64060942f
bc8608d544723b3b62ea0bf64fb2333bb1c32b5b827c98bfd3e820fc6e17453d
bd14d25fb8b5f98af810efea7049fad966e15e3c4bae892398398cacf2950e19
be24a99cf0817b8f1cdaad5ae50ee0417373491e651a3c8a393c455f8d6ea3f9
bf42d056ce8cf3ccacfcfcd4319b5f5d96a9bd63b60a2d0899f30cc209bf60b6
bf485b4aeb076cf0c562f88227041f37dfab1443486b400c468297eab8161b04
bfefa051db42fc478a08732213675b32111498697eb9b200717a1d638f07568e
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a
c4b5831681f69d6f57e2c49e8ba57da3a215671da52b420f56b42532b9a06dd4
c4d3bb7501412910640b50392cc9e51316f91509b99cd5fb124d1363546191d2
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c5a6c9416396a1c70ec5fddb90a0ccbd1446a6954e6b7e25fc3e9dbb226b7260
c69ec200a9633b0482402270b6cd0984f2e2d569da3437e0a34f85d8680a6605
c769cb63e1f8a3cefe119a30c81af5ede42388736cc4f8b35895b2f08f58eb32
c9150c6e68704dd479a7b1d83c815ea96d610774bc8eaea3e87d9a76941b272b
ccde853e3803f5f4aa73c1530b0079b804177d46024d7088881aab990e6f651f
cd2b23bf4dd16a9fcd8b9d8a0bca1fd5cf3438379bfa2b7f8065a9d162aa0468
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4
d064fca6b8496954b2c447a45c4168f2c6f9ec09fa9ba9b05deee664c3088c66
d094b1b98f3193b96465288be265ab2825b25a2fb049dec8d7967b308e6f0510
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3b3a603c3c709ff564c8f2e3ea5703116008e997674664f3f341ead54bd6958
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1
d6b1ef2d417cb9da35554378e046faf97dee74af09f3f057408e6405018a2217
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dd396cba7949e705825c1cfc7f12946cce49176ee3d7da4ca179aa864674674d
dd5bac462552abcca98d3831e8c81029534e357d5629164929fc2a54f88910bf
df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5
dff6b11ecdcbf5b149582c406bf5a5cfe58af04ba84c14b2762e2061da5c5123
e0f1921ba1e745bea92f3b6a079db158c2bc72723894eefac1548b12cf56b1f9
e0fe3cf3f4b694a7bc4bb1b11462e00a89eebf156fdb9436f7f01c38fea73e26
e1b39537b4c41a887a67a106ce707c08ef9f388978cde7d79c032adda12c51c3
e1da7fa08df711187371d2ac7a206c90c6bc02cac01d1e29f636ba118088df04
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3013a1eaedf3dec63f9ef2ef3b4ab23fb557d860aeec4e6219d00fa244f9b8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e7f235828288c65ffa78a438c0acd8c03e9d5a94839c626cfb6c2f5a502ffe5b
e82fe46ea35e4f8b5b77af10326e4c8b4ed4de59d17a765236e2920edd9528ef
e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265
ea648b4afff4418fee576f5d4df8cfd012618e0951d5b1fc5d65c9f0f4a2d9f9
eb00caeeb5864d2c296487be10f4254f93fb6b66653755703eedbeb3a75b12e6
eb1d7199f1d5f92f4041fc9492d6585df3fe7649cc089470022cb6a11d03c552
eb768943f83809a545248caa9c62020cbdb6ef85f46bb7458ed058aff02db31f
ebd473d7f288cf6fc7cd00a65cece7f14fa649b25b4f47effd1acc7ad5f4c1eb
eda51ab7248feccf81e351757e504a158c1dd25a63c58304eb8111829ab438a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff48724203b13bd047a0fa681890c2d24d8c49b65c966cb7fb87ab99a7ad117
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f58089bd78c9c0bec016b4f773e16b083c2bd6b23e1241df58c6aedeff3410ed
f6328097b88e89b824f66b7327ac9625e7fdb720231b031c89171303dd5c2fff
f651e0344ed67b104b79c3b8cfb88260a7f5bc6bc9ed9a70737ac09b7bdc7289
f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe
f8f28263933a84466cc21cbf27d39d2aab3db9a6e447d0a9c07d56f75e568c5a
f94165d0245922b5a66938526efc1f8fc4b37cbf8bafeb65750e3f2c66b2c8d8
fa43a878dda1b74b5e4047573ccb38b2e3ae27e6c0be2de27a46e9bc1a4fb34f
fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba
fc856d4345031aa1129a23530aa157b64f231ae829b8e1954a2c80ae14ac9d71
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fd24324708424bc6ca927a66fb888fc4f909e27b459c0bef6f5f0cf96838e133
feaf4424e8e47e15f934187396a3aa63ddeb0002ee50ac0a69bdea461ce35a4d