hilight.kapook.com Open in urlscan Pro
27.254.43.243 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hilight.kapook.com/
Effective URL:
https://hilight.kapook.com/
Submission: On October 25 via api (October 25th 2023, 5:54:09 pm UTC) from US — Scanned from DE

Summary HTTP 257 Redirects Links 114 Behaviour Indicators

Summary

This website contacted 76 IPs in 14 countries across 73 domains to perform 257 HTTP transactions. The main IP is 27.254.43.243, located in Thailand and belongs to CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH. The main domain is hilight.kapook.com. The Cisco Umbrella rank of the primary domain is 259175.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 13th 2023. Valid for: a year.

This is the only time hilight.kapook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	27.254.43.243 27.254.43.243	9891 (CSLOX-IDC...) (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited.)
31	202.183.165.49 202.183.165.49	9891 (CSLOX-IDC...) (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited.)
1	202.183.165.228 202.183.165.228	4750 (CSLOXINFO...) (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	23.213.164.238 23.213.164.238	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.206.23.61 23.206.23.61	16625 (AKAMAI-AS) (AKAMAI-AS)
23	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	203.150.107.177 203.150.107.177	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	27.254.43.250 27.254.43.250	9891 (CSLOX-IDC...) (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited.)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 13	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1 6	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:ada	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	172.67.212.231 172.67.212.231	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.95.100 65.9.95.100	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:ea00:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2606:4700:10:... 2606:4700:10::ac43:1b1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	99.81.194.117 99.81.194.117	16509 (AMAZON-02) (AMAZON-02)
3	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	202.183.165.226 202.183.165.226	9891 (CSLOX-IDC...) (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited.)
1 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	67.220.226.232 67.220.226.232	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
8	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 5	52.57.96.192 52.57.96.192	16509 (AMAZON-02) (AMAZON-02)
1 1	141.95.32.73 141.95.32.73	16276 (OVH) (OVH)
1 1	52.7.163.13 52.7.163.13	14618 (AMAZON-AES) (AMAZON-AES)
1 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
5 5	52.210.254.58 52.210.254.58	16509 (AMAZON-02) (AMAZON-02)
8 8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	185.86.138.150 185.86.138.150	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	52.3.75.156 52.3.75.156	14618 (AMAZON-AES) (AMAZON-AES)
3 4	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4	2a05:d018:d29... 2a05:d018:d29:3605:290e:3f93:cc5a:81f7	16509 (AMAZON-02) (AMAZON-02)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 14	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
3	119.81.216.16 119.81.216.16	36351 (SOFTLAYER) (SOFTLAYER)
8	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	23.52.120.246 23.52.120.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c003... 2602:803:c003:200::27	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	173.231.180.197 173.231.180.197	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1 1	141.94.240.143 141.94.240.143	16276 (OVH) (OVH)
2 2	141.94.171.213 141.94.171.213	16276 (OVH) (OVH)
4 4	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.88.86.2 23.88.86.2	24940 (HETZNER-AS) (HETZNER-AS)
4 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
2 2	15.235.15.221 15.235.15.221	16276 (OVH) (OVH)
1 1	64.227.64.62 64.227.64.62	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
257	76

15 27.254.43.243 (Thailand) 1 redirects

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)

hilight.kapook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 202.183.165.49 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
PTR: p175-nasbkkST3.C.csloxinfo.net

my.kapook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.kapook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-center.kapook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.183.165.228 (Thailand)

ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH)
PTR: p354-nasbkkST3.C.csloxinfo.net

cdn.thelead.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.206.23.61 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-23-61.deploy.static.akamaitechnologies.com

ssl-avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.150.107.177 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 177.107.150.203.sta.inet.co.th

lvs.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.thaibuffer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 27.254.43.250 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)

s359.kapook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

apv-launcher.minute.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ada (United States)

ASN13335 (CLOUDFLARENET, US)

snippet.minute.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.212.231 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adnuntius.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-100.prg50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:ea00:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:1b1a (United States)

ASN13335 (CLOUDFLARENET, US)

counter.snackly.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.81.194.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-194-117.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.183.165.226 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
PTR: p352-nasbkkST3.C.csloxinfo.net

connect.thelead.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.226.232 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Mossingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.57.96.192 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-96-192.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.32.73 (Frankfurt am Main, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-eu-007.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.163.13 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-163-13.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.210.254.58 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-254-58.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.150 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.3.75.156 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-75-156.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.133 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:d29:3605:290e:3f93:cc5a:81f7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

smarttag.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.81.216.16 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 10.d8.5177.ip4.static.sl-reverse.com

avd.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.120.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::27 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.255 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.180.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-delivery-4.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.240.143 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-9.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.213 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.254.143.3 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.121 (Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.235.15.221 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.64.62 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	kapook.com 1 redirects hilight.kapook.com — Cisco Umbrella Rank: 259175 my.kapook.com — Cisco Umbrella Rank: 153920 www.kapook.com — Cisco Umbrella Rank: 164487 s359.kapook.com — Cisco Umbrella Rank: 188679 api-center.kapook.com — Cisco Umbrella Rank: 200595	685 KB
37	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1262 pm-widget.taboola.com — Cisco Umbrella Rank: 3991 trc.taboola.com — Cisco Umbrella Rank: 907 vidstat.taboola.com — Cisco Umbrella Rank: 3587 am-trc-events.taboola.com — Cisco Umbrella Rank: 12677 images.taboola.com — Cisco Umbrella Rank: 1957 imprammp.taboola.com — Cisco Umbrella Rank: 11278 am-match.taboola.com — Cisco Umbrella Rank: 13197 wf.taboola.com — Cisco Umbrella Rank: 3685 am-vid-events.taboola.com — Cisco Umbrella Rank: 10788 vidstatb.taboola.com — Cisco Umbrella Rank: 9042 pips.taboola.com — Cisco Umbrella Rank: 1909 cds.taboola.com — Cisco Umbrella Rank: 2514	703 KB
30	pubmatic.com 1 redirects ads.pubmatic.com — Cisco Umbrella Rank: 837 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 840 image6.pubmatic.com — Cisco Umbrella Rank: 1171 simage2.pubmatic.com — Cisco Umbrella Rank: 1265 image2.pubmatic.com — Cisco Umbrella Rank: 1547 simage4.pubmatic.com — Cisco Umbrella Rank: 1746 t.pubmatic.com — Cisco Umbrella Rank: 3482	158 KB
26	googlesyndication.com 1 redirects 06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169 pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com	135 KB
23	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	446 KB
7	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 640 mug.criteo.com — Cisco Umbrella Rank: 1822 dis.criteo.com — Cisco Umbrella Rank: 910	8 KB
6	rubiconproject.com ads.rubiconproject.com — Cisco Umbrella Rank: 2681 smarttag.rubiconproject.com — Cisco Umbrella Rank: 15873 eus.rubiconproject.com — Cisco Umbrella Rank: 916 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 8318 token.rubiconproject.com — Cisco Umbrella Rank: 764	23 KB
6	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783 ups.analytics.yahoo.com — Cisco Umbrella Rank: 509	2 KB
6	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 637	1 KB
6	thaibuffer.com assets.thaibuffer.com — Cisco Umbrella Rank: 189445	6 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	47 KB
5	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 950	3 KB
5	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 614	2 KB
4	exelator.com 4 redirects loada.exelator.com — Cisco Umbrella Rank: 35065	4 KB
4	onaudience.com 4 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 18527 pixel.onaudience.com — Cisco Umbrella Rank: 3680	2 KB
4	adform.net 3 redirects dmp.adform.net — Cisco Umbrella Rank: 4243 c1.adform.net — Cisco Umbrella Rank: 954	3 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 3797	3 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1223 id5-sync.com — Cisco Umbrella Rank: 687	32 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1393 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398 sync.crwdcntrl.net — Cisco Umbrella Rank: 1377 id.crwdcntrl.net — Cisco Umbrella Rank: 3750	13 KB
4	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2225 www.google.com — Cisco Umbrella Rank: 11	1 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 933	2 KB
3	innity.com avd.innity.com — Cisco Umbrella Rank: 28287	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	177 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30144	898 B
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 360 secure.adnxs.com — Cisco Umbrella Rank: 806	2 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2190 google-bidout-d.openx.net — Cisco Umbrella Rank: 2191	675 B
3	innity.net ssl-avd.innity.net — Cisco Umbrella Rank: 44231 avd.innity.net — Cisco Umbrella Rank: 39206	13 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 2139	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1469 s.tribalfusion.com — Cisco Umbrella Rank: 3247	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 7132	562 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 178
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1432	952 B
2	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	1 KB
2	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1237	770 B
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066	2 KB
2	snackly.co counter.snackly.co — Cisco Umbrella Rank: 8720	286 B
2	google.de www.google.de — Cisco Umbrella Rank: 3974	515 B
2	minute.ly apv-launcher.minute.ly — Cisco Umbrella Rank: 7994 snippet.minute.ly — Cisco Umbrella Rank: 10929	39 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	truehits.in.th lvs.truehits.in.th — Cisco Umbrella Rank: 48962	10 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	159 KB
2	thelead.tech cdn.thelead.tech — Cisco Umbrella Rank: 80927 connect.thelead.tech — Cisco Umbrella Rank: 77422	11 KB
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 5800	461 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3359	555 B
1	zeotap.com mwzeom.zeotap.com — Cisco Umbrella Rank: 4098	439 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128	527 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 11001
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 27364	412 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 8195	276 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 1417	795 B
1	ctnsnet.com ipac.ctnsnet.com — Cisco Umbrella Rank: 7500	369 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 2200	282 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 906	379 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 2169	553 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1313	278 B
1	dotomi.com pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5593	104 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186	187 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 957	704 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011	788 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241	1 KB
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 6127	353 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164	524 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1260	589 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2392	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2724	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 897	13 KB
1	adnuntius.delivery ads.adnuntius.delivery — Cisco Umbrella Rank: 28439	725 B
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
0	mrtnsvr.com Failed ad.mrtnsvr.com Failed
0	rlcdn.com Failed api.rlcdn.com Failed
0	loopme.me Failed csync.loopme.me Failed
257	73

	Domain	Requested by
26	my.kapook.com	hilight.kapook.com my.kapook.com
15	hilight.kapook.com	1 redirects hilight.kapook.com
14	tpc.googlesyndication.com	1 redirects hilight.kapook.com 06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com 50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
12	simage2.pubmatic.com	ads.pubmatic.com
11	securepubads.g.doubleclick.net	1 redirects hilight.kapook.com securepubads.g.doubleclick.net smarttag.rubiconproject.com www.googletagservices.com
8	pagead2.googlesyndication.com	hilight.kapook.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	cm.g.doubleclick.net	8 redirects
8	image2.pubmatic.com	ads.pubmatic.com
8	images.taboola.com	hilight.kapook.com
7	cdn.taboola.com	hilight.kapook.com cdn.taboola.com
6	match.adsrvr.org	ads.pubmatic.com am-match.taboola.com imprammp.taboola.com
6	assets.thaibuffer.com	my.kapook.com hilight.kapook.com
5	match.prod.bidr.io	5 redirects
5	x.bidswitch.net	3 redirects am-match.taboola.com
5	gum.criteo.com	1 redirects cdn.taboola.com static.criteo.net ads.pubmatic.com
5	s359.kapook.com	hilight.kapook.com
4	loada.exelator.com	4 redirects
4	www.gstatic.com	hilight.kapook.com 06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com 50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
4	pr-bh.ybp.yahoo.com	ads.pubmatic.com am-match.taboola.com imprammp.taboola.com
4	a.audrte.com	3 redirects ads.pubmatic.com
4	am-trc-events.taboola.com	hilight.kapook.com
4	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
3	sync.1rx.io	3 redirects
3	avd.innity.com	avd.innity.net hilight.kapook.com
3	fonts.googleapis.com	06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com hilight.kapook.com 50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
3	www.googletagservices.com	securepubads.g.doubleclick.net hilight.kapook.com 50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
3	c1.adform.net	2 redirects ads.pubmatic.com
3	image6.pubmatic.com	1 redirects ads.pubmatic.com
3	id5-sync.com	cdn.id5-sync.com ads.pubmatic.com
3	www.google.com	1 redirects hilight.kapook.com tpc.googlesyndication.com
3	ads.pubmatic.com	hilight.kapook.com ads.pubmatic.com
3	www.kapook.com	hilight.kapook.com
2	pixel.onaudience.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	pixel-eu.onaudience.com	2 redirects
2	d5p.de17a.com	2 redirects
2	simage4.pubmatic.com	ads.pubmatic.com
2	www.googleadservices.com	hilight.kapook.com
2	50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	eus.rubiconproject.com	smarttag.rubiconproject.com eus.rubiconproject.com
2	googleads.g.doubleclick.net	hilight.kapook.com 06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com
2	am-vid-events.taboola.com	hilight.kapook.com
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	api-center.kapook.com	my.kapook.com
2	ad.turn.com	2 redirects
2	ups.analytics.yahoo.com	ads.pubmatic.com imprammp.taboola.com
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	cr.frontend.weborama.fr	2 redirects
2	sync-tm.everesttech.net	1 redirects ads.pubmatic.com
2	ib.adnxs.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	avd.innity.net	ssl-avd.innity.net hilight.kapook.com
2	06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	oajs.openx.net	1 redirects hilight.kapook.com
2	counter.snackly.co	snippet.minute.ly
2	www.google.de	hilight.kapook.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	trc.taboola.com	cdn.taboola.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	lvs.truehits.in.th	hilight.kapook.com
2	www.googletagmanager.com	hilight.kapook.com www.googletagmanager.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	mwzeom.zeotap.com	ads.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	green.erne.co	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	p.rfihub.com	1 redirects
1	ipac.ctnsnet.com	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	b1sync.zemanta.com	1 redirects
1	t.adx.opera.com	1 redirects
1	t.pubmatic.com	ads.pubmatic.com
1	lb.eu-1-id5-sync.com	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	beacon-ams3.rubiconproject.com	hilight.kapook.com
1	smarttag.rubiconproject.com	ads.rubiconproject.com
1	ads.rubiconproject.com	securepubads.g.doubleclick.net
1	vidstatb.taboola.com	hilight.kapook.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	imprammp.taboola.com	vidstat.taboola.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	pixel-sync.sitescout.com	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	ws.rqtrk.eu	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	1 redirects
1	mug.criteo.com	hilight.kapook.com
1	connect.thelead.tech	cdn.thelead.tech
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	hbopenbid.pubmatic.com	ads.pubmatic.com
1	ads.adnuntius.delivery	ads.pubmatic.com
1	snippet.minute.ly	apv-launcher.minute.ly
1	region1.analytics.google.com	www.googletagmanager.com
1	apv-launcher.minute.ly	cdn.taboola.com
1	ssl-avd.innity.net	my.kapook.com
1	cdn.thelead.tech	hilight.kapook.com
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
0	ad.mrtnsvr.com Failed	ads.pubmatic.com
0	api.rlcdn.com Failed	ads.pubmatic.com
0	csync.loopme.me Failed	ads.pubmatic.com
257	123

This site contains links to these domains. Also see Links.

Domain
www.kapook.com
news.kapook.com
women.kapook.com
lottery.kapook.com
football.kapook.com
money.kapook.com
education.kapook.com
movie.kapook.com
musicstation.kapook.com
drama.kapook.com
horoscope.kapook.com
men.kapook.com
health.kapook.com
travel.kapook.com
cooking.kapook.com
car.kapook.com
home.kapook.com
mobile.kapook.com
gasprice.kapook.com
wedding.kapook.com
baby.kapook.com
pet.kapook.com
infographic.kapook.com
job.kapook.com
center-login.kapook.com
account.kapook.com
market.kapook.com
truehits.net
popup.taboola.com
trc.taboola.com
click.gamingtrk.com
de.funfacts.it
das-solar-portal.de
gnotersnected.com
covid-19.kapook.com
calendar.kapook.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
*.kapook.com Sectigo RSA Organization Validation Secure Server CA	`2023-09-13` - `2024-09-12`	a year	crt.sh
cdn.thelead.tech R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.innity.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-24` - `2024-02-26`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
lvs.truehits.in.th Sectigo RSA Domain Validation Secure Server CA	`2023-09-15` - `2024-10-14`	a year	crt.sh
assets.thaibuffer.com E1	`2023-10-15` - `2024-01-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.minute.ly Sectigo RSA Organization Validation Secure Server CA	`2023-05-30` - `2024-05-18`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
adnuntius.delivery E1	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.snackly.co Sectigo RSA Organization Validation Secure Server CA	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
connect.thelead.tech R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-08` - `2023-12-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.ctnsnet.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-13` - `2024-11-10`	a year	crt.sh
*.iprom.net R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
truffle.bid R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh

This page contains 44 frames:

Primary Page: https://hilight.kapook.com/
Frame ID: 74407D8052970E91B2A3FAD083F0B5C0
Requests: 138 HTTP requests in this frame

Frame: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F78637E489580CA0703276F25CAB3BFC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hilight.kapook.com
Frame ID: C3665E394B85CBE3268A9B11BF4105B0
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Frame ID: 1F45F3C9EE4F2D9D1733D3B30E3B30FF
Requests: 24 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 638B666B67A445249AACE6A0E565E789
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=465EFA93-E986-48DD-A278-4B4158DC34D7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 25DBEA26C80016C6A859527BD0E06CC3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kAM8vZMAPOWLVzfmk1Uis8APO72LATvgkwci16-w
Frame ID: FD652C5A3382170E90119A82676A3B62
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=96348530435044245&gdpr=0&gdpr_consent=
Frame ID: A293F607EC65C781B95D520422E451AE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293955878632290450&gdpr=0&gdpr_consent=
Frame ID: F5D4F3EDFE06BD42E247A1650B63B75C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e39fcbde-0589-4dab-b031-11b646cf44fe&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: F934A00EA8839F8F6A16CD54DB51A830
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jPVAtuxBXqdgv7R-IW1litly2hY&gdpr=0&gdpr_consent=
Frame ID: A7FE50D66ABCD80C3216AA1D1F1671D6
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTlWOgAad7O0CAA_
Frame ID: 91F815BF4FEECAED784568CF443F10A7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFYDU7KcqwAABu2YXgFlA&gdpr=0&gdpr_consent=
Frame ID: B2E2AD9188A0F6B3466B27027F21ECAD
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 405C2C2161B22DC8DC1AB44BF06AFADA
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&cmcv=&pix=undefined&cb=1698256442650&uv=3351&tms=1698256442650&abt=adxsub-out_vA!adxsub-out_vB!ufm!uftchrwf_vC!unf_vC&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=0f0031db-4721-4a52-911e-151cb1a91047&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: EEF6D5B90432A640F563F9C7AE582659
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 74EC266423FAE87E53A40E7B730EC917
Requests: 4 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: C6AC8CAD2671B12BFFA64BF3A3ABFE76
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 4D56E0543675AA487A614BE484E31545
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0bGt4MrctVP7PY2LilK3dvUXot2YicfJGmdT-xRdJzFW6CNtxWP7pfEqMLwCjttmlUwbwoj2PK27AEHfSjDYkubEei8ho3foRLuOWYCLgBweyQkZ-ucJie6oUP1c5_8Cb_Lc96wXOwdW2FueUdKn3GpO31jOdA8xnNQSMo8uX7xQYUF9lP3oqTkYe7ZF_dxZ-4qIVZbFYfvrIyBXlRe2vQN5JGJyFCGWsluj4vZ-DWRuMs5VpqoKLeTl954J68eqx_SluhAJtfPr0aas-nKeIQh6vCqglqsXwSMgAbPxw2DxtmcIe-L3uGgXFi2XW4DP_YSpVt99vymutSenQdKtOv1kAOlxH_cuJh5seERwORbbDDFDdUKM&sai=AMfl-YQ9CkIIh7ZFLZqc2YqaTzwdgpR_MwXyEveWuuInX10ELyiwtKt5RFGYO9uPzursYv86_t33Fogn-zcoTj-NleDWqSK4Zqmo2-7ivDt03sZ-AH5ZYVit8_47e-quCmkmA6rNDSnqpcoghm64Xv8&sig=Cg0ArKJSzPSGNPmzpDUNEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 74541EA713B8771B407EA54567C1977A
Requests: 14 HTTP requests in this frame

Frame: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 73E0165D757F8C88E293DACB745BC43F
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3A98D6C2FC480B714159FCFC8E36C536
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C70339E1362695C1490B3BF431C429FA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js
Frame ID: CC90EF150D7DF9C340DD3944351CAB8A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 9BEF1948C721EEB1DE06F2498B091587
Requests: 3 HTTP requests in this frame

Frame: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 50B8141ED55D9A65FB92663314783C9D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 07E55A4665A0196FC058BC57548F195F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD926874528CA5696D9A0784976DCFD2
Requests: 2 HTTP requests in this frame

Frame: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 81094AA0A8FA0959575241E255A3BC91
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js
Frame ID: 46C65472D55A818401E15B278ADCA84A
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=465EFA93-E986-48DD-A278-4B4158DC34D7&gdpr=0&gdpr_consent=
Frame ID: F96FC8C288686274D1554F26F772F192
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6aadb3c2ced24d7da5d5e49ca4d5adf6
Frame ID: CAB931D13247ED2A2FC97B958873F04D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 604551FFCCDC8B9B34D15E99AE3D507D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 8D4195772C9893FB71E275C64F897575
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: B09CEF6879B923FB872AC74FA13A1143
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8636055607584228182
Frame ID: E215B267CB5BE0BBF46FC4F4F0B15594
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433830614261762
Frame ID: E61452C898B27493EA3018B47C94D5C2
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 388988A68FBC5DEAC8BD95C17C95DD34
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: D406655768FF1EC19FC906DF4925C988
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhjRUUghhSYMXahUR&gdpr=0&gdpr_consent=
Frame ID: 788C6EB342DC834224D93695B36FE409
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 8333BF6F3D259D85ABCFE6212719890F
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 33CE88D30B0BED378693239A9A12A5C7
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 52A3B98C66696F521E3F812BE575A07E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76E01BE1BC8945DE89BBB47B76087565&gdpr=0&gdpr_consent=
Frame ID: FC971AA33EC8E72117BEA607F4439438
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-98fae61b-ad98-4f78-aac5-b429cabbe658-003
Frame ID: 5675660E6BD68A93DB180D92BCD9B105
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kapook.com รวม ข่าว ผลบอล เกมส์ ดูดวง ตรวจหวย ดูทีวีออนไลน์ เพลงใหม่

Page URL History Show full URLs

http://hilight.kapook.com/ HTTP 301
https://hilight.kapook.com/ Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

257
Requests

93 %
HTTPS

31 %
IPv6

73
Domains

123
Subdomains

76
IPs

14
Countries

2725 kB
Transfer

8143 kB
Size

109
Cookies

114 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kapook.com/

Search URL Search Domain Scan URL

URL: https://news.kapook.com/
Title: ข่าว

Search URL Search Domain Scan URL

URL: https://women.kapook.com/star.php
Title: ข่าวบันเทิง

Search URL Search Domain Scan URL

URL: https://lottery.kapook.com/
Title: ตรวจหวย

Search URL Search Domain Scan URL

URL: https://football.kapook.com/
Title: ผลบอลสด

Search URL Search Domain Scan URL

URL: https://money.kapook.com/
Title: การเงิน

Search URL Search Domain Scan URL

URL: https://education.kapook.com/
Title: การศึกษา

Search URL Search Domain Scan URL

URL: https://movie.kapook.com/
Title: ดูหนัง

Search URL Search Domain Scan URL

URL: https://musicstation.kapook.com/
Title: Music Station

Search URL Search Domain Scan URL

URL: https://drama.kapook.com/
Title: ละคร

Search URL Search Domain Scan URL

URL: https://horoscope.kapook.com/
Title: ดูดวง

Search URL Search Domain Scan URL

URL: https://women.kapook.com/
Title: ผู้หญิง

Search URL Search Domain Scan URL

URL: https://men.kapook.com/
Title: ผู้ชาย

Search URL Search Domain Scan URL

URL: https://health.kapook.com/
Title: สุขภาพ

Search URL Search Domain Scan URL

URL: https://travel.kapook.com/
Title: ท่องเที่ยว

Search URL Search Domain Scan URL

URL: https://cooking.kapook.com/
Title: สูตรอาหารง่ายๆ

Search URL Search Domain Scan URL

URL: https://car.kapook.com/
Title: รถยนต์

Search URL Search Domain Scan URL

URL: https://home.kapook.com/
Title: บ้านและการตกแต่ง

Search URL Search Domain Scan URL

URL: https://mobile.kapook.com/
Title: มือถือ

Search URL Search Domain Scan URL

URL: https://money.kapook.com/gold
Title: ราคาทอง

Search URL Search Domain Scan URL

URL: https://gasprice.kapook.com/gasprice.php
Title: ราคาน้ำมัน

Search URL Search Domain Scan URL

URL: https://wedding.kapook.com/
Title: แต่งงาน

Search URL Search Domain Scan URL

URL: https://baby.kapook.com/
Title: แม่และเด็ก

Search URL Search Domain Scan URL

URL: https://pet.kapook.com/
Title: สัตว์เลี้ยง

Search URL Search Domain Scan URL

URL: https://infographic.kapook.com/
Title: Infographic

Search URL Search Domain Scan URL

URL: https://www.kapook.com/app
Title: แอปฯ กระปุก

Search URL Search Domain Scan URL

URL: https://www.kapook.com/advert
Title: ติดต่อโฆษณา

Search URL Search Domain Scan URL

URL: https://www.kapook.com/notice
Title: แจ้งปัญหา

Search URL Search Domain Scan URL

URL: https://job.kapook.com/
Title: ร่วมงานกับเรา

Search URL Search Domain Scan URL

URL: https://center-login.kapook.com/?login=1&redirect=https://hilight.kapook.com/
Title: เข้าสู่ระบบ

Search URL Search Domain Scan URL

URL: https://account.kapook.com/
Title: จัดการ profile

Search URL Search Domain Scan URL

URL: https://market.kapook.com/me
Title: kapook market

Search URL Search Domain Scan URL

URL: https://center-login.kapook.com/?logout=1&redirect=https://hilight.kapook.com/
Title: Sign Out

Search URL Search Domain Scan URL

URL: https://truehits.net/stat.php?login=mrkapook

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/th/?template=colorbox&utm_source=kapook&utm_medium=referral&utm_content=alternating-thumbnails-home:Desktop%20Category%20Thumbnails:
Title: เว็บไซต์สปอนเซอร์โดย Taboola

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/kapook/log/3/click?pi=%2F&ri=606c47ed9c0b8285754d64e24b7b1e01&sd=v2_52d01f40972505e1f335f93c21f2293e_ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9_1698256441_1698256441_CNawjgYQgaNGGISk47-2MSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABozOTU0unQ5cneAXAA&ui=ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9&it=text&ii=~~V1~~-1577692741361902305~~5qOIivGDFO-eR2XTSfkBUqGoL6aj_XXuOButiXrhj399_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kLqKQ6o0dv8Pnu59kvIZGpr1yQBOBVLCmSPYtngHOxIKCpjZyN-kpKMSG5Ywz-_bPketPUGzSBXlOkmO9H0mALGiRxwiK178R-P4P059T8KejrOGv-6iDoYLvQ6osB3pEQ&pt=category&li=rbox-c2m&sig=0850a76cc6b26d4b0937f147e3baf207598f7a821678&redir=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN8470.1006845TABOOLAEUROPELTD_G2%2FB30367689.372693810%3Bdc_trk_aid%3D564867922%3Bdc_trk_cid%3D196892405%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Bdc_tdv%3D1%3Ftblci%3DGiAVyLFM_7Ci3o3HXDbMzyOGNO6Wghmhy7H-Mfg10BopOCC92V4ou8aQjIeS9_-PAQ%23tblciGiAVyLFM_7Ci3o3HXDbMzyOGNO6Wghmhy7H-Mfg10BopOCC92V4ou8aQjIeS9_-PAQ&vi=1698256441860&p=groupmitaly-mindshareitaly-costacrociere-sc&r=39&tvi2=84&tvi48=9598&tvi50=9864&lti=deflated&ppb=CIEH&cpb=EhIyMDIzMTAyNS01LVJFTEVBU0UY_6TsNCCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDIyODiAtMvLDUCb4wlIhIoQUJCt2QNY____________AWMI0DcQ_koYMGRjCKo1EIhNGDJkYwg0EFQYAmRjCNcWENUfGCNkYwjt__________8BEO3__________wEYE2RjCNwKEPsaGBZkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCMj__________wEQyP__________ARg4ZGMIqhwQi18YCWRjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGAqIGGApABHJgBpaTjv7Yx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://click.gamingtrk.com/5247e408-e801-4da4-a709-9968b50f3204
Title: RAID

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/kapook/log/3/click?pi=%2F&ri=606c47ed9c0b8285754d64e24b7b1e01&sd=v2_52d01f40972505e1f335f93c21f2293e_ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9_1698256441_1698256441_CNawjgYQgaNGGISk47-2MSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABozOTU0unQ5cneAXAA&ui=ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9&it=text&ii=~~V1~~-5585819689428322306~~wbIvkjX3r-dG9nhTgibeLiMbnWe7t6lkaVMYDH3fhM7noZueAsnM0UTkqRiz-o8uuKa2_rupL9I0kvx1XVufut2qKIJrSNJ_InWKPTfYcgzaXzWc0vY2-B5N-kofkML8cWzD49ozu01bMa3bGh05T33lNck4erluC8p7hUFPTQ9bthFyedHQmsPQaGIyFY6ETS8Maux2jWC1gRU3nx5A7mTz7RJrna_FhEtrqIV2thboYD60qVYzKB_9uZqcHlwH&pt=category&li=rbox-c2m&sig=341ffd5a015fee04a1e2000fe72c51c742114a717efa&redir=https%3A%2F%2Fclick.gamingtrk.com%2F5247e408-e801-4da4-a709-9968b50f3204%3Fsite%3Dkapook%26site_id%3D1151361%26title%3DVom%2BAlltag%2Bentfliehen%253A%2BDie%2BKunst%2Bdes%2BEintauchens%2Bin%2Bepische%2BMMO-Abenteuer.%26platform%3DDesktop%26campaign_id%3D26520884%26campaign_item_id%3D3801032875%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F172b30bb9b4e66fbb1716c20aa8c5583.png%26click_id%3DGiAVyLFM_7Ci3o3HXDbMzyOGNO6Wghmhy7H-Mfg10BopOCDt7k8og7zl-enL-tdG%26tblci%3DGiAVyLFM_7Ci3o3HXDbMzyOGNO6Wghmhy7H-Mfg10BopOCDt7k8og7zl-enL-tdG%23tblciGiAVyLFM_7Ci3o3HXDbMzyOGNO6Wghmhy7H-Mfg10BopOCDt7k8og7zl-enL-tdG&vi=1698256441860&p=00001&r=86&tvi2=84&tvi48=9598&tvi50=9864&lti=deflated&ppb=CIEH&cpb=EhIyMDIzMTAyNS01LVJFTEVBU0UY_6TsNCCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDIyODiAtMvLDUCb4wlIhIoQUJCt2QNY____________AWMI0DcQ_koYMGRjCKo1EIhNGDJkYwg0EFQYAmRjCNcWENUfGCNkYwjt__________8BEO3__________wEYE2RjCNwKEPsaGBZkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCMj__________wEQyP__________ARg4ZGMIqhwQi18YCWRjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGAqIGGApABHJgBpaTjv7Yx&cta=true
Title: Jetzt spielen

Search URL Search Domain Scan URL

URL: https://de.funfacts.it/allgemein/die-10-beliebtesten-namen-fr-mdchen/
Title: Funfacts.de

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/kapook/log/3/click?pi=%2F&ri=606c47ed9c0b8285754d64e24b7b1e01&sd=v2_52d01f40972505e1f335f93c21f2293e_ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9_1698256441_1698256441_CNawjgYQgaNGGISk47-2MSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABozOTU0unQ5cneAXAA&ui=ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9&it=photo&ii=~~V1~~-2288076820657284133~~m8xx-JtugS4ASQNHZk3RPB3f0kfWTc8Itr5RAvF50UctUJBJJxeAaTLVAzgTNUtQebr2riaK6N9umGJKDShy0NqWJ5SrM_LVcOjpG_3H5gb7Mbfw7zUk-7DrirqrOBstYTIa30RsRaeCery_-LBHDmht2tLGbThBbTRFqZEXHKM&pt=category&li=rbox-c2m&sig=c55162e6cbd836c7b62a497e137df7ac48654c557d70&redir=https%3A%2F%2Fde.funfacts.it%2Fallgemein%2Fdie-10-beliebtesten-namen-fr-mdchen%2F%3Futm_source%3D5804%26utm_campaign%3D1151361%26epi%3D1151361%26tblci%3DGiAVyLFM_7Ci3o3HXDbMzyOGNO6Wghmhy7H-Mfg10BopOCCYmFsojvrWms-J-uYI%23tblciGiAVyLFM_7Ci3o3HXDbMzyOGNO6Wghmhy7H-Mfg10BopOCCYmFsojvrWms-J-uYI&vi=1698256441860&p=taboolaaccount-staffadintendcom&r=62&tvi2=84&tvi48=9598&tvi50=9864&lti=deflated&ppb=CIEH&cpb=EhIyMDIzMTAyNS01LVJFTEVBU0UY_6TsNCCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDIyODiAtMvLDUCb4wlIhIoQUJCt2QNY____________AWMI0DcQ_koYMGRjCKo1EIhNGDJkYwg0EFQYAmRjCNcWENUfGCNkYwjt__________8BEO3__________wEYE2RjCNwKEPsaGBZkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCMj__________wEQyP__________ARg4ZGMIqhwQi18YCWRjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGAqIGGApABHJgBpaTjv7Yx&cta=true
Title: Weiterlesen

Search URL Search Domain Scan URL

URL: https://das-solar-portal.de/zahlen-sie-fur-strom-fast-nichts-tab/
Title: Angebots Guru

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/kapook/log/3/click?pi=%2F&ri=606c47ed9c0b8285754d64e24b7b1e01&sd=v2_52d01f40972505e1f335f93c21f2293e_ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9_1698256441_1698256441_CNawjgYQgaNGGISk47-2MSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABozOTU0unQ5cneAXAA&ui=ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9&it=text&ii=~~V1~~-8114203711277217367~~SMYAnK0NKKgzjEvHapD-xsHjgguEtiL7lGMp5vPFKGRX0Y1p638VbFQBn088-wXBp7A4EbmeqHvqP4Rc_JlJNW_yDFhkG5TpZlgXdfEYr6U4WMzcaCJBCkGd_YmlzJ0xjxfAtsj75Zm6PzSBS4yNyZs1jLixa1MRU0cmeHZXLKHSjwdRjPukqG5Oe8le8w52&pt=category&li=rbox-c2m&sig=d3118b8969db012e75e35500b28ec38d83c0769cbc45&redir=https%3A%2F%2Fdas-solar-portal.de%2Fzahlen-sie-fur-strom-fast-nichts-tab%2F%3Fs2%3DGiAVyLFM_7Ci3o3HXDbMzyOGNO6Wghmhy7H-Mfg10BopOCDxmFwow7b7upPmpvLNAQ%26tblci%3DGiAVyLFM_7Ci3o3HXDbMzyOGNO6Wghmhy7H-Mfg10BopOCDxmFwow7b7upPmpvLNAQ%23tblciGiAVyLFM_7Ci3o3HXDbMzyOGNO6Wghmhy7H-Mfg10BopOCDxmFwow7b7upPmpvLNAQ&vi=1698256441860&p=cooperadvertisinggmbh-leadgen-solarpanels-sc&r=16&tvi2=84&tvi48=9598&tvi50=9864&lti=deflated&ppb=CIEH&cpb=EhIyMDIzMTAyNS01LVJFTEVBU0UY_6TsNCCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDIyODiAtMvLDUCb4wlIhIoQUJCt2QNY____________AWMI0DcQ_koYMGRjCKo1EIhNGDJkYwg0EFQYAmRjCNcWENUfGCNkYwjt__________8BEO3__________wEYE2RjCNwKEPsaGBZkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCMj__________wEQyP__________ARg4ZGMIqhwQi18YCWRjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGAqIGGApABHJgBpaTjv7Yx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://gnotersnected.com/06f63381-9128-4243-bfaf-273f0788f893
Title: Apotheken Magazin

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/kapook/log/3/click?pi=%2F&ri=606c47ed9c0b8285754d64e24b7b1e01&sd=v2_52d01f40972505e1f335f93c21f2293e_ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9_1698256441_1698256441_CNawjgYQgaNGGISk47-2MSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABozOTU0unQ5cneAXAA&ui=ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9&it=text&ii=~~V1~~-8314119046596097460~~VCi5ahvXu1Eu9D5N5YMMXEE6-yln8EG6Zda0WkrQ1eXndeDnMWeTrwrit0CQtpgEb_IMWGQblOlmWBd18RivpcDI3zoieZEJihp8xOB3c4CPF8C2yPvlmbo_NIFLjI3J4iZQtUWg-nHG7RBY6CXPbg&pt=category&li=rbox-c2m&sig=a991f9b56c301b8a4d57059d22710a6002943be2f7aa&redir=https%3A%2F%2Fgnotersnected.com%2F06f63381-9128-4243-bfaf-273f0788f893%3Fsite%3Dkapook%26site_id%3D1151361%26title%3DEin%2BGeheimtipp%2Bunter%2BPrivatversicherte%253A%2BBis%2Bzu%2B70%2525%2Bder%2BBeitr%25C3%25A4ge%2Bsparen%26platform%3DDesktop%26campaign_id%3D26446762%26campaign_item_id%3D3716440141%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F3fa7a7a3fd9a7b1f2ad610344b7152e7.png%26click_id%3DGiAVyLFM_7Ci3o3HXDbMzyOGNO6Wghmhy7H-Mfg10BopOCC9mlwotfW26viY4p1V%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiAVyLFM_7Ci3o3HXDbMzyOGNO6Wghmhy7H-Mfg10BopOCC9mlwotfW26viY4p1V%23tblciGiAVyLFM_7Ci3o3HXDbMzyOGNO6Wghmhy7H-Mfg10BopOCC9mlwotfW26viY4p1V&vi=1698256441860&p=belafkiho-pkvtarifwechsel-sc&r=24&tvi2=84&tvi48=9598&tvi50=9864&lti=deflated&ppb=CIEH&cpb=EhIyMDIzMTAyNS01LVJFTEVBU0UY_6TsNCCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDIyODiAtMvLDUCb4wlIhIoQUJCt2QNY____________AWMI0DcQ_koYMGRjCKo1EIhNGDJkYwg0EFQYAmRjCNcWENUfGCNkYwjt__________8BEO3__________wEYE2RjCNwKEPsaGBZkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCMj__________wEQyP__________ARg4ZGMIqhwQi18YCWRjCPQUEJ4dGB9kYwikJxCKNRgvZHgBgAECiAGAqIGGApABHJgBpaTjv7Yx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://women.kapook.com/view274611.html
Title: ณเดชน์ พูดแล้ว ! หลังประกาศหาโปรโมเตอร์มวย แต่เจอคนแซะโรคหอบ ชี้รู้ลิมิตตัวเอง ถ้าอ่านดี ๆ จะเห็นว่าตั้งใจขอไปดูติ แจงยังต้องใช้ใบหน้าหากินอยู่

Search URL Search Domain Scan URL

URL: https://women.kapook.com/view274610.html
Title: มิน พีชญา แฮปปี้ ! เควิน หนุ่มคนรู้ใจ หอบดอกไม้เซอร์ไพรส์กลางงาน เปิดหน้า พร้อมเปิดตัว !

Search URL Search Domain Scan URL

URL: https://women.kapook.com/view274609.html
Title: อาม ชุติมา ช็อก ! ทอง 10 บาท-เงินแสนหาย ที่แท้คนใกล้ตัว แช่งขอให้ชีวิตพัง

Search URL Search Domain Scan URL

URL: https://women.kapook.com/view274606.html
Title: กวาง AB Normal เปิดใจที่แรกหลังเลิก น้ำหวาน เผยความสัมพันธ์ คือไปกัน 3 คน

Search URL Search Domain Scan URL

URL: https://women.kapook.com/view274602.html
Title: อุ้ม ลักขณา เปิดความรู้สึกจากใจ หลัง น้องดิสนีย์ เข้า รร. ใหม่ - บอล มาส่งลูกวันแรก

Search URL Search Domain Scan URL

URL: https://women.kapook.com/view274596.html
Title: จั๊ก ชวิน กลับมาทำงานหลังหายป่วย เผยรอยยิ้มร่วมซ้อมร้องเพลงพร้อม ปีเตอร์ - ศรราม

Search URL Search Domain Scan URL

URL: https://women.kapook.com/view274589.html
Title: ทัวร์ลง ! แมทธิว-ลีเดีย วิจารณ์ พลอย คบ คลอดีน กลางรายการ ก่อนเจอสวนกลับแรง !

Search URL Search Domain Scan URL

URL: https://horoscope.kapook.com/view274570.html
Title: หมอช้าง ตีแผ่นิสัย 2 ราศี ใส่ใจโซเชียล แต่มีข้อเสีย.. อ่านแล้วไม่ค่อยตอบ ! ข้อดีคือเช็กโทรศัพท์ตลอด แต่ข้อเสียคือไม่ตอบ

Search URL Search Domain Scan URL

URL: https://horoscope.kapook.com/view274558.html
Title: ดูดวง 12 ลัคนาราศี หลังดาวพฤหัสบดีพักรองศา กับโหรรัตนโกสินทร์ ดาวพฤหัสบดีพักรองศา โหรรัตนโกสินทร์ ทำนาย ดวงเมือง ดวงโลก และดวง 12 ลัคนาราศี จะเป็นอย่างไรมาดูกัน

Search URL Search Domain Scan URL

URL: https://horoscope.kapook.com/view274489.html
Title: ดูดวง 6 ลัคนาราศีดวงดอกไม้สวรรค์ หลังดวงดาวทำมุมกัน กับโหรรัตนโกสินทร์ โหรรัตนโกสินทร์ เผย 6 ราศีดวงดี หลังดวงดาวทำมุม “ดวงดอกไม้สวรรค์” มีราศีไหนบ้าง มาดูกัน

Search URL Search Domain Scan URL

URL: https://horoscope.kapook.com/view274467.html
Title: หมอช้าง ดูดวง 3 ราศี ช่วงนี้โชคด้านการงานดี วาสนารุ่ง มีโอกาสก้าวหน้า ! ทิศทางการทำงานอยู่ในช่วงขาขึ้น ต่อยอดสู่ความสำเร็จ

Search URL Search Domain Scan URL

URL: https://drama.kapook.com/view274505.html
Title: เรื่องย่อ ฟาร์มรักนักปลูกผัก Romance On The Farm ไปวางแผนการสร้างรายได้ในฟาร์มกัน

Search URL Search Domain Scan URL

URL: https://drama.kapook.com/view274457.html
Title: เรื่องย่อ The Matchmakers ถ้าอยากมีคู่ พวกเขาช่วยคุณได้

Search URL Search Domain Scan URL

URL: https://drama.kapook.com/view274392.html
Title: เรื่องย่อ Doona ดูนา ไอดอลสาวข้างบ้าน ความรักเกินต้านจะเบ่งบานในใจ

Search URL Search Domain Scan URL

URL: https://drama.kapook.com/view274184.html
Title: เรื่องย่อ A Good Day to be a Dog ตุลาคมนี้ ทุกคนจะอยากเป็นน้องหมา

Search URL Search Domain Scan URL

URL: https://drama.kapook.com/view274151.html
Title: เรื่องย่อ Strong Girl Namsoon สาวน้อยจอมพลังคังนัมซุน เรื่องราวของหญิงสาวผู้มีพลังเหนือมนุษย์

Search URL Search Domain Scan URL

URL: https://drama.kapook.com/view273944.html
Title: เรื่องย่อ ปรมาจารย์พยัคฆ์กระเรียน Tiger and Crane ซีรีส์จีนโบราณตะลุยยุทธภพ

Search URL Search Domain Scan URL

URL: https://drama.kapook.com/view273882.html
Title: เรื่องย่อ The Worst of Evil ซีรีส์สืบสวน อาชญากรรม แอ็คชั่น มันส์เลือดสาด

Search URL Search Domain Scan URL

URL: https://drama.kapook.com/news
Title: คลิกอ่านเรื่องย่อซีรีส์ทั้งหมด

Search URL Search Domain Scan URL

URL: https://drama.kapook.com/view274581.html
Title: เพจดังเฉลย มุกคนไทยสมัยอยุธยา ทำไมจึงกลัวการไปเที่ยวทะเล เพราะพระเจ้าเสือแท้ ๆ ไม่พอใจต้องจับโยน

Search URL Search Domain Scan URL

URL: https://drama.kapook.com/view274511.html
Title: คนติง พรหมลิขิต กับฉากล้อมวงกินหมูกระทะ ชี้คนไทยสมัยก่อนไม่กินหมู ด้านรอมแพงเคยแจงว่า... คนไทยกินแต่ปลา

Search URL Search Domain Scan URL

URL: https://drama.kapook.com/view274492.html
Title: คนเขียนมาเอง ! สรุปให้ พุดตาน-การะเกด ใครเป็นใคร สรุปมาเกิดใหม่ หรือสิงร่าง !? หลังคนดูสงสัย เป็นการกลับชาติมาเกิดหรือเปล่า

Search URL Search Domain Scan URL

URL: https://drama.kapook.com/view274461.html
Title: เปิดเรื่องราว ท้าวทองกีบม้า ในประวัติศาสตร์ จบสวยตามที่บอกใน พรหมลิขิต หรือเปล่า ? หลังต้องถูกคุมขังในคอกม้า ตกอับ บั้นปลายจะรุ่งโรจน์อย่างไร ?

Search URL Search Domain Scan URL

URL: https://movie.kapook.com/view274607.html
Title: รวมหนังสยองขวัญ แรงบันดาลใจจากข่าวหน้า 1 หนังสือพิมพ์

Search URL Search Domain Scan URL

URL: https://movie.kapook.com/view274553.html
Title: ปังไม่หยุด ! สัปเหร่อ โกยรายได้มุ่งสู่ 500 ล้านบาท ขึ้นแท่นหนังไทยที่ทำรายได้สูงที่สุดตลอดกาล ลุ้น 1,000 ล้านบาท

Search URL Search Domain Scan URL

URL: https://movie.kapook.com/view274368.html
Title: เรียงไทม์ไลน์ ไทบ้านเดอะซีรีส์ มีกี่ภาค ดูอย่างไรให้ต่อเนื่อง ก่อนเรื่องราวใน สัปเหร่อ หนังไทบ้าน มีมาแล้วกี่ภาค เรื่องราวเป็นอย่างไรไปดู

Search URL Search Domain Scan URL

URL: https://movie.kapook.com/view274272.html
Title: รวมหนังไทยที่ทำให้รู้ว่ามิตรภาพและเพื่อนดี ๆ สำคัญขนาดไหน สำรวจมิตรภาพของเพื่อนในหลากหลายรูปแบบ

Search URL Search Domain Scan URL

URL: https://movie.kapook.com/view274266.html
Title: โรงหนัง 688 ที่นั่งเต็มยันแถวหน้า เที่ยงคืนยังไม่เว้น แห่ดูหนังไทยเรื่องดัง ยิ่งกว่าหนังฮอลลีวูด ปรากฏการณ์ใหม่ที่ไม่เคยเจอ

Search URL Search Domain Scan URL

URL: https://movie.kapook.com/news.php
Title: ติดตามข่าวภาพยนตร์ทั้งหมด

Search URL Search Domain Scan URL

URL: https://home.kapook.com/view274559.html
Title: เปิดบ้าน จิ๊ก เนาวรัตน์ นางเอกระดับตำนาน สวยเนี้ยบทุกตารางนิ้ว บอกเลยว่าเป๊ะมากจริง ๆ

Search URL Search Domain Scan URL

URL: https://home.kapook.com/view274426.html
Title: โบวี่ อัฐมา รีโนเวทบ้านมรดกแม่ สภาพสุดพังให้สวยปัง ด้วยงบ 4 แสนบาท พร้อมเคล็ดลับประหยัดงบประมาณ

Search URL Search Domain Scan URL

URL: https://home.kapook.com/view274418.html
Title: เต้ย จรินทร์พร พาส่องมุมบ้านในฝัน สวย อบอุ่น น่ารัก กลางธรรมชาติบนเขาใหญ่ น่าอยู่ไปหมดทุกมุม

Search URL Search Domain Scan URL

URL: https://home.kapook.com/view274407.html
Title: เปิดบ้าน เทย่า - มิก้า คฤหาสน์หรูบนเกาะสมุย สวยอลังการ วิวระดับพันล้าน ! ตกแต่งหรูหราเหมือนอยู่ในรีสอร์ตระดับ 5 ดาว

Search URL Search Domain Scan URL

URL: https://home.kapook.com/star
Title: ดูบ้านดาราทั้งหมด

Search URL Search Domain Scan URL

URL: https://wedding.kapook.com/view274571.html
Title: เมย์ พิชญ์นาฏ ควง ไฮโซบิ๊ก ถ่ายพรีเวดดิ้งชุดประจำชาติภูฏาน โรแมนติกมาก พรีเวดดิ้งแบบไม่เหมือนใคร ว่าที่เจ้าสาวสวยเลอค่ามาก

Search URL Search Domain Scan URL

URL: https://wedding.kapook.com/view274298.html
Title: แม่น้ำหนึ่ง เตรียมแต่งงานใหม่ ถ่ายพรีเวดดิ้งกับ ฟิล์ม รูปหวาน แต่สเตตัสแอบเดือด !? มีความฉะเบา ๆ ถึงใคร... มีความสุขไม่เคยยินดี

Search URL Search Domain Scan URL

URL: https://wedding.kapook.com/view274164.html
Title: มิ้นท์ ณัฐวรา น้ำตาซึม ไฮโซหยัง คุกเข่าขอแต่งงาน อื้อหือ...แหวนหมั้นเพชรใหญ่ตาแตก ! เผยโมเมนต์หวานกลางอิตาลี

Search URL Search Domain Scan URL

URL: https://wedding.kapook.com/view273742.html
Title: เพชร-ฌอห์ณ เผยภาพแห่งมงคล ในวันรับพระราชทานน้ำสังข์ จาก กรมสมเด็จพระเทพฯ นับเป็นพระมหากรุณาธิคุณอย่างหาที่สุดมิได้

Search URL Search Domain Scan URL

URL: https://wedding.kapook.com/star-wedding
Title: คลิกอ่านข่าวดาราแแต่งงานทั้งหมด

Search URL Search Domain Scan URL

URL: https://lottery.kapook.com/luckynumber
Title: หวย

Search URL Search Domain Scan URL

URL: https://news.kapook.com/weather
Title: สภาพอากาศ

Search URL Search Domain Scan URL

URL: https://money.kapook.com/stock
Title: หุ้นไทย

Search URL Search Domain Scan URL

URL: http://gasprice.kapook.com/gasprice.php
Title: ราคาน้ำมันวันนี้

Search URL Search Domain Scan URL

URL: https://money.kapook.com/view272185.html
Title: เบี้ยผู้สูงอายุ

Search URL Search Domain Scan URL

URL: https://news.kapook.com/world
Title: ข่าวต่างประเทศ

Search URL Search Domain Scan URL

URL: https://news.kapook.com/crime
Title: ข่าวอาชญากรรม

Search URL Search Domain Scan URL

URL: https://news.kapook.com/topics/%E0%B8%97%E0%B8%B4%E0%B8%A1-%E0%B8%9E%E0%B8%B4%E0%B8%98%E0%B8%B2
Title: พิธา ลิ้มเจริญรัตน์

Search URL Search Domain Scan URL

URL: https://covid-19.kapook.com/
Title: ข่าวโควิด

Search URL Search Domain Scan URL

URL: https://covid-19.kapook.com/view224756.html
Title: อาการโควิด

Search URL Search Domain Scan URL

URL: https://money.kapook.com/view239877.html
Title: ประกันโควิด

Search URL Search Domain Scan URL

URL: https://covid-19.kapook.com/view224412.html
Title: ตรวจโควิด 19

Search URL Search Domain Scan URL

URL: https://calendar.kapook.com/2566
Title: ปฏิทิน 2566

Search URL Search Domain Scan URL

URL: https://calendar.kapook.com/2566/holiday
Title: ปฏิทินวันหยุด 2566

Search URL Search Domain Scan URL

URL: https://calendar.kapook.com/2566/important
Title: วันสำคัญ 2566

Search URL Search Domain Scan URL

URL: https://money.kapook.com/view272190.html
Title: เงินดิจิตอลวอลเล็ต

Search URL Search Domain Scan URL

URL: https://travel.kapook.com/view274150.html
Title: กินเจ เยาวราช 2566

Search URL Search Domain Scan URL

URL: https://travel.kapook.com/view273516.html
Title: งานเทศกาลกินเจ ทั่วไทย

Search URL Search Domain Scan URL

URL: https://www.kapook.com/services/
Title: ผลิตเนื้อหา-ลงโฆษณาพื้นที่โฆษณาประชาสัมพันธ์ที่ตอบโจทย์ทางการตลาด เข้าถึงกลุ่มเป้าหมายที่หลากหลาย

Search URL Search Domain Scan URL

URL: https://www.kapook.com/services/video
Title: ผลิตวิดีโอโปรโมตรับผลิตรายการโชว์ทางอินเทอร์เน็ตในรูปแบบตอนสั้น ๆ ไปจนถึงซีรีส์ , วิดีโอโปรโมชั่นสินค้าและบริการ

Search URL Search Domain Scan URL

URL: https://www.kapook.com/services/enterprise-solutions
Title: พัฒนาระบบองค์กรครอบคลุมในทุกความต้องการด้านเทคโนโลยี ในยุค Big Data ด้วยทีมงานผู้เชี่ยวชาญ

Search URL Search Domain Scan URL

URL: https://www.kapook.com/services/socialmedia/
Title: บริหารโซเชียลมีเดียบริการรับวางแผนและบริหาร ผลิตเนื้อหาที่หลากหลายบนเครือข่าย Social Media

Search URL Search Domain Scan URL

URL: https://www.kapook.com/services/contact
Title: ติดต่อเรา

Search URL Search Domain Scan URL

URL: https://www.kapook.com/disclaimer/
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://account.kapook.com/privacy
Title: นโยบายคุ้มครองข้อมูลส่วนบุคคล

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kapookdotcom

Search URL Search Domain Scan URL

URL: https://twitter.com/kapookdotcom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/kapookdotcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kapookdotcom/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/th/app/kapook/id562858086?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=apps.kapook.com&hl=th

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hilight.kapook.com/ HTTP 301
https://hilight.kapook.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://oajs.openx.net/esp?url=https%3A%2F%2Fhilight.kapook.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fhilight.kapook.com%2F&rid=esp&cc=1

Request Chain 104

https://gum.criteo.com/sid/json?origin=publishertagids&domain=kapook.com&sn=ChromeSyncframe&so=0&topUrl=hilight.kapook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=oMgntXxWVGRISk1OUmZEbUYwTFJpRW5GTkJaaEZHcHBlbkFBVmlUejh1M2szYkYvamJscWxBQk0rcGhVaVV0TUtkV3dBWEJZdHRmTXBseUdEcHF6SldLQ2RzZ3ZPYVlkcG5UTGxCVnl6UHUralIyM0RseWxHdnFYWjAyNlFKNnlySUtYbDlscHZqUjRvN2JWZjRRM3BlaHBkMUFyd1d4ZXFKVHRSdUR2TWpwenRTRTJKMlFpWCtEREdSU0tqZVhqRFA3aWRWTUVsNkNtSmlGcDgzQ0VPcWlKaDg3MDJQbXhTUTA2SGpvYlJDNDY1K0ZQekpWaHNuNWhoWXRYcU14Sk9tVkVUUGEveTVrdEl0d2NuM2tISW9JNDQyUT09fA&cppv=2

Request Chain 106

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 107

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=465EFA93-E986-48DD-A278-4B4158DC34D7&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=465EFA93-E986-48DD-A278-4B4158DC34D7&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 108

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kAM8vZMAPOWLVzfmk1Uis8APO72LATvgkwci16-w

Request Chain 109

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=96348530435044245&gdpr=0&gdpr_consent=

Request Chain 110

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293955878632290450&gdpr=0&gdpr_consent=

Request Chain 111

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e39fcbde-0589-4dab-b031-11b646cf44fe&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 112

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jPVAtuxBXqdgv7R-IW1litly2hY&gdpr=0&gdpr_consent=

Request Chain 113

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTlWOgAad7O0CAA_

Request Chain 114

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGWURVN0tjcXdBQUJ1MllYZ0ZsQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AAFYDU7KcqwAABu2YXgFlA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=137546542916555425&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AAFYDU7KcqwAABu2YXgFlA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D137546542916555425%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=137546542916555425&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFYDU7KcqwAABu2YXgFlA&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFYDU7KcqwAABu2YXgFlA&gdpr=0&gdpr_consent=

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rl76k-mGSN2ieEtBWNw01w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rl76k-mGSN2ieEtBWNw01w%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 118

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2653266798 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=465EFA93-E986-48DD-A278-4B4158DC34D7

Request Chain 119

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=465EFA93-E986-48DD-A278-4B4158DC34D7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWNpQkczNjBNVzFSSHFlNGZ0S1RxdjVyQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=3761134116907227511&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDY1RUZBOTMtRTk4Ni00OERELUEyNzgtNEI0MTU4REMzNEQ3&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDY1RUZBOTMtRTk4Ni00OERELUEyNzgtNEI0MTU4REMzNEQ3&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWTu-_dff0uhGbrttr8l8I&google_cver=1

Request Chain 123

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3761134116907227511

Request Chain 128

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8332522906806736800&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 176

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 214

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 220

https://securepubads.g.doubleclick.net/pagead/adview?ai=CFJxGO1Y5ZY2hLsyH1PIPjOe8wAu9jaavb-fNr6y_DorRo-2-ARABIIOEsyhglYKAgKAHoAGwuqHXA8gBCakCBmGgCJTKsT7gAgCoAwHIA8sEqgSqAk_QI0E2zeympqYMzjKOSp2TIsK7J22Dvzv1HFJ6ucq6g6oEAC-PWbBe1fQUUnUYXGd0Lbl9aO7638BF4eyo2ievm7abQ4PCn4aL5ScO8Sk1mmx2NVooX4P6B_ozYTzZ33REVH6VGLdu91eJB9YDmnH0sR0IkQBZ4yJM-nKk1yrsmmCCULCNovKtjU2QiD33NF4e6KB7DvREfe_c3yf4flp2se2vVMdFIS_bPe_cG7eCtuN0rmsitrLpKQzSWG6rEtO8dvNHnv2MwH2OyQERskJjP-7TTUxR2vlb203fHskjo-P6v6-ot61YHIBmLUuo-bL9Bx7hkqvQK2ksDhpTs1Umu9_reAIZMe-AYJXkh_PqPG7P3Q4ZHt8JgQ1vYRfse_JPidammstGjrnABPmcqargA-AEAYgF-MTU6DaSBQQIBBgBkgUECAUYBKAGLoAHxfetPqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBD5pjHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgk8aHR0cHM6Ly93d3cua2F5YWsuZGUvc2VtaS9nZG50ZXh0L2ZsaWdodF9nZW5lcmFsL2FueS9kZS5odG1sgAoDyAsB4g0TCN-2xKDikYIDFcwDVQgdjDMPuNgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi0yMjUyMTY4NDE5MzA3ODgwGMvCEw&sigh=9u1dNHUyG_U&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNBCrQ9jJsUN16e4328ir-2we6KjL4XCcqq9HQRK_dgr4rhvI9YiLooMusUV8zqXFRltoGdzsDGAE&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223184083684770561745%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2210-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214360894619774054385%22}&andc=true

Request Chain 238

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6aadb3c2ced24d7da5d5e49ca4d5adf6

Request Chain 239

https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0

Request Chain 242

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8636055607584228182

Request Chain 243

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433830614261762

Request Chain 246

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhjRUUghhSYMXahUR%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhjRUUghhSYMXahUR%2526gdpr%253D0%2526gdpr_consent%253D&xl8blockcheck=1 HTTP 302
https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=10a33b08d737494a0a4e9cf7a3518859&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhjRUUghhSYMXahUR%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhjRUUghhSYMXahUR&gdpr=0&gdpr_consent=

Request Chain 248

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 250

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76E01BE1BC8945DE89BBB47B76087565&gdpr=0&gdpr_consent=

Request Chain 251

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1698256445773 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=7879131548 HTTP 302
https://sync.1rx.io/usersync/turn/8332522906806736800?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-98fae61b-ad98-4f78-aac5-b429cabbe658-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-98fae61b-ad98-4f78-aac5-b429cabbe658-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-98fae61b-ad98-4f78-aac5-b429cabbe658-003

Request Chain 253

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=465EFA93-E986-48DD-A278-4B4158DC34D7&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=465EFA93-E986-48DD-A278-4B4158DC34D7&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 254

https://pixel.onaudience.com/?partner=214&mapped=465EFA93-E986-48DD-A278-4B4158DC34D7&gdpr=0&gdpr_consent= HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=2371f275e472fb8663a282e3ada4aa72&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 255

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1e5678cc-1e37-4593-b7dd-43c64f21ce0a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 256

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=96348530435044245

257 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hilight.kapook.com/
Redirect Chain

http://hilight.kapook.com/
https://hilight.kapook.com/

140 KB
26 KB

1186ms
591ms

Document
text/html

27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 958be35b66c4d00f92930d924506c00a3f1833322f8efa247a2dbbce02bc8042

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 25 Oct 2023 17:53:59 GMT

Redirect headers

Connection: keep-alive
Content-Length: 175
Content-Type: text/html
Date: Wed, 25 Oct 2023 17:53:58 GMT
Location: https://hilight.kapook.com/

GET
H2 200 fontface.css
my.kapook.com/fonts/kittithada_roman/ 387 B
390 B 1590ms
196ms Stylesheet
text/css 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/fonts/kittithada_roman/fontface.css
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 08:33:12 GMT
etag: W/"646b28c8-183"
content-type: text/css
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 fontface.css
my.kapook.com/fonts/chatthai/ 321 B
368 B 1588ms
194ms Stylesheet
text/css 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/fonts/chatthai/fontface.css
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 08:33:12 GMT
etag: W/"646b28c8-141"
content-type: text/css
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 theme.css
my.kapook.com/css/portal/ 11 KB
3 KB 1589ms
195ms Stylesheet
text/css 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/css/portal/theme.css
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: dfcf458b30011a32f23756a0ea7319562728a39429ce0b32f95cef3a98a28104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Tue, 06 Jun 2023 03:34:43 GMT
etag: W/"647ea953-2a1f"
content-type: text/css
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 template.css
my.kapook.com/css/portal/ 10 KB
3 KB 1589ms
195ms Stylesheet
text/css 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/css/portal/template.css
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: c31d43c6a53bebc8ee3b306ef6c2e9c76ce1b9d0951eeab787df1178c9cb8feb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 08:33:11 GMT
etag: W/"646b28c7-28ec"
content-type: text/css
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 main.css
my.kapook.com/signin_2017/css/ 4 KB
2 KB 1781ms
388ms Stylesheet
text/css 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/signin_2017/css/main.css
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 8e02f8b007cd163f883dfcc333097df59ddfbfe23d25a1a7f1da36d30a8f17ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Tue, 06 Jun 2023 03:34:43 GMT
etag: W/"647ea953-11c0"
content-type: text/css
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
my.kapook.com/jquery/ 85 KB
35 KB 1783ms
389ms Script
application/javascript 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/jquery/jquery-3.2.1.min.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 08:33:40 GMT
etag: W/"646b28e4-15283"
content-type: application/javascript
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 lead-latest.js Show response
cdn.thelead.tech/lead/ 10 KB
11 KB 622ms
208ms Script
application/javascript 202.183.165.228
CSLOXINFO-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thelead.tech/lead/lead-latest.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.183.165.228 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),

Reverse DNS

p354-nasbkkST3.C.csloxinfo.net

Software

Resource Hash

f191536821e73c14b5d46ae722b8c0acadd4db28476a0b4cf53c6bd78b344682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 29 Aug 2022 14:43:48 GMT
etag: "630cd0a4-294e"
content-type: application/javascript
cache-control: must-revalidate, max-age=3600
accept-ranges: bytes
content-length: 10574

GET
H2 200 dmp.js Show response
my.kapook.com/js_tag/ 1 KB
815 B 1782ms
388ms Script
application/javascript 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/js_tag/dmp.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 7b725ae865db1ff6a60a6dc326de6c6689138e473de067d5309b8562ed8addc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 08:33:53 GMT
etag: W/"646b28f1-466"
content-type: application/javascript
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 88ms
36ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-36103152-15

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d7cb0a6ec25b60b910f5b75e5d1a0c962229918f0ee47e40d05bc997bbe999b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68676
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 16:24:11 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 Oct 2023 17:54:01 GMT

GET
H2 200 track.js Show response
my.kapook.com/asset/js/ 546 B
487 B 379ms
377ms Script
application/javascript 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/asset/js/track.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 94dbbf524205a3bc95b68260212087b64f446c6a9adba09afb677fd1d1e745e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 08:33:09 GMT
etag: W/"646b28c5-222"
content-type: application/javascript
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 logo-kapook.png
my.kapook.com/img-portal/ 29 KB
29 KB 387ms
386ms Image
image/png 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.kapook.com/img-portal/logo-kapook.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 18c32489ad4b5869d199970a70ada9cae17a82d7588f9f6145289cfe0087433f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
last-modified: Mon, 22 May 2023 08:33:14 GMT
etag: "646b28ca-7206"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 29190
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 footer2018.css
my.kapook.com/css/portal/ 6 KB
2 KB 387ms
387ms Stylesheet
text/css 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/css/portal/footer2018.css
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 1c01c6e4102f57bf88bff2d9a53d97f4f4dca2dc87cd1489253a711e5a1b1c95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Tue, 06 Jun 2023 03:34:43 GMT
etag: W/"647ea953-17b0"
content-type: text/css
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 ic-sv-01.png
my.kapook.com/img-services/ 3 KB
3 KB 195ms
195ms Image
image/png 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.kapook.com/img-services/ic-sv-01.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: eb00caeeb5864d2c296487be10f4254f93fb6b66653755703eedbeb3a75b12e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
last-modified: Mon, 22 May 2023 08:33:35 GMT
etag: "646b28df-b5a"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2906
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 ic-sv-02.png
my.kapook.com/img-services/ 2 KB
3 KB 195ms
195ms Image
image/png 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.kapook.com/img-services/ic-sv-02.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 261bb00bef911c5669e21d2eb97c372fa56ac5b0fd511886d7365980168e9481

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
last-modified: Mon, 22 May 2023 08:33:35 GMT
etag: "646b28df-954"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2388
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 ic-sv-03.png
my.kapook.com/img-services/ 2 KB
3 KB 196ms
194ms Image
image/png 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.kapook.com/img-services/ic-sv-03.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: b5a3530e4b2177e1c71bbe14b92236b2fc7d1c8799108057e64890d936e431b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
last-modified: Mon, 22 May 2023 08:33:35 GMT
etag: "646b28df-988"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2440
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 ic-sv-04.png
my.kapook.com/img-services/ 2 KB
2 KB 197ms
194ms Image
image/png 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.kapook.com/img-services/ic-sv-04.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 54822c5709873bcf9afc8091b8441dee5f4acc246672adc5c720899a6fc21f32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
last-modified: Mon, 22 May 2023 08:33:35 GMT
etag: "646b28df-8e8"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2280
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 icon-fb.png
my.kapook.com/img-services/ 2 KB
2 KB 380ms
378ms Image
image/png 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.kapook.com/img-services/icon-fb.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 8819b0d3268b13f643a92860ff6db03177c44398768eddae4c7572187dfcd480

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
last-modified: Mon, 22 May 2023 08:33:35 GMT
etag: "646b28df-6f6"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1782
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 icon-tw.png
my.kapook.com/img-services/ 2 KB
2 KB 380ms
378ms Image
image/png 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.kapook.com/img-services/icon-tw.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 59ce937613311d1ed6f8b028b62172ac1090a451188e0dfcb48d00e65152a5ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
last-modified: Mon, 22 May 2023 08:33:35 GMT
etag: "646b28df-7c7"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1991
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 icon-yt.png
my.kapook.com/img-services/ 2 KB
2 KB 380ms
378ms Image
image/png 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.kapook.com/img-services/icon-yt.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 9c45c6581f154b44f31a426c185f9e63eca4a3bece818d4538e32eb6ad45078b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
last-modified: Mon, 22 May 2023 08:33:35 GMT
etag: "646b28df-6bb"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1723
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 icon-ig.png
my.kapook.com/img-services/ 2 KB
2 KB 380ms
378ms Image
image/png 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.kapook.com/img-services/icon-ig.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: f8f28263933a84466cc21cbf27d39d2aab3db9a6e447d0a9c07d56f75e568c5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
last-modified: Mon, 22 May 2023 08:33:35 GMT
etag: "646b28df-84e"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2126
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 app-store.jpg
www.kapook.com/assets_2017/images/ 2 KB
2 KB 409ms
195ms Image
image/jpeg 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kapook.com/assets_2017/images/app-store.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: eda51ab7248feccf81e351757e504a158c1dd25a63c58304eb8111829ab438a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
last-modified: Fri, 08 Sep 2023 11:21:15 GMT
etag: "8fe-604d72cbb8d8d"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2302
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 google-play.jpg
www.kapook.com/assets_2017/images/ 2 KB
2 KB 408ms
194ms Image
image/jpeg 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kapook.com/assets_2017/images/google-play.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 613d3c9b1ae664647fc29af09983332254942b09d13dbc83eb8918e70843c639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
last-modified: Fri, 08 Sep 2023 11:21:01 GMT
etag: "7cf-604d72bec46ed"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1999
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 angular.min.js Show response
my.kapook.com/angular/1.6.1/ 162 KB
66 KB 197ms
195ms Script
application/javascript 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/angular/1.6.1/angular.min.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: dd2acb8cf7913dad687ccdbcd2bf8e31c52325928b5891ebe9246d46eddd45bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 08:33:06 GMT
etag: W/"646b28c2-28886"
content-type: application/javascript
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 signin-drt.js Show response
my.kapook.com/signin_2020/js/ 3 KB
2 KB 380ms
377ms Script
application/javascript 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/signin_2020/js/signin-drt.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 760ab9911c00c318c2ccfa343765c3c40fe4fd218137dc639cff9aacec12f8f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Tue, 06 Jun 2023 03:34:43 GMT
etag: W/"647ea953-c3e"
content-type: application/javascript
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 lazysizes.min.js Show response
www.kapook.com/js/ 7 KB
3 KB 409ms
194ms Script
application/javascript 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kapook.com/js/lazysizes.min.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 06821251a29e71f8fd4f60349667c54d163b16d7bc8b1d47144c7f5042683eef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Fri, 08 Sep 2023 11:13:55 GMT
etag: "1b91-604d7128a4396-gzip"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3307
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156743/740/ 405 KB
124 KB 80ms
21ms Script
application/javascript 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 21791dfaff28df4fbf2b1935f522bf65f395bd713b0cccf6f201378c0f7638c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Fri, 03 Feb 2023 02:41:46 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=149343
accept-ranges: bytes
content-length: 126196
expires: Fri, 27 Oct 2023 11:23:04 GMT

GET
H/1.1 200
OK container_56d8ee121c51b14f6e964404.js Show response
ssl-avd.innity.net/143/ 8 KB
4 KB 753ms
45ms Script
application/javascript 23.206.23.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-avd.innity.net/143/container_56d8ee121c51b14f6e964404.js
Requested by: Host: my.kapook.com
URL: https://my.kapook.com/js_tag/dmp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.206.23.61 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-23-61.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: aaf3814524bd89364709ba29a2bfc51a8934b7e55b925b9d706d3c3ae9f9f53b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 17:54:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 08:15:51 GMT
Server: nginx/1.20.2
ETag: "5f48bd37-20f7-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1701369
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3228
Expires: Tue, 14 Nov 2023 10:30:11 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/kapook/ 681 KB
39 KB 79ms
24ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f65a5cdcbcb10bcfa6a55d67303cf621219652b659b83065147102c22de5af3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: FWSs5z3TNZcDXVgxT6p5UzznDsNK6Jgs
content-encoding: gzip
via: 1.1 varnish
date: Wed, 25 Oct 2023 17:54:01 GMT
x-amz-request-id: Q9VT1GQ9Z1NXY4KR
age: 6737
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 27
x-amz-replication-status: FAILED
content-length: 39839
x-amz-id-2: wrwWsEqX991wnVNcJF56Lv88j9qfBwdFnT+eedJiFFaxF1aF7MvUtriV/QCfEV8NOtbw7ovioyg=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 25 Oct 2023 16:01:44 UTC
server: nginx
x-timer: S1698256442.707340,VS0,VE2
etag: "25c46aff9134f359b0ef9e775650e1f6968ff3aa"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 31
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 a0000034.js Show response
lvs.truehits.in.th/dataa/ 9 KB
10 KB 940ms
298ms Script
application/x-javascript 203.150.107.177
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://lvs.truehits.in.th/dataa/a0000034.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.150.107.177 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 177.107.150.203.sta.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: 1a0bd3effb0a89526d98aec6b5c0b635bdea305e46cea0fe767b451c458af9ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
last-modified: Thu, 19 Oct 2023 07:02:00 GMT
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type: application/x-javascript
cache-control: max-age=604800
content-length: 9647
expires: Wed, 1 Nov 2023 17:54:02 GMT

GET
H2 200 fontface.css
my.kapook.com/fonts/chatthai/ 321 B
367 B 377ms
377ms Stylesheet
text/css 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/fonts/chatthai/fontface.css
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 08:33:12 GMT
etag: W/"646b28c8-141"
content-type: text/css
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 200 arrow-down.svg
assets.thaibuffer.com/portal_config_desktop/header/svg/ 213 B
745 B 98ms
39ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.thaibuffer.com/portal_config_desktop/header/svg/arrow-down.svg

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6501f17d0120035bb709b4bb2e848af8bf31f4b9ec55834387015602daadb02c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1273
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"19770ccece5e18822ea2bb910318ca9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U41%2FWdfvRcSkw8BA52wP4R8HOMpsp3uAUYJOlTJjSstDc%2FmlcY7KkrMk15LfHTcQV4RrO3hDZGjf92midcYTLG5kxJ%2FeC9S700Z7%2BbZpz9%2FZD7Usa%2BzJAgXjTxIi6XG4V%2BShY5vii85u2TyqwvNYTNebOKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 81bc5288bc3765da-FRA

GET
H2 200 ico-hilight.svg
my.kapook.com/svg-portal/ 16 KB
5 KB 376ms
376ms Image
image/svg+xml 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.kapook.com/svg-portal/ico-hilight.svg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 47fd2d89da6d57a193dcdfde77680f8b0511740db8df42efe176f7683e835e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 08:34:09 GMT
etag: W/"646b2901-3e2c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:01 GMT

GET
H2 404 300a661f-204d-4313-811a-e9c063b70101.jpg
s359.kapook.com/config-desktop/ 0
0 2043ms
886ms Image
application/json 27.254.43.250
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s359.kapook.com/config-desktop/300a661f-204d-4313-811a-e9c063b70101.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 kit55p-webfont.woff2
my.kapook.com/fonts/kittithada_roman/ 20 KB
21 KB 782ms
194ms Font
application/octet-stream 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/fonts/kittithada_roman/kit55p-webfont.woff2
Requested by: Host: my.kapook.com
URL: https://my.kapook.com/fonts/kittithada_roman/fontface.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 1d2a8c794add60a46cd6b6baccd0f696f532a5890f4ae056e77ea862782f3cd6

Request headers

Referer: https://my.kapook.com/fonts/kittithada_roman/fontface.css
Origin: https://hilight.kapook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
last-modified: Mon, 22 May 2023 08:33:12 GMT
etag: "646b28c8-5160"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid
content-length: 20832
expires: Wed, 01 Nov 2023 17:54:02 GMT

GET
H2 200 CSChatThaiUI.woff2
my.kapook.com/fonts/chatthai/ 16 KB
16 KB 976ms
388ms Font
application/octet-stream 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/fonts/chatthai/CSChatThaiUI.woff2
Requested by: Host: my.kapook.com
URL: https://my.kapook.com/fonts/chatthai/fontface.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 7c56eaccdfaf45898b493d44f6063c20f365137a89bc2a883f2b7a53a3f5ea2d

Request headers

Referer: https://my.kapook.com/fonts/chatthai/fontface.css
Origin: https://hilight.kapook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
last-modified: Mon, 22 May 2023 08:33:12 GMT
etag: "646b28c8-3fb4"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid
content-length: 16308
expires: Wed, 01 Nov 2023 17:54:02 GMT

GET
H2 200 load.js Show response
pm-widget.taboola.com/kapook/ 3 KB
1 KB 63ms
62ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/kapook/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97707ea3f73f231a87204527acb38ba3de793a8711839f731329ab27fd951c9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: k.hsBIBWCbV0G5mrg_nZ8J10hV9nkCNy
content-encoding: gzip
via: 1.1 varnish
date: Wed, 25 Oct 2023 17:54:01 GMT
x-amz-request-id: ZASJ139C4RSZGE4H
age: 1239
x-cache: HIT
content-length: 1118
x-amz-id-2: uckykbJ0XAtLGjV5KCnaSOBZ72Lxog7KU1YF8c41VRD0fVqO95R6uzFJYDSHzO5Ru8qdnuACJ1o=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Fri, 29 Sep 2023 09:01:32 GMT
server: AmazonS3
x-timer: S1698256442.780944,VS0,VE1
etag: "4c5a69a1af1fabe3cedff0aa28df7bbc"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 impl.20231025-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 814 KB
169 KB 22ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: bbacf79a0487b5ca46e1db609f45d1a0d99b0b72cf925a3a23b4ec365e382138

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: eG2LPBBGfYLj1Jgz7x866NL7x_GrNXZ3
content-encoding: br
via: 1.1 varnish
date: Wed, 25 Oct 2023 17:54:01 GMT
x-amz-request-id: 5GBHT7MYKTDPPBZV
age: 2621
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 172427
x-amz-id-2: 544bOWtNI9JXU7MHzOTFH3zPQl/c0O5OBPsfgyuC7a3+jsnIvMlOdANmdNyy2Jm/uv2DfXb+Sfo=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 25 Oct 2023 09:10:20 GMT
server: AmazonS3-br
x-timer: S1698256442.780675,VS0,VE0
etag: "3902fab24b3747c9e36056387e2e8686"
vary: Accept-Encoding
content-type: application/javascript
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 11957

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DBZBLF8EQ4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36103152-15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10a65cf4737a384ac6c95abc70b0628ee84b4650553009b9a874bc72408aa4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93222
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 17:54:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36103152-15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 17:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 148
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 25 Oct 2023 19:51:33 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 149ms
100ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e7012efa0af8bf17beab66d49a5b415997513029adb96b85e5fcc5f17849d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29787
x-xss-protection: 0
server: cafe
etag: 501 / 19655 / 31079073 / config-hash: 14305054982963340007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 17:54:01 GMT

GET
H2 200 pmk-20220605.6.js Show response
pm-widget.taboola.com/kapook/ 102 KB
29 KB 83ms
41ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/kapook/pmk-20220605.6.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/kapook/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2af6e197da6339b0018c3522f839555fa8c22d5eab720d12fa5d24e90ba8ebd

Request headers

Referer: https://hilight.kapook.com/
Origin: https://hilight.kapook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: 9BaXjtccCzaPlHP37gFETeM2DtHaAYpc
content-encoding: gzip
via: 1.1 varnish
date: Wed, 25 Oct 2023 17:54:01 GMT
x-amz-request-id: F2GT7T91XCVJE8V0
age: 664879
x-cache: HIT
content-length: 28789
x-amz-id-2: eufcqyElsYNQOXSst2oDQPA8gXRhT8exjtNYh4UrUM9cUP5aVIC/EhBTlwyp7p+gTC9mcF7S5Iw=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 29 Sep 2023 09:01:31 GMT
server: AmazonS3
x-timer: S1698256442.902418,VS0,VE2
etag: "0d657641b275c54f1ce3e0a8f320f280"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK MIN-900320.js Show response
apv-launcher.minute.ly/api/launcher/ 29 KB
11 KB 111ms
23ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-launcher.minute.ly/api/launcher/MIN-900320.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: bfd456d0c0c9d8a12b36f54e1883f7a80186d8792a50fadcb6872a2ae9dc8d38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 17:54:01 GMT
Content-Encoding: gzip
X-HW: 1698256441.dop220.fr8.t,1698256441.cds290.fr8.shn,1698256441.dop220.fr8.t,1698256441.cds333.fr8.c
Content-Type: text/javascript; charset=utf-8; charset=utf-8
Cache-Control: max-age=30
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 10997

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 111ms
37ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 267900
expires: 60

GET
H2 200 json Show response
trc.taboola.com/kapook/trc/3/ 38 KB
12 KB 297ms
285ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/kapook/trc/3/json?tim=19%3A54%3A01.862&lti=deflated&data=%7B%22id%22%3A843%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22category%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1698226547106%2C%22vi%22%3A1698256441860%2C%22cv%22%3A%2220231025-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhilight.kapook.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fhilight.kapook.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6461%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22alternating-thumbnails-home%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Category%20Thumbnails%22%2C%22orig_uip%22%3A%22Desktop%20Category%20Thumbnails%22%2C%22cd%22%3A1357.671875%2C%22mw%22%3A1200%7D%5D%2C%22cacheKey%22%3A%22category%3D%2F%2CDesktop%20Category%20Thumbnails%3Dalternating-thumbnails-home%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c26760b7fc2580215a2d08c71e6ec5d97ec433cc36b2dba7be55883c3993a5f

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 262
date: Wed, 25 Oct 2023 17:54:02 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 1.1985
x-fastly-to-nlb-rtt: 7546
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230097-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1698256442.883992,VS0,VE262
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://hilight.kapook.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 75ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DBZBLF8EQ4&gtm=45je3an0v878394901&_p=109926894&_gaz=1&cid=428817778.1698256442&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1698256441&sct=1&seg=0&dl=https%3A%2F%2Fhilight.kapook.com%2F&dt=Kapook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DBZBLF8EQ4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 28ms
27ms Ping
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DBZBLF8EQ4&cid=428817778.1698256442&gtm=45je3an0v878394901&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DBZBLF8EQ4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 113ms
60ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DBZBLF8EQ4&cid=428817778.1698256442&gtm=45je3an0v878394901&aip=1&z=353000212

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 29ms
28ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=109926894&t=pageview&_s=1&dl=https%3A%2F%2Fhilight.kapook.com%2F&ul=en-us&de=UTF-8&dt=Kapook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1382784502&gjid=1674438683&cid=428817778.1698256442&tid=UA-36103152-15&_gid=1046270016.1698256442&_r=1&gtm=457e3an0&jsscut=1&z=1688478922

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 83ms
27ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-36103152-15&cid=428817778.1698256442&jid=1382784502&gjid=1674438683&_gid=1046270016.1698256442&_u=YADAAUAAAAAAACAAI~&z=947276051

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 25 Oct 2023 17:54:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mi-scraper-1.17.1.09.js Show response
snippet.minute.ly/publishers/900320/ 88 KB
27 KB 147ms
74ms Script
application/javascript 2606:4700:20::681a:ada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.minute.ly/publishers/900320/mi-scraper-1.17.1.09.js
Requested by: Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-900320.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ada , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b8ca564049e15f7ab62c0adfeaca7785dc44c82b3dd33b4798b1d8af096348

Request headers

Referer: https://hilight.kapook.com/
Origin: https://hilight.kapook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 20 Sep 2023 07:24:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1695194664"
x-hw: 1698256442.dop142.am5.t,1698256442.cds250.am5.c
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIU7an57EJxN2zwwgNVnieoFWSwOS51I6o4HxPTKOvIHGxyrqx5ZEKoeK9jcmkQcfOgRh4XScNK7GX4KZB3hoPLapiTK8iPoDIPe90s1pIHAF1V0Kk1d41yBtpGPXMrl0WQX2hXWSoiFdKT5boct"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=28474506
access-control-allow-credentials: true
cf-ray: 81bc528b3d6c4d50-FRA
access-control-allow-headers: Content-Type

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ 421 KB
132 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 14:40:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11623
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135211
x-xss-protection: 0
server: cafe
etag: 17495413759700775962
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 24 Oct 2024 14:40:19 GMT

GET
H2 200 circle-list.png
assets.thaibuffer.com/img-services/ 989 B
1 KB 34ms
33ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.thaibuffer.com/img-services/circle-list.png

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/css/portal/footer2018.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a67b319836d86d61b5073a465f042bc9d0583ee4705bde230cf7e542c0ac8a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2632
alt-svc: h3=":443"; ma=86400
content-length: 989
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "c612cecd4a605db3c41a7ab5a03711a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZXkEYGa4h1tk5WYSQ3nXP3%2FtXJKAjOUFbpf98SGu6noCbG4ymTwxLVOcPeT%2B15Pi64n2RpsIlfkY6MPc9Q5%2BXad2tRvpGNHUo9aOYA4s%2B%2B%2BwiWD%2F7DnY3SaZt6uL6ukIzzk8W4YD5x8w6yvRWdV8GSvq9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
accept-ranges: bytes
cf-ray: 81bc528abf9f65da-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 107ms
59ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36103152-15&cid=428817778.1698256442&jid=1382784502&_u=YADAAUAAAAAAACAAI~&z=317611923

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 59ms
59ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36103152-15&cid=428817778.1698256442&jid=1382784502&_u=YADAAUAAAAAAACAAI~&z=317611923

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 237115-new-580430-945704.jpg
hilight.kapook.com/rq/580/435/50/image_fb/48/ 18 KB
18 KB 592ms
589ms Image
image/jpeg 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/rq/580/435/50/image_fb/48/237115-new-580430-945704.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 058988026c3e4408c3bd02318e75cd6a7c0b2961d729334a1fe4444630b9247a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
last-modified: Wed, 25 Oct 2023 15:42:39 GMT
accept-ranges: bytes
etag: "6539376f-4678"
content-length: 18040
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 f9edfb85-2170-41c0-8e59-69e6f334deab.jpg
s359.kapook.com/rq/580/435/50/pagebuilder/ 27 KB
27 KB 1422ms
591ms Image
image/jpeg 27.254.43.250
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s359.kapook.com/rq/580/435/50/pagebuilder/f9edfb85-2170-41c0-8e59-69e6f334deab.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 3dca91b6994de65daf676260fcc25918237ca98513ccf3a4485fe5d6d11be620

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
last-modified: Wed, 25 Oct 2023 10:31:51 GMT
etag: "6538ee97-6ca1"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 27809
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:03 GMT

GET
H2 200 d057b9c9-8f86-4ae5-b0d5-5944390788a8.jpg
s359.kapook.com/rq/580/435/50/pagebuilder/ 44 KB
44 KB 1713ms
882ms Image
image/jpeg 27.254.43.250
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s359.kapook.com/rq/580/435/50/pagebuilder/d057b9c9-8f86-4ae5-b0d5-5944390788a8.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 7ddc1e3fb109cfe38074692f01c266dbec4d235e820729e492a39f3390f118b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
last-modified: Wed, 25 Oct 2023 10:27:24 GMT
etag: "6538ed8c-afb5"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 44981
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:03 GMT

GET
H2 200 237112-new-580430-190501.jpg
hilight.kapook.com/rq/580/435/50/image_fb/48/ 18 KB
18 KB 592ms
590ms Image
image/jpeg 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/rq/580/435/50/image_fb/48/237112-new-580430-190501.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: f35cdf752bf1ed2ce1878bed2d450b05937782bb67bb30ccfa58c9509aa9b50f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
last-modified: Wed, 25 Oct 2023 10:27:24 GMT
accept-ranges: bytes
etag: "6538ed8c-484b"
content-length: 18507
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 237111-new-580430-483033.jpg
hilight.kapook.com/rq/580/435/50/image_fb/48/ 19 KB
19 KB 887ms
885ms Image
image/jpeg 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/rq/580/435/50/image_fb/48/237111-new-580430-483033.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 09907122ad156cd461fc782572267cb7a166328430ef9ecc5aae137badafa4b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
last-modified: Wed, 25 Oct 2023 09:51:12 GMT
accept-ranges: bytes
etag: "6538e510-4b1e"
content-length: 19230
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 237110-new-580430-577759.jpg
hilight.kapook.com/rq/580/435/50/image_fb/48/ 26 KB
27 KB 887ms
885ms Image
image/jpeg 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/rq/580/435/50/image_fb/48/237110-new-580430-577759.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 10926d9a7f404cdf5a2a3f718c92457edb1edcfc7b1a39cbadd49e98d50c6543

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
last-modified: Wed, 25 Oct 2023 09:09:16 GMT
accept-ranges: bytes
etag: "6538db3c-6956"
content-length: 26966
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 237109-new-580430-576497.jpg
hilight.kapook.com/rq/580/435/50/image_fb/48/ 30 KB
30 KB 1181ms
1179ms Image
image/jpeg 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/rq/580/435/50/image_fb/48/237109-new-580430-576497.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: a3670c271ac874378b66b8c9004ff1a56110f1e66392c3a01152cc59f4da006b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
last-modified: Wed, 25 Oct 2023 08:52:10 GMT
accept-ranges: bytes
etag: "6538d73a-7766"
content-length: 30566
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 237108-new-580430-891514.jpg
hilight.kapook.com/rq/580/435/50/image_fb/48/ 17 KB
17 KB 1181ms
1179ms Image
image/jpeg 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/rq/580/435/50/image_fb/48/237108-new-580430-891514.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 2384654f562ac3ca0469dad7c72e94f122cb2dbf6674a9e8bf491d683483fc70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
last-modified: Wed, 25 Oct 2023 08:30:57 GMT
accept-ranges: bytes
etag: "6538d241-4370"
content-length: 17264
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 237107-new-580430-209205.jpg
hilight.kapook.com/rq/580/435/50/image_fb/48/ 20 KB
20 KB 1181ms
1180ms Image
image/jpeg 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/rq/580/435/50/image_fb/48/237107-new-580430-209205.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 2c7b909e5a483cb1465338807dffaf7c13992ad06270711408f362e976077c3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
last-modified: Wed, 25 Oct 2023 07:50:50 GMT
accept-ranges: bytes
etag: "6538c8da-4f4d"
content-length: 20301
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 190a6503-e318-48fe-b7e1-e03e3db37680.jpg
s359.kapook.com/rq/580/435/50/pagebuilder/ 16 KB
16 KB 1716ms
886ms Image
image/jpeg 27.254.43.250
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s359.kapook.com/rq/580/435/50/pagebuilder/190a6503-e318-48fe-b7e1-e03e3db37680.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 7080dbe2176411becb632099f93a29afccfdfd5b59e25193034d34f84b593f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
last-modified: Wed, 25 Oct 2023 07:50:39 GMT
etag: "6538c8cf-4115"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16661
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:03 GMT

GET
H2 200 my-profile.html Show response
my.kapook.com/signin_2020/templates/ 1 KB
1 KB 543ms
389ms XHR
text/html 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://my.kapook.com/signin_2020/templates/my-profile.html
Requested by: Host: my.kapook.com
URL: https://my.kapook.com/angular/1.6.1/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 23434d0a4c8b9f6bc076f2c8c52bee7a43018e2c39121a37273af892424a61e2

Request headers

Accept: application/json, text/plain, */*
Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 08:34:04 GMT
etag: W/"646b28fc-4cc"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
access-control-allow-headers: X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid
expires: Wed, 01 Nov 2023 17:54:02 GMT

GET
H2 200 ico-hilight2.svg
my.kapook.com/svg-portal/ 15 KB
5 KB 198ms
198ms Image
image/svg+xml 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.kapook.com/svg-portal/ico-hilight2.svg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 03cc2e44145a52094edf5dd9b5519c4697fe918b1121c173875d45ba2272d18e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
content-encoding: gzip
last-modified: Mon, 22 May 2023 08:34:09 GMT
etag: W/"646b2901-3d23"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:02 GMT

POST
H2 400 i Show response
ads.adnuntius.delivery/ 99 B
725 B 221ms
54ms XHR
application/json 172.67.212.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adnuntius.delivery/i?tzo=-120&format=json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.212.231 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd601594ae4bd70b922d9eb5d37562b60714a43b37327903c80b2eb5b9aa1799

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id: 3ffa904add16dccd0d250e92bc553818
x-adn-backend-server-id: h6412ed8
content-length: 99
pragma: no-cache
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WsOVsWjXLTVHD05b46YuUe9%2FWNTZsFtb2%2BONEwScPvLPsZ0ps2%2FJ0l%2BPMi%2BH9udUfB9cGVeW2371S1xUu7wM6SkcGxculG%2BpyzTQt4l49Cx2IIwSM614sy%2BwplkpVnEhEi%2BzcaHrQVjd"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 81bc528c48a83a7e-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 256ms
87ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=444
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hilight.kapook.com
date: Wed, 25 Oct 2023 17:54:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 233ms
68ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 11 Oct 2023 08:53:04 GMT
server: nginx
etag: W/"65266270-a892"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 26 Oct 2023 17:54:02 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 194ms
29ms Script
text/javascript 65.9.95.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-100.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 03:07:00 GMT
content-encoding: gzip
via: 1.1 1f98172ca4214b0e937b7d3d534b34cc.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 53223
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: MmtLCxfHuepb4MH6lNhBNjiZvnXU-UD4h7cxLKjGUL8WW_kNNOAfYQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 191ms
27ms Script
text/javascript 2600:9000:2127:ea00:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ea00:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 05:50:53 GMT
x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
Age: 43390
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: VT27uf8pK29pvlkNQTuYY8frBJQTIOTb0E92X5KBdViBtU0hhRat3g==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 187ms
23ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 02:29:26 GMT
content-encoding: gzip
age: 2561076
x-guploader-uploadid: ADPycduytI9z2bFYyBmZcmC9SoTee7qNPzSw3JUzr5kvUTXbF9QwN3_Wx59Ty9hTpO3VOHI19GEDVpnUTQSEd8VaemdjCQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 25 Sep 2024 02:29:26 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 143 KB
31 KB 153ms
36ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 08:11:43 GMT
server: cloudflare
x-amz-request-id: W3XKHMC80KC59B6Z
age: 2669
etag: W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 81bc528c5e2f5d74-FRA
x-amz-id-2: fKPmy8R7mcFqXqIjbWy3y4nMmyIdjTGbqD80Oqqo5IJv96cKkI8/20yq5++wdrQXjA7GmBbbWME=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 127ms
30ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 35473
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUecjVuUSBb9907nzzk8pbhQKwADFxys6MNeLQiyaqsyDGxiYYw2D7q8tX8p0SR2Z34oje9AvZeNS%2B%2BNYn4Cq6nzNeaF943CijNk0F%2FrO40lSb51D1aitJ%2Fi5nJ3a7hNSATDC8a2mBIFLL9Qbtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81bc528c5ee49186-FRA

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.4.9/ 128 KB
34 KB 27ms
21ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.4.9/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 986eddf3bb461b13713e17579cee26f67e96ce9ddca25a3937e621170c6c46ef

Request headers

Referer: https://hilight.kapook.com/
Origin: https://hilight.kapook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 72500140cb63ff2dee8b57e4476902e6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P5
age: 288258
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 34615
x-served-by: cache-fra-etou8220020-FRA
last-modified: Sun, 22 Oct 2023 09:47:11 GMT
server: AmazonS3
x-timer: S1698256442.324930,VS0,VE0
etag: "3d2dfe600d58d5c62202b662550bca67"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: R-3qsnDCxNM64sX-eUuaAy9ZfXFTGbjr3XuQF_wxvemN5-aevHiIsg==
x-cache-hits: 9360

GET
H2 200 userx.20231025-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 23ms
23ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231025-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d982781caeacf01cd9b0ec341c0da72a535340d7d023f46d5f8ffc547c9774cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: srBADbabUChaE1nrOqqqTOdQkrANYXti
content-encoding: gzip
via: 1.1 varnish
date: Wed, 25 Oct 2023 17:54:02 GMT
x-amz-request-id: 7RFKJMMM6KNV03M3
age: 24791
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: MNzE4J1beYxwQUU8VA1d+OfFIirDSCHjA87zrJZAGrS06J6uZ2gGiSKTijB+mO2Pa8t4+QTaadU=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 25 Oct 2023 11:00:51 GMT
server: AmazonS3
x-timer: S1698256442.202877,VS0,VE0
etag: "8ec87c220ed642c3c4ab9d579d01c152"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 21
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 16588

GET
H2 200 distance-from-article.20231025-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 23ms
23ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20231025-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 648f4dfc463bc2e7bec6650c4b8ab903e9c783aefe939fbee276482f36568898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: h4jiVEjlzIBAlDDfTqMVtY70rcUDM7Wi
content-encoding: gzip
via: 1.1 varnish
date: Wed, 25 Oct 2023 17:54:02 GMT
x-amz-request-id: 10H3E142JX4XGMD6
age: 24822
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1132
x-amz-id-2: 0ImdHCWAbekWvEeFMbfm2XSQRURvcoL6gG7Z2EGH/0l8y5OFgeRWvtLhhFmZZbfKBWAo7HuowXI=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 25 Oct 2023 11:00:20 GMT
server: AmazonS3
x-timer: S1698256442.203219,VS0,VE0
etag: "23bfb214068ffaf187ef89aa946daf76"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 15
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 72996

GET
H2 200 article-detection.20231025-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 23ms
23ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20231025-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44f220214074809830e5330b821917c0e5b41711a41cca7601a2abaee35116b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: c8niHoekyg4irkWJIcTbykXilobcidcz
content-encoding: gzip
via: 1.1 varnish
date: Wed, 25 Oct 2023 17:54:02 GMT
x-amz-request-id: RCTZBYTA4N8FJBXG
age: 24829
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: +lswQOcPh6VXRJl46fNpA3/zoOfRKdpCfiJZUZKZLvrZfl5iV3HDP3kSzF5fu4wBI2nHHSNwhX8=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 25 Oct 2023 11:00:13 GMT
server: AmazonS3
x-timer: S1698256442.203480,VS0,VE0
etag: "656087d0da0fe7de84d2f9447a161462"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 63
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 72987

GET
H2 204 abtests
am-trc-events.taboola.com/kapook/log/3/ 0
230 B 92ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/kapook/log/3/abtests?route=AM:AM:V&tvi2=84&tvi48=9598&tvi50=9864&lti=deflated&ri=606c47ed9c0b8285754d64e24b7b1e01&sd=v2_52d01f40972505e1f335f93c21f2293e_ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9_1698256441_1698256441_CNawjgYQgaNGGISk47-2MSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABozOTU0unQ5cneAXAA&ui=ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9&pi=/&wi=-403804868470246669&pt=category&vi=1698256441860&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1698256442176%7D&tim=19%3A54%3A02.176&id=9241&llvl=2&cv=20231025-5-RELEASE&
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 social
am-trc-events.taboola.com/kapook/log/3/ 0
230 B 91ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/kapook/log/3/social?route=AM:AM:V&tvi2=84&tvi48=9598&tvi50=9864&lti=deflated&ri=606c47ed9c0b8285754d64e24b7b1e01&sd=v2_52d01f40972505e1f335f93c21f2293e_ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9_1698256441_1698256441_CNawjgYQgaNGGISk47-2MSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABozOTU0unQ5cneAXAA&ui=ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9&pi=/&wi=-403804868470246669&pt=category&vi=1698256441860&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fhilight.kapook.com%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Kapook.com%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%81%E0%B8%A3%E0%B8%81%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%84%E0%B8%B8%E0%B8%93%E0%B9%80%E0%B8%A5%E0%B8%B7%E0%B8%AD%E0%B8%81%22%2C%22sec%22%3A%22Hilight%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%2F%2Fmy.kapook.com%2Fconfig_desktop%2Ffb_img%2Fkapook.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=19%3A54%3A02.199&id=5261&llvl=2&cv=20231025-5-RELEASE&
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 0405c952ea3d07fc2cab39213aa92149.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 25ms
24ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0405c952ea3d07fc2cab39213aa92149.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b2378d61c74bed3b4fd0e60f92e43a4139a9e99effd749d7043654b37c1385a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0405c952ea3d07fc2cab39213aa92149.jpg
age: 1247435
edge-cache-tag: 471578098512075678987668697076497197612,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 471578098512075678987668697076497197612,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 24
req-referer: https://www.ilrestodelcarlino.it/
content-length: 8982
x-request-id: 079fe3922c9112c2e7f14938476fe34f
x-backend-name: LA_nlb204
x-served-by: cache-iad-kjyo7100133-IAD, cache-iad-kiad7000079-IAD, cache-sna10725-LGB, cache-iad-kcgs7200028-IAD, cache-fra-eddf8230097-FRA
last-modified: Fri, 25 Aug 2023 09:12:50 GMT
server: nginx
x-timer: S1698256442.325072,VS0,VE2
etag: "56f4a7229517756229bb192f20e96c04"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 19, 1

GET
H2 200 172b30bb9b4e66fbb1716c20aa8c5583.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 24ms
24ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/172b30bb9b4e66fbb1716c20aa8c5583.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 48bf10bb447a208e63c9b540c1cb449c75118a5c3f8b9161dcfa80959de90133

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/172b30bb9b4e66fbb1716c20aa8c5583.png
age: 2459901
edge-cache-tag: 417530915121179942192779084040984409747,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 417530915121179942192779084040984409747,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 442
req-referer: https://asianhd1.com/
content-length: 13334
x-request-id: 60130ef93c06a7275f0d96650d602868
x-backend-name: CH_nlb803
x-served-by: cache-iad-kjyo7100057-IAD, cache-iad-kiad7000022-IAD, cache-iad-kjyo7100126-IAD, cache-fra-eddf8230097-FRA
last-modified: Tue, 26 Sep 2023 13:00:04 GMT
server: nginx
surrogate-reporting: width=280,height=234,bytes=27379,owidth=1424,oheight=848,obytes=1393627
x-timer: S1698256442.337365,VS0,VE1
etag: "81e89bfe5317cbbf40a4642e36372940"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 19, 1

GET
H2 200 4b91b444-2376-45e5-978b-963ae7080532__jHs9YASX.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/ 10 KB
11 KB 24ms
24ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/4b91b444-2376-45e5-978b-963ae7080532__jHs9YASX.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c8175ec4b5efd3334de676f6bed2c98df5d28512e4aa16d3ab3073ef591b373

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/4b91b444-2376-45e5-978b-963ae7080532__jHs9YASX.jpg
age: 1712262
edge-cache-tag: 438070710080463768471428043174846417425,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 438070710080463768471428043174846417425,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 189
expiration: expiry-date="Thu, 28 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://teslamag.de/
content-length: 10274
x-backend-name: US_nlb104
x-served-by: cache-iad-kjyo7100135-IAD, cache-iad-kcgs7200022-IAD, cache-lga21949-LGA, cache-iad-kiad7000141-IAD, cache-fra-eddf8230097-FRA
last-modified: Mon, 28 Aug 2023 15:08:57 GMT
server: nginx
x-timer: S1698256442.349799,VS0,VE1
etag: "194236002c78e2448f571ddefc648a02"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 19, 1

GET
H2 200 c1deeb4d3e8a2c4b1de2d8a641624510.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 20 KB
21 KB 23ms
23ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c1deeb4d3e8a2c4b1de2d8a641624510.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 353e3170b8f376e1430088e3b54259598a42b38e021cccda5e8f9eaacff690c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c1deeb4d3e8a2c4b1de2d8a641624510.jpg
age: 1933481
edge-cache-tag: 558358744401578134655255791687347760808,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 558358744401578134655255791687347760808,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time: 112
req-referer: https://www.milliyet.com.tr/ramazan/dualar/sukur-duasi-oku-sukur-duasi-arapca-okunusu-turkce-anlami-ve-fazileti-nedir-6261046
content-length: 20828
x-request-id: d438055ceec0ed980e3517ddcde0fca9
x-backend-name: US_nlb105
x-served-by: cache-iad-kjyo7100116-IAD, cache-iad-kjyo7100116-IAD, cache-pdk-kpdk1780036-PDK, cache-iad-kjyo7100179-IAD, cache-fra-eddf8230097-FRA
last-modified: Mon, 02 Oct 2023 17:06:02 GMT
server: nginx
surrogate-reporting: width=280,height=234,bytes=53348,owidth=1592,oheight=1194,obytes=1033820
x-timer: S1698256442.352810,VS0,VE0
etag: "aefd124f82639cc6a06d2fedc151f508"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 0, 2

GET
H2 200 3fa7a7a3fd9a7b1f2ad610344b7152e7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
11 KB 25ms
25ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3fa7a7a3fd9a7b1f2ad610344b7152e7.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 083c7d61156e60684c436e82f3d0b4315cc68412d9924f9e9f75de31e94d4a80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3fa7a7a3fd9a7b1f2ad610344b7152e7.png
age: 3056294
edge-cache-tag: 404991645207224990958003461571332497051,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 404991645207224990958003461571332497051,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 598
req-referer: https://news.gooya.com/
content-length: 10776
x-request-id: b26c9c22c66b8546c75e4325ee6a1a4b
x-backend-name: CH_nlb801
x-served-by: cache-iad-kcgs7200069-IAD, cache-iad-kjyo7100172-IAD, cache-iad-kiad7000173-IAD, cache-fra-eddf8230097-FRA
last-modified: Fri, 25 Aug 2023 06:20:08 GMT
server: nginx
x-timer: S1698256442.362484,VS0,VE1
etag: "3254a114bc9f5d5440c064169636cc7e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 27, 1

POST
H2 200 _.gif
counter.snackly.co/ 0
38 B 223ms
156ms Ping
image/gif 2606:4700:10::ac43:1b1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/900320/mi-scraper-1.17.1.09.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1b1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://hilight.kapook.com
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 81bc528d4ff135fc-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Wed, 25 Oct 2023 17:54:02 GMT

POST
H2 200 _.gif
counter.snackly.co/ 0
248 B 190ms
131ms Ping
image/gif 2606:4700:10::ac43:1b1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/900320/mi-scraper-1.17.1.09.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1b1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://hilight.kapook.com
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 81bc528d4ff535fc-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Wed, 25 Oct 2023 17:54:02 GMT

GET
H2 204 supply-feature
am-trc-events.taboola.com/kapook/log/3/ 0
230 B 50ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/kapook/log/3/supply-feature?route=AM:AM:V&tvi2=84&tvi48=9598&tvi50=9864&lti=deflated&ri=606c47ed9c0b8285754d64e24b7b1e01&sd=v2_52d01f40972505e1f335f93c21f2293e_ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9_1698256441_1698256441_CNawjgYQgaNGGISk47-2MSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABozOTU0unQ5cneAXAA&ui=ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9&pi=/&wi=-403804868470246669&pt=category&vi=1698256441860&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22912%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A54%3A02.281&id=2437&llvl=2&cv=20231025-5-RELEASE&
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/kapook/log/2/ 0
90 B 39ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/kapook/log/2/debug?tim=19%3A54%3A02.291&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6398&cv=20231025-5-RELEASE&lt=deflated&pct=1
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27003

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fhilight.kapook.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fhilight.kapook.com%2F&rid=esp&cc=1

85 B
201 B

133ms
133ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fhilight.kapook.com%2F&rid=esp&cc=1
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: ddc125b5294cfd30423e2edb5a632f00eac0127bfa0fcf9c78642f9b4fae1158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-eWqaeAulwAatIx/fVotL1sXC5Kg"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hilight.kapook.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://hilight.kapook.com
location: /esp?url=https%3A%2F%2Fhilight.kapook.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
337 B 161ms
49ms XHR
application/json 99.81.194.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.194.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-194-117.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: df4faad6ed83b1fb8145d50b9de9d8e263728a911577d616a40397b0f3d9def3

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache
x-server: 10.45.18.237
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
234 B 72ms
21ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hilight.kapook.com
date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 352 KB
66 KB 584ms
584ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3838940863815286&correlator=3610886890046320&eid=31079073%2C31078931&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fifs&iu_parts=16357739%2CBloomblock_Hilight_300x250_ATF_(18)%2CHilight_news_300_2_PC%2Chilight_news_728_pc%2Chilight_news_970_pc%2C1px_hilight_PC_inread%2Cskin_hilight%2Cgallery_desktop_728%2CHilight_inter_mob%2CHilight__1x1_refresh_pc&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=1x1%7C300x250%2C300x250%7C1x1%7C300x600%2C728x90%7C1x1%2C970x250%7C1x1%2C1x1%2C1x1%7C1500x900%2C728x90%7C1x1%2C1x1%2C1x1&ifi=1&didk=1875752095~3810473399~1875752093~1875752090~2398301163~255517424~2399143414~731323979~1503433179&sfv=1-0-40&ists=2&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1698256442406&lmt=1698249242&adxs=-9%2C-9%2C-9%2C315%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C128%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C0%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fhilight.kapook.com%2F&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C970x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C970x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C4%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C1200%2C0%2C0%2C0%2C0%2C0&ga_vid=428817778.1698256442&ga_sid=1698256442&ga_hid=109926894&ga_fc=true&dlt=1698256439649&idt=2441&prev_scp=pwtsid_pubmatic%3D19ef926069d7654%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2025151b74c1f9c%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D21dc5e7abe84c71%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D22b0ee4ff7ac265%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2355645a7c8427a%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D24b1e5f96507121%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D25c0fc9b8e6663%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2691241acd01083%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D278a792a8e46fa1%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&adks=3445020646%2C719977154%2C937166789%2C4208516631%2C1060165196%2C1675199816%2C509936929%2C3326566163%2C1615479766&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac775a4dd063a646f735cc6babbac9ed5551eb6156d4fd85ff28e58cf6718f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67788
x-xss-protection: 0
google-lineitem-id: 5445907630,5446139414,5445910228,5445903754,6392414331,-2,-2,-1,6120385326
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138319899124,138319434761,138319899841,138319897714,138449519978,-2,-2,-1,138406050096
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F786 6 KB
3 KB 91ms
27ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 17:54:02 GMT
expires: Thu, 24 Oct 2024 17:54:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ 39 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl_page_level_ads.js?cb=31079073

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a03c4578f73d61ff2655eeb096a800f0bbd1da1a3477f7db4185fe2210740866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 14:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11620
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
server: cafe
etag: 13787945745808829369
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 24 Oct 2024 14:40:22 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C366 15 KB
6 KB 41ms
40ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hilight.kapook.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hilight.kapook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 17:54:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 307237
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/4b91b444-2376-45e5-978b-963ae7080532__jHs9YASX.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c8175ec4b5efd3334de676f6bed2c98df5d28512e4aa16d3ab3073ef591b373

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/4b91b444-2376-45e5-978b-963ae7080532__jHs9YASX.jpg
age: 1712262
edge-cache-tag: 438070710080463768471428043174846417425,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 438070710080463768471428043174846417425,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 189
expiration: expiry-date="Thu, 28 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://teslamag.de/
content-length: 10274
x-backend-name: US_nlb104
x-served-by: cache-iad-kjyo7100135-IAD, cache-iad-kcgs7200022-IAD, cache-lga21949-LGA, cache-iad-kiad7000141-IAD, cache-fra-eddf8230097-FRA
last-modified: Mon, 28 Aug 2023 15:08:57 GMT
server: nginx
x-timer: S1698256442.441231,VS0,VE0
etag: "194236002c78e2448f571ddefc648a02"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 19, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c1deeb4d3e8a2c4b1de2d8a641624510.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 353e3170b8f376e1430088e3b54259598a42b38e021cccda5e8f9eaacff690c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c1deeb4d3e8a2c4b1de2d8a641624510.jpg
age: 1933481
edge-cache-tag: 558358744401578134655255791687347760808,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 558358744401578134655255791687347760808,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time: 112
req-referer: https://www.milliyet.com.tr/ramazan/dualar/sukur-duasi-oku-sukur-duasi-arapca-okunusu-turkce-anlami-ve-fazileti-nedir-6261046
content-length: 20828
x-request-id: d438055ceec0ed980e3517ddcde0fca9
x-backend-name: US_nlb105
x-served-by: cache-iad-kjyo7100116-IAD, cache-iad-kjyo7100116-IAD, cache-pdk-kpdk1780036-PDK, cache-iad-kjyo7100179-IAD, cache-fra-eddf8230097-FRA
last-modified: Mon, 02 Oct 2023 17:06:02 GMT
server: nginx
surrogate-reporting: width=280,height=234,bytes=53348,owidth=1592,oheight=1194,obytes=1033820
x-timer: S1698256442.441472,VS0,VE0
etag: "aefd124f82639cc6a06d2fedc151f508"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 0, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3fa7a7a3fd9a7b1f2ad610344b7152e7.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 083c7d61156e60684c436e82f3d0b4315cc68412d9924f9e9f75de31e94d4a80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3fa7a7a3fd9a7b1f2ad610344b7152e7.png
age: 3056294
edge-cache-tag: 404991645207224990958003461571332497051,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 404991645207224990958003461571332497051,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 598
req-referer: https://news.gooya.com/
content-length: 10776
x-request-id: b26c9c22c66b8546c75e4325ee6a1a4b
x-backend-name: CH_nlb801
x-served-by: cache-iad-kcgs7200069-IAD, cache-iad-kjyo7100172-IAD, cache-iad-kiad7000173-IAD, cache-fra-eddf8230097-FRA
last-modified: Fri, 25 Aug 2023 06:20:08 GMT
server: nginx
x-timer: S1698256442.441863,VS0,VE0
etag: "3254a114bc9f5d5440c064169636cc7e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 27, 2

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1F45 15 KB
6 KB 21ms
21ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://hilight.kapook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=93263
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Wed, 25 Oct 2023 17:54:02 GMT
expires: Thu, 26 Oct 2023 19:48:25 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ 20 KB
7 KB 713ms
45ms Script
application/javascript 23.206.23.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/143/container_56d8ee121c51b14f6e964404.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.206.23.61 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-23-61.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 17:54:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Oct 2021 06:40:46 GMT
Server: nginx/1.20.2
ETag: "61725cee-5149-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=699851
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6407
Expires: Thu, 02 Nov 2023 20:18:14 GMT

GET
H/1.1 200
OK container_5f47736a47e7049801000002.js Show response
avd.innity.net/261/ 8 KB
3 KB 713ms
44ms Script
application/javascript 23.206.23.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.206.23.61 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-23-61.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 17:54:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 01:58:26 GMT
Server: nginx/1.20.2
ETag: "5f73e642-1eac-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1409016
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2875
Expires: Sat, 11 Nov 2023 01:17:39 GMT

POST
H2 200 bulk Show response
connect.thelead.tech/event/ 77 B
228 B 598ms
196ms XHR
application/json 202.183.165.226
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.thelead.tech/event/bulk

Requested by

Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.183.165.226 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

p352-nasbkkST3.C.csloxinfo.net

Software

Resource Hash

c56b5026c2b172d3dfdc83efa31cbc471f268414e9a5392a5623d57d7196518e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 77
vary: Origin
content-type: application/json

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1F45 4 KB
4 KB 148ms
43ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4074043&p=156743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: acd402b993de0bd25db3fca4d682b1e94646aacdf0020e6f98f356682f0448d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 17:54:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sid Show response
mug.criteo.com/ Frame C366
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=kapook.com&sn=ChromeSyncframe&so=0&topUrl=hilight.kapook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=oMgntXxWVGRISk1OUmZEbUYwTFJpRW5GTkJaaEZHcHBlbkFBVmlUejh1M2szYkYvamJscWxBQk0rcGhVaVV0TUtkV3dBWEJZdHRmTXBseUdEcHF6SldLQ2RzZ3ZPYVlkcG5UTGxCVnl6UHUralIyM0RseWxHdnFYWjAyNl...

430 B
654 B

39ms
38ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=oMgntXxWVGRISk1OUmZEbUYwTFJpRW5GTkJaaEZHcHBlbkFBVmlUejh1M2szYkYvamJscWxBQk0rcGhVaVV0TUtkV3dBWEJZdHRmTXBseUdEcHF6SldLQ2RzZ3ZPYVlkcG5UTGxCVnl6UHUralIyM0RseWxHdnFYWjAyNlFKNnlySUtYbDlscHZqUjRvN2JWZjRRM3BlaHBkMUFyd1d4ZXFKVHRSdUR2TWpwenRTRTJKMlFpWCtEREdSU0tqZVhqRFA3aWRWTUVsNkNtSmlGcDgzQ0VPcWlKaDg3MDJQbXhTUTA2SGpvYlJDNDY1K0ZQekpWaHNuNWhoWXRYcU14Sk9tVkVUUGEveTVrdEl0d2NuM2tISW9JNDQyUT09fA&cppv=2

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3848dfd392dd2cfe0bb713671d1f088629a79886ee49db978940fb39ddb1cf0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1362082
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=oMgntXxWVGRISk1OUmZEbUYwTFJpRW5GTkJaaEZHcHBlbkFBVmlUejh1M2szYkYvamJscWxBQk0rcGhVaVV0TUtkV3dBWEJZdHRmTXBseUdEcHF6SldLQ2RzZ3ZPYVlkcG5UTGxCVnl6UHUralIyM0RseWxHdnFYWjAyNlFKNnlySUtYbDlscHZqUjRvN2JWZjRRM3BlaHBkMUFyd1d4ZXFKVHRSdUR2TWpwenRTRTJKMlFpWCtEREdSU0tqZVhqRFA3aWRWTUVsNkNtSmlGcDgzQ0VPcWlKaDg3MDJQbXhTUTA2SGpvYlJDNDY1K0ZQekpWaHNuNWhoWXRYcU14Sk9tVkVUUGEveTVrdEl0d2NuM2tISW9JNDQyUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 277009
content-length: 0
expires: 0

GET
H2 200 goggen.php
lvs.truehits.in.th/ 91 B
292 B 1348ms
1347ms Image
image/jpeg 203.150.107.177
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lvs.truehits.in.th/goggen.php?hc=a0000034&rand=141845&bv=0&rf=bookmark&web=XB6BRAfv6MTw2wO4qToOUg%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=FDDE4E21.1&fp=d&fv=-&truehitspage=hilight_home&truehitsurl=https%3a//hilight.kapook.com/
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.150.107.177 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 177.107.150.203.sta.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: 44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/jpeg
pragma: no-cache
date: Wed, 25 Oct 2023 17:54:03 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 638B
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

161ms
49ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 17:54:02 GMT
expires: Wed, 25 Oct 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1163816
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 25DB
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=465EFA93-E986-48DD-A278-4B4158DC34D7&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=465EFA93-E986-48DD-A278-4B4158DC34D7&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

205ms
205ms

Document
image/gif

67.220.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=465EFA93-E986-48DD-A278-4B4158DC34D7&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 25 Oct 2023 17:54:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 0V7CDVHW02HW2V3T0MM7

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 25 Oct 2023 17:54:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=465EFA93-E986-48DD-A278-4B4158DC34D7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: J1D1MDBNJABD6G33CYXD

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame FD65
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kAM8vZMAPOWLVzfmk1Uis8APO72LATvgkwci16-w

42 B
569 B

152ms
40ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kAM8vZMAPOWLVzfmk1Uis8APO72LATvgkwci16-w
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 16:58:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Wed, 25 Oct 2023 17:54:02 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kAM8vZMAPOWLVzfmk1Uis8APO72LATvgkwci16-w
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A293
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=96348530435044245&gdpr=0&gdpr_consent=

42 B
216 B

104ms
49ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=96348530435044245&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 9886dbfe-ce64-4bcf-8ac8-347e8ecd011d
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 25 Oct 2023 17:54:02 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=96348530435044245&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 217.114.218.22; 217.114.218.22; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F5D4
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293955878632290450&gdpr=0&gdpr_consent=

42 B
448 B

168ms
48ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293955878632290450&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Wed, 25 Oct 2023 17:54:02 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293955878632290450&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F934
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e39fcbde-0589-4dab-b031-11b646cf44fe&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

1 B
185 B

48ms
47ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e39fcbde-0589-4dab-b031-11b646cf44fe&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 25 Oct 2023 17:54:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 25 Oct 2023 17:54:02 GMT
location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e39fcbde-0589-4dab-b031-11b646cf44fe&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A7FE
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jPVAtuxBXqdgv7R-IW1litly2hY&gdpr=0&gdpr_consent=

42 B
298 B

48ms
48ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jPVAtuxBXqdgv7R-IW1litly2hY&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Wed, 25 Oct 2023 17:54:03 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jPVAtuxBXqdgv7R-IW1litly2hY&gdpr=0&gdpr_consent=

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 91F8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

109ms
108ms

Document
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTlWOgAad7O0CAA_
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Wed, 25 Oct 2023 17:54:02 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230030-FRA
x-timer: S1698256443.823386,VS0,VE88

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Wed, 25 Oct 2023 17:54:02 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTlWOgAad7O0CAA_
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230030-FRA
x-timer: S1698256443.704043,VS0,VE98

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B2E2
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGWURVN0tjcXdBQUJ1MllYZ0ZsQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partneruserid=AAFYDU7KcqwAABu2YXgFlA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=137546542916555425&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?ev=AAFYDU7KcqwAABu2YXgFlA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D137546542916555425%26gdpr%3D0%26gdpr_consent...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=137546542916555425&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFYDU7K...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFYDU7KcqwAABu2YXgFlA&gdpr=0&gdpr_consent=

42 B
280 B

42ms
41ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFYDU7KcqwAABu2YXgFlA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 25 Oct 2023 17:54:04 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFYDU7KcqwAABu2YXgFlA&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET /
csync.loopme.me/ Frame 405C 0
0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F45
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rl76k-mGSN2ieEtBWNw01w%3D%3D&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rl76k-mGSN2ieEtBWNw01w%3D%3D&gdpr=0&gdpr_consent=&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

21ms
21ms

Image
text/html

23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=93263
accept-ranges: bytes
content-length: 5606
expires: Thu, 26 Oct 2023 19:48:25 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 1F45 49 B
265 B 60ms
49ms Image
image/gif 99.81.194.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=465EFA93-E986-48DD-A278-4B4158DC34D7&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.194.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-194-117.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.13.227
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 1F45
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2653266798
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=465EFA93-E986-48DD-A278-4B4158DC34D7

0
284 B

87ms
33ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=465EFA93-E986-48DD-A278-4B4158DC34D7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 google
last-modified: Wed, 25 Oct 2023 17:54:02 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=465EFA93-E986-48DD-A278-4B4158DC34D7
date: Wed, 25 Oct 2023 17:54:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame 1F45
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=465EFA93-E986-48DD-A278-4B4158DC34D7
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWNpQkczNjBNVzFSSHFlNGZ0S1RxdjVyQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=3761134116907227511&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

132ms
131ms

Image
image/png

52.3.75.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: HTTP/1.1
Server: 52.3.75.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-75-156.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 17:54:03 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Wed, 25 Oct 2023 17:54:03 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1F45
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDY1RUZBOTMtRTk4Ni00OERELUEyNzgtNEI0MTU4REMzNEQ3&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDY1RUZBOTMtRTk4Ni00OERELUEyNzgtNEI0MTU4REMzNEQ3&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

70ms
41ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1F45
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWTu-_dff0uhGbrttr8l8I&google_cver=1

42 B
344 B

78ms
41ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWTu-_dff0uhGbrttr8l8I&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWTu-_dff0uhGbrttr8l8I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 1F45 43 B
612 B 97ms
28ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 24 Oct 2023 17:54:02 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1F45
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3761134116907227511

42 B
242 B

95ms
48ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3761134116907227511
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:02 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3761134116907227511
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1F45 70 B
148 B 155ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 465EFA93-E986-48DD-A278-4B4158DC34D7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1F45 43 B
426 B 142ms
47ms Image
image/gif 2a05:d018:d29:3605:290e:3f93:cc5a:81f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/465EFA93-E986-48DD-A278-4B4158DC34D7?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:290e:3f93:cc5a:81f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame 1F45 0
15 B 93ms
24ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=465EFA93-E986-48DD-A278-4B4158DC34D7&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1F45 0
187 B 115ms
27ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 25 Oct 2023 17:54:01 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1F45
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8332522906806736800&gdpr=0&gdpr_consent=&us_privacy=

1 B
278 B

47ms
47ms

Image
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8332522906806736800&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 25 Oct 2023 17:54:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8332522906806736800&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 1F45 0
104 B 182ms
70ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=465EFA93-E986-48DD-A278-4B4158DC34D7&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:02 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

OPTIONS
H2 204 me
api-center.kapook.com/v1/market/ Frame 0
0 767ms
196ms Preflight 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-center.kapook.com/v1/market/me
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: kuid
Access-Control-Request-Method: GET
Origin: https://hilight.kapook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid,Kcuid,Token,Origin
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: https://hilight.kapook.com
allow: OPTIONS, GET
date: Wed, 25 Oct 2023 17:54:03 GMT
vary: Accept-Encoding

GET
H2 200 me Show response
api-center.kapook.com/v1/market/ 55 B
570 B 195ms
195ms XHR
application/json 202.183.165.49
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-center.kapook.com/v1/market/me
Requested by: Host: my.kapook.com
URL: https://my.kapook.com/angular/1.6.1/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.183.165.49 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p175-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 237109949b73d2ee41a8d07042fc132ef14bcb34f443374eb98622686f62ca9f

Request headers

Accept: application/json, text/plain, */*
Kuid
Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hilight.kapook.com
access-control-allow-credentials: true
access-control-allow-headers: X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid,Kcuid,Token,Origin
content-length: 79

GET
H3 200 ic_create.svg
assets.thaibuffer.com/signin_2017/svg/ 630 B
915 B 87ms
87ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.thaibuffer.com/signin_2017/svg/ic_create.svg

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

591e83b3346c9a91bb0ac1c9c658fae064d1b61e238b2efb2f213215323a9882

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"69a3bec5f075f8dfd9febaa6c4b9b8fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSUwsbMvfdOimLE%2FpMsl0ol8DjOPyCgpIoapeVM0VUqtmAxZzaZkPH7m7T1w%2BYoTtV81PHK7wPZFjZMJarDKMkK8b%2B4QFK1aIP%2F4Hwp87%2Fh9%2BPg3XZtHcrGGt67c6NRHeif0X%2Fx9xmTPIHS2sDPh7Rx%2BDbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 81bc528e9fda9b69-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ic_settings.svg
assets.thaibuffer.com/signin_2017/svg/ 1 KB
1 KB 70ms
70ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.thaibuffer.com/signin_2017/svg/ic_settings.svg

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27cccbf9ebf3d40c6f0e333a63884e8970b1ad2d87b45665cdba5bc299895fff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"6be24dc42247340a17ed9d0d6586c962"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fN9W5NvRC4oXub7ebytb%2FwDvC%2FPK%2FD1hv4brY%2BFh0YSf91puwJJY18NmyQnuVPQ9V8RYA%2F3tkDw8hPbghH4VbCrbvTirZtjMykswBvPl25Z4cs0a89U%2FeR71duSfs6GbYeNd%2BDa2610%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 81bc528e9fde9b69-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sign-out.svg
assets.thaibuffer.com/signin_2017/svg/ 709 B
954 B 81ms
81ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.thaibuffer.com/signin_2017/svg/sign-out.svg

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dfde2ba9c506a2ff3279b128416b5c9b53f819ffffa56c0756d7619a74543fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"ac1a0233bba8d1c33826333c7f56bad5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v05Oolm5vGK40rPbSi4HSErF%2BRNhO2tgj4AOC08Wg0LSiyZKgxYEH6nawML31YAmZghEvm8oUQQk46ZZDXhJrrzm3f%2BaWlFKUhqsyTL2NvWkV%2B7dXviD7aLIXTfmuP6j8jPk32%2FXE4NBr5Ehv2LSMN0yfew%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 81bc528e9fe09b69-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 st Show response
imprammp.taboola.com/ Frame EEF6 439 B
397 B 40ms
39ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&cmcv=&pix=undefined&cb=1698256442650&uv=3351&tms=1698256442650&abt=adxsub-out_vA!adxsub-out_vB!ufm!uftchrwf_vC!unf_vC&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=0f0031db-4721-4a52-911e-151cb1a91047&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c17bebf82591d40a0e8056c348811a61c63fb587e56cdb8dfbb7b0954ed6891

Request headers

Referer: https://hilight.kapook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 25 Oct 2023 17:54:02 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230097-FRA
x-timer: S1698256443.668552,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 74EC 422 B
516 B 35ms
29ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8d6ddddc8f7b5330defd30f5a79cab52aa7a44b6e3016cabad679eb5352e975d

Request headers

Referer: https://hilight.kapook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 25 Oct 2023 17:54:02 GMT
machineid: 3407
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
969 B 123ms
116ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=466&height=262&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1698256442656&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1562&pt=-1439806713&tz=120&viewable=true&ddast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3280915&dpubid=283475&abtst=adxsub-out_vA!adxsub-out_vB!ufm!uftchrwf_vC!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fhilight.kapook.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 41906167d7cc5faa9db19f04286b46893218b792dc89d257f4ce1f483e1f6988

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 25 Oct 2023 17:54:02 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1419
x-cache: MISS
x-served-by: cache-fra-eddf8230097-FRA
pragma: no-cache
server: nginx
x-timer: S1698256443.675505,VS0,VE90
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 42ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&cmcv=&pix=31589837&cb=1698256442650&uv=3351&tms=1698256442650&abt=adxsub-out_vA!adxsub-out_vB!ufm!uftchrwf_vC!unf_vC&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1698256437805!ts:1698256442650&mntl=1
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
content-length: 0
server: nginx

GET
H3 200 switch2.svg
assets.thaibuffer.com/portal_config_desktop/header/svg/ 756 B
956 B 81ms
80ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.thaibuffer.com/portal_config_desktop/header/svg/switch2.svg

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a298162070e6c98a3babbbacfb38fb188d1ea28e7f14c61524426b4414f2cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: REVALIDATED
etag: W/"9268bf98e0473a17fecc41217f394c06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FujM3d%2FwtBGDCWpebCMQfWksqMaBZO28fSrc8pDoUgwcvSqyBKb2aENqTFMscyUOhUGjo7HTOWJ1V5WZuN%2FdGYOQ22AH4Is%2FfkxerSk2DDQ%2F6dPZfswLknLczp0rkyEr3KVCvW5nd1xWwVVwH0gmM7gPmOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 81bc528ea8039b69-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame C6AC 0
176 B 78ms
27ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hilight.kapook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 25 Oct 2023 17:54:02 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 74EC 70 B
149 B 98ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 74EC 43 B
425 B 87ms
47ms Image
image/gif 2a05:d018:d29:3605:290e:3f93:cc5a:81f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:290e:3f93:cc5a:81f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 74EC 43 B
145 B 24ms
23ms Image
image/gif 52.57.96.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame EEF6 70 B
148 B 95ms
50ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&cmcv=&pix=undefined&cb=1698256442650&uv=3351&tms=1698256442650&abt=adxsub-out_vA!adxsub-out_vB!ufm!uftchrwf_vC!unf_vC&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=0f0031db-4721-4a52-911e-151cb1a91047&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9
pr-bh.ybp.yahoo.com/sync/taboola/ Frame EEF6 43 B
425 B 84ms
48ms Image
image/gif 2a05:d018:d29:3605:290e:3f93:cc5a:81f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&cmcv=&pix=undefined&cb=1698256442650&uv=3351&tms=1698256442650&abt=adxsub-out_vA!adxsub-out_vB!ufm!uftchrwf_vC!unf_vC&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=0f0031db-4721-4a52-911e-151cb1a91047&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:290e:3f93:cc5a:81f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame EEF6 0
125 B 91ms
23ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/33_5_1/infra/ 676 KB
115 KB 22ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_5_1/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 173e2faa74cdc1e72b026704c917491fe3b47891ae62460bc75d1da8b4c254c3

Request headers

Referer: https://hilight.kapook.com/
Origin: https://hilight.kapook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-meta-mtime: 1698126120
date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: DE4DG4H8TG8TFMM8
age: 129974
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1698126122
x-amz-meta-mode: 33188
content-length: 117747
x-amz-id-2: DdzGfR4X4rxluqSBDsZpGVEyvp2OqIu9p1kJxwLGaGMxP1hjw89AFcGzqjPSUFLX7MuseiLoi1c=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 24 Oct 2023 05:42:03 GMT
server: AmazonS3-br
x-timer: S1698256443.791904,VS0,VE0
etag: "5f50556d2721f929168339281b037f52"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 51015

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_1/assets/css/ 60 KB
8 KB 24ms
23ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_5_1/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-meta-mtime: 1698126181
date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: DE47W2ZKZKPS5M4W
age: 129975
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1698126181
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: 1jkbc4sVUK5Jfq19URpsqgkSm7yM+pac41seZBKIu3TAfASADbX+2rw/FXF+zKHw+RVUQiMhKts=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 24 Oct 2023 05:43:02 GMT
server: AmazonS3-br
x-timer: S1698256443.794061,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 148352

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.6.2/ 425 KB
81 KB 21ms
21ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.6.2/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_1/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 1b746d3de79e1de3d5c6dd1377f91456dc95cbc30b0c752d71329ce165c89067

Request headers

Referer: https://hilight.kapook.com/
Origin: https://hilight.kapook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-meta-mtime: 1698152373
date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: QS0123WVSPAVE0ZQ
age: 104027
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1698152386
x-amz-meta-mode: 33188
content-length: 82016
x-amz-id-2: NjR+Ne1cEw+SD9WOMJlro+GHnaydID5M96q9qDtsnT9k8xwIjqivQ4JV7YJcLQwP6tU6ZtWBtLY=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 24 Oct 2023 12:59:47 GMT
server: AmazonS3-br
x-timer: S1698256443.904025,VS0,VE0
etag: "ecae5e7661939855be8d9a251cd4e806"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 80284

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 4D56 422 B
507 B 29ms
29ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_1/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8d6ddddc8f7b5330defd30f5a79cab52aa7a44b6e3016cabad679eb5352e975d

Request headers

Referer: https://hilight.kapook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 25 Oct 2023 17:54:02 GMT
machineid: 3402
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 29ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=66361655&crid=-1&dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&cmcv=&pix=&cb=1698256442877&uv=3351&tms=1698256442877&su=&abt=adxsub-out_vA!adxsub-out_vB!t120!ufm_vA!uftchrwf_vC!unf_vC&ft=0&unm=WIDGET_ITEM&mntl=1&
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 31ms
22ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://hilight.kapook.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Wed, 25 Oct 2023 17:54:02 GMT
via: 1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: WAW51-P3
age: 2707788
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1698256443.944268,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits: 395499

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4D56 70 B
148 B 49ms
48ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 4D56 43 B
425 B 50ms
50ms Image
image/gif 2a05:d018:d29:3605:290e:3f93:cc5a:81f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:290e:3f93:cc5a:81f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 4D56 43 B
145 B 23ms
22ms Image
image/gif 52.57.96.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7454 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0bGt4MrctVP7PY2LilK3dvUXot2YicfJGmdT-xRdJzFW6CNtxWP7pfEqMLwCjttmlUwbwoj2PK27AEHfSjDYkubEei8ho3foRLuOWYCLgBweyQkZ-ucJie6oUP1c5_8Cb_Lc96wXOwdW2FueUdKn3GpO31jOdA8xnNQSMo8uX7xQYUF9lP3oqTkYe7ZF_dxZ-4qIVZbFYfvrIyBXlRe2vQN5JGJyFCGWsluj4vZ-DWRuMs5VpqoKLeTl954J68eqx_SluhAJtfPr0aas-nKeIQh6vCqglqsXwSMgAbPxw2DxtmcIe-L3uGgXFi2XW4DP_YSpVt99vymutSenQdKtOv1kAOlxH_cuJh5seERwORbbDDFDdUKM&sai=AMfl-YQ9CkIIh7ZFLZqc2YqaTzwdgpR_MwXyEveWuuInX10ELyiwtKt5RFGYO9uPzursYv86_t33Fogn-zcoTj-NleDWqSK4Zqmo2-7ivDt03sZ-AH5ZYVit8_47e-quCmkmA6rNDSnqpcoghm64Xv8&sig=Cg0ArKJSzPSGNPmzpDUNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 22392.js Show response
ads.rubiconproject.com/ad/ Frame 7454 30 KB
9 KB 84ms
26ms Script
text/javascript 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/22392.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k / PHP/7.2.24
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
x-powered-by: PHP/7.2.24
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=7843
access-control-allow-credentials: true
content-length: 8916
expires: Wed, 25 Oct 2023 20:04:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7454 187 KB
59 KB 94ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 17:54:03 GMT

GET
H2 200 container.html Show response
06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 73E0 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 17:54:02 GMT
expires: Thu, 24 Oct 2024 17:54:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 73E0 4 KB
1 KB 83ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com
URL: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 25 Oct 2023 17:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 16:54:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Oct 2023 17:54:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3A98 14 KB
1 KB 68ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 25 Oct 2023 17:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 17:03:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Oct 2023 17:54:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 3A98 2 KB
879 B 77ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 3A98 23 KB
9 KB 87ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C703 143 B
247 B 22ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 17:08:21 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 3A98 3 KB
1 KB 88ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20999
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 12:04:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 3A98 20 KB
9 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A98 187 KB
59 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 17:54:03 GMT

GET
H2 200 b043ffb3bb2c6d533211f24c7a1dfd38.js Show response
www.gstatic.com/mysidia/ Frame 3A98 35 KB
15 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b043ffb3bb2c6d533211f24c7a1dfd38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 14:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15030
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 00:39:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 14:24:05 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 73E0 20 KB
9 KB 67ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com
URL: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:47:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:47:23 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 73E0 205 B
520 B 69ms
26ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com
URL: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 15:33:28 GMT
x-content-type-options: nosniff
age: 354035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 20 Oct 2024 15:33:28 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 73E0 604 B
696 B 69ms
26ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com
URL: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 09:35:28 GMT
x-content-type-options: nosniff
age: 289115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 21 Oct 2024 09:35:28 GMT

GET
H2 200 237105-new-580430-363237.jpg
hilight.kapook.com/rq/580/435/50/image_fb/48/ 40 KB
40 KB 295ms
295ms Image
image/jpeg 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/rq/580/435/50/image_fb/48/237105-new-580430-363237.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: ec88421507a6bb26e3e6c7c3a95759b4dc46311a64ef1dff0e94263e13fdf5d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
last-modified: Wed, 25 Oct 2023 07:50:38 GMT
accept-ranges: bytes
etag: "6538c8ce-9fe7"
content-length: 40935
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 237104-new-580430-822216.jpg
hilight.kapook.com/rq/580/435/50/image_fb/48/ 29 KB
29 KB 398ms
397ms Image
image/jpeg 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/rq/580/435/50/image_fb/48/237104-new-580430-822216.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: e04dd8233ad67a3623183fc30675508241c56961555f40dd9aaf425df4129802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
last-modified: Wed, 25 Oct 2023 07:40:33 GMT
accept-ranges: bytes
etag: "6538c671-7516"
content-length: 29974
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 1774392-57.js Show response
smarttag.rubiconproject.com/a/22392/330930/ Frame 7454 2 KB
1 KB 336ms
166ms Script
text/javascript 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/22392/330930/1774392-57.js?&cb=0.49814433667671265&tk_st=1&rf=https%3A//hilight.kapook.com/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 20536cece2f587dfe9ccbc4977455328ef12aff9a338567bd28360e92e9e3ca7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:03 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ 59 B
726 B 738ms
179ms Script
application/javascript 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 784e0a1edee1510280afdd52a2cb5eab405d9ac5d0da9e717199d80d4f27dc3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 Oct 2023 17:54:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Oct 2023 17:54:03 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 79
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C703
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
33ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com
URL: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 17:54:03 GMT
expires: Wed, 25 Oct 2023 17:54:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 17:54:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 bulk Show response
trc.taboola.com/kapook/log/3/ 0
343 B 32ms
32ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/kapook/log/3/bulk?tvi2=84&tvi48=9598&tvi50=9864&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Wed, 25 Oct 2023 17:54:03 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7522
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230097-FRA
pragma: no-cache
server: nginx
x-timer: S1698256443.212741,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js Show response
pagead2.googlesyndication.com/bg/ Frame CC90 38 KB
15 KB 74ms
23ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:51:07 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
713 B 23ms
22ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Wed, 25 Oct 2023 17:54:03 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 27993
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1698256443.303917,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 87
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 19462

GET
H2 200 237102-new-580430-370172.jpg
hilight.kapook.com/rq/580/435/50/image_fb/48/ 44 KB
44 KB 296ms
295ms Image
image/jpeg 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/rq/580/435/50/image_fb/48/237102-new-580430-370172.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 5935e935f47c9ec067703d2b6b2646bd867151fc10fadad09664dbe09467ce9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
last-modified: Wed, 25 Oct 2023 05:05:03 GMT
accept-ranges: bytes
etag: "6538a1ff-af49"
content-length: 44873
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 237101-new-580430-560993.jpg
hilight.kapook.com/rq/580/435/50/image_fb/48/ 12 KB
12 KB 297ms
296ms Image
image/jpeg 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/rq/580/435/50/image_fb/48/237101-new-580430-560993.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: b4b15b14beac6ceca3552776e1d8b2e35b23cd3a8ece0393a7382bff97ab81c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
last-modified: Wed, 25 Oct 2023 04:09:43 GMT
accept-ranges: bytes
etag: "65389507-3057"
content-length: 12375
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 237100-new-580430-986117.jpg
hilight.kapook.com/rq/580/435/50/image_fb/48/ 20 KB
20 KB 297ms
297ms Image
image/jpeg 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/rq/580/435/50/image_fb/48/237100-new-580430-986117.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: f56622c76c059eeabec9d658d37bb24e3d0037f268348d21b6f3ab9109b35c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
last-modified: Wed, 25 Oct 2023 04:08:03 GMT
accept-ranges: bytes
etag: "653894a3-4f9a"
content-length: 20378
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 237099-new-580430-671865.jpg
hilight.kapook.com/rq/580/435/50/image_fb/48/ 20 KB
21 KB 437ms
436ms Image
image/jpeg 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/rq/580/435/50/image_fb/48/237099-new-580430-671865.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 201690a6711de52aae1a39a5984c41f7d7ed033902f6d6ee07246e47184d66d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
last-modified: Wed, 25 Oct 2023 03:31:16 GMT
accept-ranges: bytes
etag: "65388c04-51a7"
content-length: 20903
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7454 89 KB
29 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774392-57.js?&cb=0.49814433667671265&tk_st=1&rf=https%3A//hilight.kapook.com/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ab96b22c27e6580421cb451b79a05b8361e5542e5a1168549b8ab0c7aa3587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29412
x-xss-protection: 0
server: cafe
etag: 819 / 19655 / m202310190101 / config-hash: 14305054982963340007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 17:54:03 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9BEF 281 B
554 B 151ms
37ms Document
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774392-57.js?&cb=0.49814433667671265&tk_st=1&rf=https%3A//hilight.kapook.com/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://hilight.kapook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 Oct 2023 17:54:03 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 0f7b873c-bcd5-4d3a-90d1-30c9dcd3d8b7
beacon-ams3.rubiconproject.com/beacon/d/ Frame 7454 43 B
227 B 190ms
36ms Image
image/avif 2602:803:c003:200::27
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/0f7b873c-bcd5-4d3a-90d1-30c9dcd3d8b7?oo=0&accountId=22392&siteId=330930&zoneId=1774392&sizeId=57&e=6A1E40E384DA563B5B5255C30703A5E48B846B9F2C64A697D8AC672F16C95763D44CD7BC030E772291C2331061D4CE80FE5D718BBE08EF1C578F754C988D6AD88D9D21AEC5ACF7D0C9235166DC3A569164F8EA6123DAAC4767037ACA27E33253AE07D7934A93BD86DD713C1A3B25E6DA109478760DFABCFE32997889F1DA11D8

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:03 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7454 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18cda85e33d7db5e9729346cf2c018e9d810632d9e9d4de761dfb35b36ce3e60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 de3168dd-f759-4f92-a4d0-94da2c930515.jpg
s359.kapook.com/rq/580/435/50/pagebuilder/ 37 KB
37 KB 514ms
511ms Image
image/jpeg 27.254.43.250
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s359.kapook.com/rq/580/435/50/pagebuilder/de3168dd-f759-4f92-a4d0-94da2c930515.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 141581c0db576256035e904531c1079aef9402b3ef042eaf95069dc4f4e9b74c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
last-modified: Wed, 25 Oct 2023 07:50:41 GMT
etag: "6538c8d1-9507"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 38151
kp-cache-status: HIT
expires: Wed, 01 Nov 2023 17:54:03 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ Frame 7454 422 KB
132 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 08:11:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34925
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135316
x-xss-protection: 0
server: cafe
etag: 9779678222609117831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 24 Oct 2024 08:11:58 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9BEF 41 KB
11 KB 39ms
38ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 41fb2af396010bf8caf24206fae2441d39e692c4da4641d58ce6dcf68fa8de16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 17:54:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Oct 2023 03:44:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35397
Connection: keep-alive
Content-Length: 11096
Expires: Thu, 26 Oct 2023 03:44:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7454 137 KB
41 KB 427ms
426ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2969389917155846&correlator=324068957717392&eid=44780990&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=16357739%2Chilight_news_970_pc&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C1x1&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3D229092b5e5c8c65e%3AT%3D1698256442%3ART%3D1698256442%3AS%3DALNI_MYpqKZx49H5ym1dXc9ccYeoj-CwhQ&gpic=UID%3D00000ca416e80b69%3AT%3D1698256442%3ART%3D1698256442%3AS%3DALNI_MY-LY6xZJ2M5tUAcamVETXwjLBPUg&abxe=1&dt=1698256443709&lmt=1698249243&adxs=315&adys=129&biw=1600&bih=1200&isw=970&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=bh34bu2w3cgo&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fhilight.kapook.com%2F&ref=https%3A%2F%2Fhilight.kapook.com%2F&top=https%3A%2F%2Fhilight.kapook.com%2F&vis=1&psz=970x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=428817778.1698256442&ga_sid=1698256444&ga_hid=779109171&ga_fc=true&dlt=1698256443027&idt=650&prev_scp=passback%3Dmagnite&adks=1922974829&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8cd195956b18b2727fc256200bbaa521b2697a6c5d522647fc429f7f7b1a46a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41967
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 50B8 6 KB
3 KB 43ms
28ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 17:54:03 GMT
expires: Thu, 24 Oct 2024 17:54:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 9BEF 7 B
380 B 129ms
25ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7454 0
0 101ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfVwYdAo30QqhePpuUBKxUuSY_oPI9WyuX4Vuimi1HCwjfpFdr8f23_IUyf8aCyH125pEZfAz5DXjnHzyQOOE_mtwuAd-P09MJuFqxZFnsbPuMUmlJZpj878ZAhH6eCFfhQ0OKyNH0Er0EoSY8tBBn3gLt7Dj4zj6qN7Jk8p_xU2qqh7ky4Yx8frgX9tcrWAxk6dB24A-PLrbApeU2Gn0Vi2U_o3X6beWHF2pKg7nj8owf6PBTkPbPtSw3khp8Je11o778C3ynPTifUZjUATswlZK9EVPbqAtiDuj5tZaFT13yC1L19uBRIdz1CTPu2LfVqNHItdIe7GRiNX4pUFHrTWRDOSIEjh28TUkLKQySN8lTzRqxLQT_gQ&sai=AMfl-YSoBs1hWyeNsBfT7kz3Q3IkCBSsBLbzHyTpLP0x1eCCC1NjKxtCMHARv1AwNwMkS6bLsadnDQsD8s6rg4KxWUed5ePVAIGgBRfhac7hFlG5w1odZqCaXoiBIeCiaOtthHBd-qB4o9E5lPwu8Ig&sig=Cg0ArKJSzDpxfBKHKI1SEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 25 Oct 2023 17:54:03 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7454 16 KB
12 KB 115ms
71ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

648d6787c25b09debbb63f2b318315d57aa7fe1588c2cf11892f512f77fa17f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12292
x-xss-protection: 0

GET
H/1.1 200
OK /
avd.innity.com/dc/ 43 B
600 B 534ms
180ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=143&cuid=9d4ef515fcbf16ddc389b7d7f24ae5b3&cb=1698256443901&douid=&sess=15063614.143.1698256443899&dur=0&ref=https%3A%2F%2Fhilight.kapook.com%2F&srf=&pk=&pt=%E0%B8%A3%E0%B8%A7%E0%B8%A1%20%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 Oct 2023 17:54:04 GMT
Last-Modified: Wed, 25 Oct 2023 17:54:04 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H/1.1 200
OK /
avd.innity.com/sync/ 43 B
471 B 537ms
181ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=innity&token=9d4ef515fcbf16ddc389b7d7f24ae5b3&type=cookie&itmcb=1698256443902
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 Oct 2023 17:54:04 GMT
Last-Modified: Wed, 25 Oct 2023 17:54:04 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7454 17 KB
7 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 17:54:03 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 07E5 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3755
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 16:51:28 GMT
expires: Thu, 24 Oct 2024 16:51:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BD92 829 B
561 B 32ms
31ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0201b03f38c596498518aae7680b92a206a13bb14de7aba507ef82779475aee6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iw8RkaLxRfm84vKZJXAy4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hilight.kapook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-iw8RkaLxRfm84vKZJXAy4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 17:54:03 GMT
expires: Wed, 25 Oct 2023 17:54:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js Show response
pagead2.googlesyndication.com/bg/ Frame 07E5 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 16:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15187
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 16:51:06 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BD92 0
0 126ms
125ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310190101&jk=2969389917155846&rc=
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 07E5 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xwF9RQ
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 container.html Show response
50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8109 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 17:54:03 GMT
expires: Thu, 24 Oct 2024 17:54:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 23ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Wed, 25 Oct 2023 17:54:04 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 280
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1698256444.182028,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 17
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 2418

GET
H2 200 css
fonts.googleapis.com/ Frame 8109 4 KB
751 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
URL: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 25 Oct 2023 17:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 16:57:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Oct 2023 17:54:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 8109 2 KB
825 B 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
URL: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 8109 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js

Requested by

Host: 50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
URL: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 8109 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js

Requested by

Host: 50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
URL: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 12:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Nov 2023 12:04:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 8109 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
URL: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 23:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 23:31:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8109 187 KB
59 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
URL: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698060838547238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 17:54:04 GMT

GET
H2 200 b043ffb3bb2c6d533211f24c7a1dfd38.js Show response
www.gstatic.com/mysidia/ Frame 8109 35 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b043ffb3bb2c6d533211f24c7a1dfd38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
URL: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 14:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15030
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 00:39:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 14:24:05 GMT

GET
DATA 200
OK truncated
/ Frame 8109 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 8109
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

22ms
22ms

Image
image/png

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: 50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
URL: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 07:46:12 GMT
x-content-type-options: nosniff
age: 382072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 20 Oct 2024 07:46:12 GMT

Redirect headers

date: Wed, 25 Oct 2023 01:09:18 GMT
x-content-type-options: nosniff
server: cafe
age: 60286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Nov 2023 01:09:18 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
124 B 28ms
22ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220020-FRA
date: Wed, 25 Oct 2023 17:54:04 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 332ms
105ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=ff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 Oct 2023 17:54:04 GMT
cache-control: no-store
server: nginx

GET
DATA 200
OK truncated
/ Frame 8109 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7c86fc6f094a3ff27e06a5ec3e25ba6ea7bb57ffe0c022a9a847f51d36f7fa1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8109 16 KB
16 KB 72ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 88070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 17:26:14 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 54ms
54ms Preflight
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CFJxGO1Y5ZY2hLsyH1PIPjOe8wAu9jaavb-fNr6y_DorRo-2-ARABIIOEsyhglYKAgKAHoAGwuqHXA8gBCakCBmGgCJTKsT7gAgCoAwHIA8sEqgSqAk_QI0E2zeympqYMzjKOSp2TIsK7J22Dvzv1HFJ6ucq6g6oEAC-PWbBe1fQUUnUYXGd0Lbl9aO7638BF4eyo2ievm7abQ4PCn4aL5ScO8Sk1mmx2NVooX4P6B_ozYTzZ33REVH6VGLdu91eJB9YDmnH0sR0IkQBZ4yJM-nKk1yrsmmCCULCNovKtjU2QiD33NF4e6KB7DvREfe_c3yf4flp2se2vVMdFIS_bPe_cG7eCtuN0rmsitrLpKQzSWG6rEtO8dvNHnv2MwH2OyQERskJjP-7TTUxR2vlb203fHskjo-P6v6-ot61YHIBmLUuo-bL9Bx7hkqvQK2ksDhpTs1Umu9_reAIZMe-AYJXkh_PqPG7P3Q4ZHt8JgQ1vYRfse_JPidammstGjrnABPmcqargA-AEAYgF-MTU6DaSBQQIBBgBkgUECAUYBKAGLoAHxfetPqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBD5pjHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgk8aHR0cHM6Ly93d3cua2F5YWsuZGUvc2VtaS9nZG50ZXh0L2ZsaWdodF9nZW5lcmFsL2FueS9kZS5odG1sgAoDyAsB4g0TCN-2xKDikYIDFcwDVQgdjDMPuNgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi0yMjUyMTY4NDE5MzA3ODgwGMvCEw&sigh=9u1dNHUyG_U&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNBCrQ9jJsUN16e4328ir-2we6KjL4XCcqq9HQRK_dgr4rhvI9YiLooMusUV8zqXFRltoGdzsDGAE&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 17:54:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8109
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CFJxGO1Y5ZY2hLsyH1PIPjOe8wAu9jaavb-fNr6y_DorRo-2-ARABIIOEsyhglYKAgKAHoAGwuqHXA8gBCakCBmGgCJTKsT7gAgCoAwHIA8sEqgSqAk_QI0E2zeympqYMzjKOSp2TIsK7...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223184083684770561745%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.de%22,%22event_report_window%22:%2225...

0
0

105ms
56ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223184083684770561745%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2210-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214360894619774054385%22}&andc=true

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3184083684770561745","debug_reporting":true,"destination":"https://kayak.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["10-25"],"6":["true"]},"priority":"500","source_event_id":"14360894619774054385"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 25 Oct 2023 17:54:04 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 25 Oct 2023 17:54:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3184083684770561745","debug_reporting":true,"destination":"https://kayak.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["10-25"],"6":["true"]},"priority":"500","source_event_id":"14360894619774054385"}&andc=true
access-control-allow-origin: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js Show response
pagead2.googlesyndication.com/bg/ Frame 46C6 38 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2HG1CcvP-YE06I0MK_Ndc6U8EJmJkusQfSqzERgh70.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 13:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 13:51:07 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 112ms
37ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhilight.kapook.com%2F&domain=hilight.kapook.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://hilight.kapook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 25 Oct 2023 17:54:03 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 221776
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
376 B 40ms
39ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhilight.kapook.com%2F&domain=hilight.kapook.com&cw=1&pbt=1&lsw=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 184176
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
418 B 20ms
20ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

95a74a9016350ab24f2b6ac40278f84e06bbef33f491a5c77f3ccbd14b501bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hilight.kapook.com
date: Wed, 25 Oct 2023 17:54:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
317 B 62ms
47ms XHR
application/json 99.81.194.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.194.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-194-117.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache
x-server: 10.45.8.2
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
423 B 49ms
49ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: ca50f9583c90f44c8c676def234198e42c54cb00acf5a808915eae463a8155d3

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 Oct 2023 17:54:04 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://hilight.kapook.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Fri, 24 Nov 2023 17:54:04 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
278 B 80ms
22ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a4c9c1df9a78bc8fac7a55a7119a0cee68b65682971a7a6461abb2448df22e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hilight.kapook.com
date: Wed, 25 Oct 2023 17:54:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 128ms
59ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 17:54:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 621.json Show response
id5-sync.com/g/v2/ 276 B
560 B 72ms
22ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/621.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

2cd3d71878e5cf98e359e9f07c7f06f9accb6f0d35fd66affb8b2ae869ebe647

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hilight.kapook.com
date: Wed, 25 Oct 2023 17:54:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 1F45 0
261 B 156ms
42ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156743&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:03 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7454 0
0 128ms
128ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310190101&jk=2969389917155846&bg=!DwylDEPNAAaMkNwkrJA7ADQBe5WfOAUNLWg0h72js5AEdTxOYxhxhiW7DmDpH45060zFkTi-OA_0MlPhIhmGj8NTwox9AgAAAHlSAAAAAmgBB5kC3Mdosse_i8HA_pGLIigqC0QoPgDfBGiS45idgDLJe9j78bb5POKdOhsoxKXpNxK0PJxV4ejWKI60Mpk_QF7bGtyqFvTMVSAagHn8TdB1uX2k3xrmibhOKRh4uF4BGAIvbieHybKLJZ2qU5JKuFlng9pBHV7deVXr0Uc_zQWiEnESd4p-OV8jcD8fSjdX9D8u7JFAKEy2Fc-_ZLd8ZmZHIuIuyign3Uz6IamSiL-sg4AmTlfcAOSQpzIULJQrgPf_4JAc1CcZD2-RlO1ERmKr7ZG78LA0D0VXJUhFct7x_-qqncaaklexxgXD3SH3Xlcd2CvWpFiZ8p0RMXlJ6aCnupDkbZDs2KZAFNhcv6yCnFmcuZ7WDO--zFDQBkWhEDhxlL6exdZHyEbg-ynaiP3kovwPMZRKb33yUshmgvNKO-5HYtT9euGwfvMpgzWJngOlzgGKm3xvKf8g5OaGV8-jq0SulP76i9nmbfXFqMv8XlCCk5KNh497Hta9l1QJccVV0myZcloAAyLWEL5xupfv2Gsrg3-yoskGILdfhyYquU_D_fOPFhD6C5gfMsSCBPWP_SgoFLloIGhtIEFGJNVbO9axh8mnTWrxA4WEfc13VOq1a-ky5EeFrrTYf7gJ_gyZxzpGZ_7t6T77tVum4Wv3t3lOulXjN2zRjd7euXM-7gOv94q5afUC_SEbFJOyd886Xks5XkqEvDigtb-26huCg5NqMsPjbFXwjY-MBTY8xnIxzxI4LlAmAZken0VpNXTBtaDxJJ19VG-es_KpefoGTWIemt8A1Jvbi2hjpkd6o43dTZZiHgBMT22JsOkvn6ZZw262dupv7sXG_1yxNNWVkIOWV0rmPUpfpshbWu7IixxocgPFUx638jBWqDFTXha1DUFkKRaSICkmaiS0aoJ_7NoNG20HjDt0Qc2erL_bIkICzlC8ZoTffg8mS6dHGj7EnhpaUHPD9T2ChTU-xA
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7454 42 B
64 B 127ms
126ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhMyvHORsBtcJiwrbfPPoNnNw0J4OIGNPCjduGvAYuNh5kLsPjm1z5pp2oV9JPKnzHWvb1tTl53AqX9QIsx4KwJScrHGknQrhXSkO-MDIrWZPHpTSvF4vcN2aSDFg3&sig=Cg0ArKJSzIX65yiUFjxJEAE&id=lidar2&mcvt=1000&p=128,315,378,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231023&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4208516631&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698256443027&rpt=748&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
184 B 181ms
47ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156743
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:05 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8109 42 B
64 B 139ms
139ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss__hkaq72ZLYNwxESu6-p3v5TDD3Mb-p41woaWVzKYa_RLR2zccfZsDo1Fvkal8RA_JEvx9Y0qsm98nZHLWIilthpc-igiV3B2Ga8qwgBkqpvQy9E3U-o3-NgCBj4RCKcz2125OpL93Hv4&sai=AMfl-YSyuUPg5RhebJWtrPKupLFubdSHMRvVTAt5a0MwxpaQUaJN4WAtnPscMvTKLPJwHW1dL_KSexpbruy1J1NdPyMgqTB4M6J10X5pEcmFNX8yjcgJrn6vcgED_io&sig=Cg0ArKJSzKnqZUVOD9mZEAE&cid=CAQSOwDICaaNBCrQ9jJsUN16e4328ir-2we6KjL4XCcqq9HQRK_dgr4rhvI9YiLooMusUV8zqXFRltoGdzsDGAE&id=lidar2&mcvt=1000&p=128,315,378,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1922974829&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698256444164&rpt=139&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1F45 3 KB
4 KB 44ms
43ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44688297&p=156743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ae8cad9f0debe5c12426deb8ee5a0658c7d08cf5391f5b99c50f805ce027b12a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 17:54:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame F96F 35 B
599 B 36ms
36ms Document
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=465EFA93-E986-48DD-A278-4B4158DC34D7&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Wed, 25 Oct 2023 17:54:05 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame CAB9
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6aadb3c2ced24d7da5d5e49ca4d5adf6

42 B
359 B

41ms
41ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6aadb3c2ced24d7da5d5e49ca4d5adf6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 166
content-type: text/html; charset=utf-8
date: Wed, 25 Oct 2023 17:54:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6aadb3c2ced24d7da5d5e49ca4d5adf6
pragma: no-cache
server: Tengine

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6045
Redirect Chain

https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0

42 B
185 B

48ms
48ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 176
Content-Type: text/html; charset=utf-8
Date: Wed, 25 Oct 2023 17:54:06 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma: no-cache

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 8D41 43 B
282 B 121ms
29ms Document
image/gif 173.231.180.197
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: ams-delivery-4.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Wed, 25 Oct 2023 17:54:05 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-1

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame B09C 43 B
369 B 81ms
30ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Wed, 25 Oct 2023 17:54:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame E215
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8636055607584228182

42 B
275 B

41ms
40ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8636055607584228182
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8636055607584228182
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame E614
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433830614261762

42 B
195 B

43ms
43ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433830614261762
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Wed, 25 Oct 2023 17:54:05 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433830614261762
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 3889 43 B
276 B 217ms
98ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Wed, 25 Oct 2023 17:54:05 GMT
Vary: Accept-Encoding
X-adserver-worker: molok-e280fd97d510@version_1.574
X-core-time: 0ms
X-server-arch: v2

GET pubmatic
ad.mrtnsvr.com/sync/ Frame D406 0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 788C
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%25...
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%25...
https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=10a33b08d737494a0a4e9cf7a3518859&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhjRUUghhSYMXahUR&gdpr=0&gdpr_consent=

42 B
202 B

41ms
41ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhjRUUghhSYMXahUR&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhjRUUghhSYMXahUR&gdpr=0&gdpr_consent=

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 8333 0
0

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 33CE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
459 B

199ms
189ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 81bc52a2fb0b1e62-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:06 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 81bc52a1b8da1e62-FRA
content-type: text/html
date: Wed, 25 Oct 2023 17:54:05 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 1131

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 52A3 0
0 83ms
25ms Document
text/plain 23.88.86.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.86.88.23.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Wed, 25 Oct 2023 17:54:05 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame FC97
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76E01BE1BC8945DE89BBB47B76087565&gdpr=0&gdpr_consent=

1 B
53 B

48ms
48ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76E01BE1BC8945DE89BBB47B76087565&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 25 Oct 2023 17:54:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Wed, 25 Oct 2023 17:54:05 GMT
expires: Tue, 24 Oct 2023 17:54:05 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76E01BE1BC8945DE89BBB47B76087565&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5675
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1698256445773
https://ad.turn.com/r/cs?pid=45&rndcb=7879131548
https://sync.1rx.io/usersync/turn/8332522906806736800?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-98fae61b-ad98-4f78-aac5-b429cabbe658-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-98fae61b-ad98-4f78-aac5-b429cabbe658-003

42 B
335 B

48ms
47ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-98fae61b-ad98-4f78-aac5-b429cabbe658-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-type: text/html
date: Wed, 25 Oct 2023 17:54:05 GMT
etag: RX98fae61bad984f78aac5b429cabbe658003
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-98fae61b-ad98-4f78-aac5-b429cabbe658-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 1F45 95 B
439 B 94ms
41ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=465EFA93-E986-48DD-A278-4B4158DC34D7

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 81bc52a1ad424dcc-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 1F45
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=465EFA93-E986-48DD-A278-4B4158DC34D7&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=465EFA93-E986-48DD-A278-4B4158DC34D7&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

40ms
40ms

Image
image/gif

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=465EFA93-E986-48DD-A278-4B4158DC34D7&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:18 GMT
frontend-id: 9
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:18 GMT
frontend-id: 7
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=465EFA93-E986-48DD-A278-4B4158DC34D7&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 1F45
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=465EFA93-E986-48DD-A278-4B4158DC34D7&gdpr=0&gdpr_consent=
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=2371f275e472fb8663a282e3ada4aa72&gdpr=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
148 B

50ms
50ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:06 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1F45
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1e5678cc-1e37-4593-b7dd-43c64f21ce0a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

47ms
47ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1e5678cc-1e37-4593-b7dd-43c64f21ce0a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:05 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1e5678cc-1e37-4593-b7dd-43c64f21ce0a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Wed, 25 Oct 2023 17:54:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1F45
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=96348530435044245

42 B
95 B

47ms
47ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=96348530435044245
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 25 Oct 2023 17:54:04 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 17:54:05 GMT
an-x-request-uuid: 279bb64d-8cc4-4002-92cb-1c3a136262ab
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=96348530435044245
x-proxy-origin: 217.114.218.22; 217.114.218.22; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 1F45 0
129 B 42ms
42ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156743&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 17:54:05 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
816 B 74ms
74ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=466&height=262&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1698256447961&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1562&pt=-1797374274&tz=120&viewable=true&ddast=V8E6MCLAao_oKGqop3IBFQ_QUNVRXvQCoAAABgYED8AAnMDIPNYmRxi3aTxVq0cE3WysVi5VasFhuLY-FcDEa7ISCBmWGwWYwsbtFusliLFq7JWrlYrNyK1WJjcSyci8FoNwUbxPJ8TX_DQcMwvXx-y_MgKrreFrvDafa8wQaaTofPda8XOs1On9F01zoMf7_XrvG7_XIAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABSHBXe6TC675_Ry2v0BAAAAAAQAAAAACQCCqakSADIQEyf-_________2MM0GfeyPj___-_YdAD4MEHwIMQAACAjyETkWGWXT-xOEQKaIswAgAAAJAtp21xZJJOULGo8v__328F4AoAQMDiGb50UBbdQYm3MAAAAABjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAjbgBAHgjACfoELRiMFidhFgMhpPZYrGYHQAAAIA7_____3pAajIyLGamwXI3WQ1WK8fMs1nNnJuNZTGzTJablfeguX_As7hYa_TZIJbna_obDhqG6eXzW54HUdH1ttgdTrPnfiZsMVpNJpvlcLZcTAbD0XA02p-BWAwHaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZjNNplsDLO1brQxrEUj32Yt3IyMa9VkNHMsfIuRxWVYi14f08czGVkszi0SDLDYi-RpkU5kg9nGtFuZnBvDxDgZrnar0cg2WllGE9_EsTIsJmKJ5mSRTmSXfWsyMixmpsFyN1kNVivHzLNZzZybjWUxs0yWm5W_ZrNNJhvDbK0bbQxr0ci3WQs3I-NaNRnNHAvfYmRxGdai18f08UxGFotz35gth5PVbDRa7Buz5XCymo1Gi32HzvBdfc5Gz2Hn8Zicrmm3lqw5DQqXweL9SUyLaXd2EJ18R6fKIV0WdUa_3-_3-_1-v9_vN2g9B7NB4Vv_pFZhdXe0NnaXg9hgUMQSwUU60ToMf7_XIpYoTRfpRC8RSwSni3SicZhePr_leVH_kYMsdnPFYjSXLIZzyWSVAAAAAAAAAAAswTTTTQAAAACcDGS4Ge1W63Qwk-FguVgtF0BEZKCun-NqoSDKZ-dd-mVlnJBB8vPFGnvMYB2Gv99rZQARm9nMNvuMINZqtawBAAAIYAMAAAjgphtvAsiiuP____9xAAAAZOTQAwAAEN8HBFUr_MiFYs-PIIez0f4BqBBrtVrdbqzVagUsuNlyNpjA____fw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3280915&dpubid=283475&abtst=adxsub-out_vA!adxsub-out_vB!t120!ufm_vA!uftchrwf_vC!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fhilight.kapook.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f744fb574931ce89a4fc3f50ac57af0b322583cedeb1e1fbc466fac791c6ddce

Request headers

Referer: https://hilight.kapook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 25 Oct 2023 17:54:08 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1428
x-cache: MISS
x-served-by: cache-fra-eddf8230097-FRA
pragma: no-cache
server: nginx
x-timer: S1698256448.971181,VS0,VE49
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Domain: ad.mrtnsvr.com
URL: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

328 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

109 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hilight.kapook.com/	1970-01-20 16:27:28	Name: _pbjs_userid_consent_data Value: 3524755945110770
.kapook.com/	1970-01-21 01:20:16	Name: _ga_DBZBLF8EQ4 Value: GS1.1.1698256441.1.0.1698256441.60.0.0
.kapook.com/	1970-01-21 01:20:16	Name: _ga Value: GA1.2.428817778.1698256442
.kapook.com/	1970-01-20 15:45:42	Name: _gid Value: GA1.2.1046270016.1698256442
.kapook.com/	1970-01-20 15:44:16	Name: _gat_gtag_UA_36103152_15 Value: 1
.kapook.com/	1970-01-20 16:27:28	Name: minUnifiedSessionToken10 Value: %7B%22sessionId%22%3A%224f2ddbf510-0189a3fd1d-094db11f0f-c7788d95bd-7044c0744b%22%2C%22uid%22%3A%225e4a832044-3e3f744a39-d11776ba6d-bf28b2d3c5-4526f4d113%22%2C%22__sidts__%22%3A1698256441993%2C%22__uidts__%22%3A1698256441993%7D
hilight.kapook.com/	1970-01-21 00:29:52	Name: minVersion Value: {"experiment":1933763344,"minFlavor":"Kapook Prodmi-scraper-1.17.1.09.js100"}
hilight.kapook.com/	1970-01-21 00:29:52	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Dff622c06-74c0-4d73-83d8-524f1a71dbe0-tuctc32dbb9
.kapook.com/	1970-01-20 15:44:16	Name: lotame_domain_check Value: kapook.com
.criteo.com/	1970-01-21 01:05:52	Name: uid Value: db73702f-34e0-4a35-95ec-897b7a864e8a
.openx.net/	1970-01-21 00:29:52	Name: i Value: ad890dbe-511b-4411-a130-f620dfd12bff\|1698256442
.kapook.com/	1970-01-21 01:05:52	Name: cto_bundle Value: Tw9p6l96ZEJBOWlpMHFYSmw0YUVnWXdycXM1N2lyUDlCU1U5TDVveGlIeCUyRlVFUU0yN1kzSWd3bzA1WU1QVHJGJTJCdnRuZUNjNlpHNXc1SHJpRGUwbXlqTTU1SnhwYXQwUjZaSiUyQjlMTTNPYU82TEJ6UkxwQ09odWJSRiUyQmRuTXJQZlc5ODA3OThXNkxQcjZLTkZBMjglMkJiWWdTMGJBJTNEJTNE
.kapook.com/	1969-12-31 23:59:59	Name: _cbclose Value: 1
.kapook.com/	1969-12-31 23:59:59	Name: _cbclose53935 Value: 1
.kapook.com/	1970-01-21 00:29:52	Name: _uid53935 Value: FDDE4E21.1
.kapook.com/	1970-01-20 15:44:17	Name: _ctout53935 Value: 1
hilight.kapook.com/	1969-12-31 23:59:59	Name: verify Value: test
.pubmatic.com/	1970-01-21 00:29:52	Name: KADUSERCOOKIE Value: 465EFA93-E986-48DD-A278-4B4158DC34D7
.quantserve.com/	1970-01-20 17:53:52	Name: d Value: EMgBCwGiKvijAA
.quantserve.com/	1970-01-21 01:14:30	Name: mc Value: 6539563a-a8b5c-7f949-74d51
.adfarm1.adition.com/	1970-01-20 17:53:52	Name: UserID1 Value: 7293955878632290450
.bidswitch.net/	1970-01-21 00:29:52	Name: tuuid Value: e39fcbde-0589-4dab-b031-11b646cf44fe
.bidswitch.net/	1970-01-21 00:29:52	Name: c Value: 1698256442
.bidswitch.net/	1970-01-21 00:29:52	Name: tuuid_lu Value: 1698256442
.weborama.fr/	1970-01-21 01:10:11	Name: AFFICHE_W Value: Vm82gT0nANpW73
.simpli.fi/	1970-01-21 00:31:18	Name: suid Value: 76E01BE1BC8945DE89BBB47B76087565
.adnxs.com/	1970-01-20 17:53:52	Name: uuid2 Value: 96348530435044245
.adform.net/	1970-01-20 16:28:54	Name: C Value: 1
.adform.net/	1970-01-20 17:10:40	Name: uid Value: 3761134116907227511
.doubleclick.net/	1970-01-21 01:05:52	Name: IDE Value: AHWqTUlav5eRaSAHW-JH1wkWx4ShreA_xhK6lv5Oq4cWqCl-7k1RrGvwwMHQI94VjWE
.everesttech.net/	1970-01-21 00:29:52	Name: everest_g_v2 Value: g_surferid~ZTlWOgAad7O0CAA_
.rqtrk.eu/	1970-01-20 15:54:21	Name: browser_id Value: 1:50f637c9-b365-4b7b-bac1-e58de7d91433
.pubmatic.com/	1970-01-20 17:53:52	Name: KRTBCOOKIE_153 Value: 1923-kAM8vZMAPOWLVzfmk1Uis8APO72LATvgkwci16-w&KRTB&19420-kAM8vZMAPOWLVzfmk1Uis8APO72LATvgkwci16-w&KRTB&22979-kAM8vZMAPOWLVzfmk1Uis8APO72LATvgkwci16-w&KRTB&23403-kAM8vZMAPOWLVzfmk1Uis8APO72LATvgkwci16-w
.pubmatic.com/	1970-01-20 17:53:52	Name: KRTBCOOKIE_80 Value: 22987-CAESEGWTu-_dff0uhGbrttr8l8I&KRTB&23025-CAESEGWTu-_dff0uhGbrttr8l8I&KRTB&23386-CAESEGWTu-_dff0uhGbrttr8l8I
.pubmatic.com/	1970-01-20 16:27:28	Name: KRTBCOOKIE_1101 Value: 23040-7293955878632290450&KRTB&23369-7293955878632290450
.pubmatic.com/	1970-01-20 16:27:28	Name: KRTBCOOKIE_391 Value: 22924-3761134116907227511&KRTB&23263-3761134116907227511&KRTB&23481-3761134116907227511
.pubmatic.com/	1970-01-20 17:53:52	Name: KRTBCOOKIE_57 Value: 22776-96348530435044245&KRTB&23339-96348530435044245
.pubmatic.com/	1970-01-20 17:53:52	Name: KRTBCOOKIE_466 Value: 16530-e39fcbde-0589-4dab-b031-11b646cf44fe
.turn.com/	1970-01-20 20:03:28	Name: uid Value: 8332522906806736800
.bidr.io/	1970-01-21 01:12:50	Name: bito Value: AAFYDU7KcqwAABu2YXgFlA
.bidr.io/	1970-01-21 01:12:50	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-20 16:27:28	Name: KRTBCOOKIE_22 Value: 14911-8332522906806736800&KRTB&23150-8332522906806736800&KRTB&23527-8332522906806736800
.amazon-adsystem.com/	1970-01-20 21:44:16	Name: ad-id Value: AyuS6oSLZU6FtazXD1inMI0
.amazon-adsystem.com/	1970-01-21 01:20:16	Name: ad-privacy Value: 0
.doubleclick.net/	1970-01-20 15:44:17	Name: test_cookie Value: CheckForPermission
.kapook.com/	1970-01-21 01:05:52	Name: __gads Value: ID=229092b5e5c8c65e:T=1698256442:RT=1698256442:S=ALNI_MYpqKZx49H5ym1dXc9ccYeoj-CwhQ
.kapook.com/	1970-01-21 01:05:52	Name: __gpi Value: UID=00000ca416e80b69:T=1698256442:RT=1698256442:S=ALNI_MY-LY6xZJ2M5tUAcamVETXwjLBPUg
.kapook.com/	1970-01-21 01:20:16	Name: ka_iid Value: AFksa1RPKaRA5aA3EMt25n
.kapook.com/	1970-01-20 15:44:18	Name: ka_sid Value: HMxQuSVfuUnYdDX4e1jMxw
sync.srv.stackadapt.com/	1970-01-21 00:29:52	Name: sa-user-id Value: s%3A0-8cf540b6-ec41-5ea7-60bf-b47e216d658a.N9kKVSvaQWLrLvdCk5Pg5d7xKF97d2UZ6ZyX8ZgmO60
.srv.stackadapt.com/	1970-01-21 00:29:52	Name: sa-user-id Value: s%3A0-8cf540b6-ec41-5ea7-60bf-b47e216d658a.N9kKVSvaQWLrLvdCk5Pg5d7xKF97d2UZ6ZyX8ZgmO60
sync.srv.stackadapt.com/	1970-01-21 00:29:52	Name: sa-user-id-v2 Value: s%3AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%2BjWvDZvNRXCZ5ROl3S8
.srv.stackadapt.com/	1970-01-21 00:29:52	Name: sa-user-id-v2 Value: s%3AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%2BjWvDZvNRXCZ5ROl3S8
sync.srv.stackadapt.com/	1970-01-21 00:29:52	Name: sa-user-id-v3 Value: s%3AAQAKIFucj13AgAf0uFIkoyap2h1nTfEJV6lZguIF-XNcZQ-oEHwYBCC7rOWpBjABOgSSgrqOQgRxMzpm.mxFNQ2ahPzruYxDq1u%2BVCRaSxsLKWnwmC6uHdaAQrP8
.srv.stackadapt.com/	1970-01-21 00:29:52	Name: sa-user-id-v3 Value: s%3AAQAKIFucj13AgAf0uFIkoyap2h1nTfEJV6lZguIF-XNcZQ-oEHwYBCC7rOWpBjABOgSSgrqOQgRxMzpm.mxFNQ2ahPzruYxDq1u%2BVCRaSxsLKWnwmC6uHdaAQrP8
.smartadserver.com/	1970-01-21 01:15:57	Name: pid Value: 137546542916555425
.smartadserver.com/	1970-01-21 01:15:57	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 00:31:18	Name: csync Value: 127:AAFYDU7KcqwAABu2YXgFlA
.hilight.kapook.com/	1970-01-20 15:45:42	Name: freq.5f73e63e47e7040e00000000 Value: 1
.audrte.com/	1970-01-20 16:05:52	Name: arcki2 Value: eciBG360MW1RHqe4ftKTqv5rA!20220908!1698256443101!ip#217.114.218.22
.audrte.com/	1970-01-20 16:05:52	Name: arcki2_pubmatic Value: 465EFA93-E986-48DD-A278-4B4158DC34D7!20220908!1698256443105
.pubmatic.com/	1970-01-20 17:53:52	Name: KRTBCOOKIE_860 Value: 16335-jPVAtuxBXqdgv7R-IW1litly2hY&KRTB&23334-jPVAtuxBXqdgv7R-IW1litly2hY&KRTB&23417-jPVAtuxBXqdgv7R-IW1litly2hY&KRTB&23426-jPVAtuxBXqdgv7R-IW1litly2hY
.doubleclick.net/	1970-01-20 15:44:20	Name: DSID Value: NO_DATA
.audrte.com/	1970-01-20 16:05:52	Name: arcki2_ddp2 Value: eciBG360MW1RHqe4ftKTqv5rA!20220908!1698256443309
.rubiconproject.com/	1970-01-21 00:29:52	Name: khaos Value: LO621E4N-D-H0TL
.rubiconproject.com/	1970-01-21 00:29:52	Name: audit Value: 1\|naVuGyos1qo1L9QJmGjAgLU1ZxogGjlwOA+xFj1I9sfQKCb/4IkTDknvy9dKkmsncvt/PmhK2LUZmJrm+KgYPfPzJ6cr+j5/FphijSWpBu3EyVNLdBbxACKPLRELhl3x0A+VO7RH1E0=
.audrte.com/	1970-01-20 16:05:52	Name: arcki2_adform Value: 3761134116907227511!20220908!1698256443499
.innity.com/	1970-01-21 01:20:16	Name: iUUID Value: 9d4ef515fcbf16ddc389b7d7f24ae5b3
.kapook.com/	1970-01-21 01:20:16	Name: iUUID Value: 9d4ef515fcbf16ddc389b7d7f24ae5b3
.kapook.com/	1970-01-20 15:44:18	Name: innity.dmp.143.sess Value: 1.1698256443899.1698256443899.1698256443899
.kapook.com/	1970-01-20 15:44:18	Name: innity.dmp.143.sess.id Value: 15063614.143.1698256443899
.kapook.com/	1970-01-20 15:45:42	Name: innity.dmp.cks.innity Value: 1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 6d38ca384a5b7df6
.pubmatic.com/	1970-01-20 17:53:52	Name: KRTBCOOKIE_699 Value: 22727-AAFYDU7KcqwAABu2YXgFlA
hilight.kapook.com/	1970-01-20 15:44:20	Name: _lr_retry_request Value: true
hilight.kapook.com/	1970-01-20 16:27:28	Name: _lr_env_src_ats Value: false
avd.innity.com/	1970-01-20 15:45:42	Name: geo Value: EU%3BGermany%3BDE%3B%3B%3B
hilight.kapook.com/	1970-01-20 17:10:40	Name: pubmatic-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-25T17%3A54%3A04%22%7D
.googleadservices.com/	1970-01-20 17:53:52	Name: ar_debug Value: 1
.pubmatic.com/	1970-01-20 17:53:52	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-20 15:45:42	Name: pi Value: 156743:4
.pubmatic.com/	1970-01-20 17:53:52	Name: DPSync3 Value: 1699401600%3A219_197_235_201_245_241_227_226
.pubmatic.com/	1970-01-20 17:53:52	Name: SyncRTB3 Value: 1698796800%3A223_15_2%7C1700784000%3A203%7C1699488000%3A35%7C1703376000%3A69%7C1699401600%3A220_55_254_204_99_233_238_249_243_46_88_165_214_176_21_54_22_196_251_81_13_56_264_3_71_8_161_234_166%7C1699056000%3A63
.ctnsnet.com/	1970-01-21 00:29:52	Name: cid_1b02df1957df41a1991e0d788b59c943 Value: 1
ads.playground.xyz/	1970-01-20 15:53:47	Name: connect.sid Value: s%3A7OlxS30pett21ApW2LbafCtradqitpQU.02aFkJyWO5a3kLu0xOJVWO9Oqk9IjYJSeoaISeOVaKA
.adx.opera.com/	1970-01-21 00:29:52	Name: UID Value: OPU6aadb3c2ced24d7da5d5e49ca4d5adf6
.zeotap.com/	1970-01-21 00:29:52	Name: zc Value: e673af4c-7851-431b-67fa-7bba2c425b3b
.adsby.bidtheatre.com/	1970-01-20 15:54:21	Name: __kuid Value: 1e5678cc-1e37-4593-b7dd-43c64f21ce0a.467470445
.de17a.com/	1970-01-21 00:22:40	Name: guid Value: 1.8636055607584228182
.pubmatic.com/	1970-01-20 16:27:28	Name: KRTBCOOKIE_1323 Value: 23480-OPU6aadb3c2ced24d7da5d5e49ca4d5adf6&KRTB&23485-OPU6aadb3c2ced24d7da5d5e49ca4d5adf6&KRTB&23524-OPU6aadb3c2ced24d7da5d5e49ca4d5adf6
.semasio.net/	1970-01-21 00:29:52	Name: SEUNCY Value: 991897A4D0A89E03
.onaudience.com/	1970-01-20 15:45:42	Name: done_redirects161 Value: 1
.pubmatic.com/	1970-01-20 16:27:28	Name: KRTBCOOKIE_336 Value: 5844-8636055607584228182
.rfihub.com/	1970-01-21 01:05:52	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjAzNDEyMzQ3MxLiM9RNic8tSrEwzKr0jjIGAEUH4BUlAAAA
.rfihub.com/	1970-01-21 01:05:52	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmlhZGpmYmJqYWIOABLpDuIQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjAzNDEyMzQ3MxLiM9RNic8tSrEwzKr0jjIGAEUH4BUlAAAA
.1rx.io/	1970-01-21 00:29:52	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-98fae61b-ad98-4f78-aac5-b429cabbe658-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/	1970-01-20 17:53:52	Name: KRTBCOOKIE_18 Value: 22947-5107433830614261762
.targeting.unrulymedia.com/	1970-01-21 00:29:52	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-98fae61b-ad98-4f78-aac5-b429cabbe658-003%22%7D
.onaudience.com/	1970-01-21 00:29:52	Name: cookie Value: 5e292a2a40dd4f39
.pubmatic.com/	1970-01-20 17:53:52	Name: KRTBCOOKIE_594 Value: 17105-RX-98fae61b-ad98-4f78-aac5-b429cabbe658-003&KRTB&17107-RX-98fae61b-ad98-4f78-aac5-b429cabbe658-003
.tribalfusion.com/	1970-01-20 17:53:52	Name: ANON_ID Value: ajntXLOleq9PZabpryMqnx04N2Kq6JZabmWmMV9fQl5kAZcWvecsFoDTWZa69vQfTjIM8jgSB2NlZabtU3SXSSj0kjYZbQZa7lZb
.exelator.com/	1970-01-20 18:37:04	Name: EE Value: "2371f275e472fb8663a282e3ada4aa72"
.exelator.com/	1970-01-20 18:37:04	Name: ud Value: "eJxrXxzq6XKLQcHI2NwwzcjcNNXE3CgtycLMzDjRyMIo1TgxJdEkMdHcaHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQYkl%252BUWb6IhfXxUUpaQyLSopPBR%252Fd%252FAcAio0q1w%253D%253D"
.pubmatic.com/	1970-01-20 16:27:28	Name: KRTBCOOKIE_409 Value: 22966-woK5xk2lhjRUUghhSYMXahUR
.pubmatic.com/	1970-01-20 17:53:52	Name: KRTBCOOKIE_945 Value: 19558-uid:
.pubmatic.com/	1970-01-20 16:27:28	Name: PugT Value: 1698256446
.onaudience.com/	1970-01-20 15:45:42	Name: done_redirects147 Value: 1
.pubmatic.com/	1970-01-20 16:27:28	Name: SPugT Value: 1698256445

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ads.adnuntius.delivery/i?tzo=-120&format=json Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=465EFA93-E986-48DD-A278-4B4158DC34D7&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s359.kapook.com/config-desktop/300a661f-204d-4313-811a-e9c063b70101.jpg Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://hilight.kapook.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://hilight.kapook.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

06c6217e13956d1fa071aface36b28e6.safeframe.googlesyndication.com
50ab858cbc4e43888d2f594864b8732f.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ads.adnuntius.delivery
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api-center.kapook.com
api.rlcdn.com
apv-launcher.minute.ly
assets.thaibuffer.com
avd.innity.com
avd.innity.net
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
bh.contextweb.com
c1.adform.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdn.thelead.tech
cds.taboola.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.thelead.tech
core.iprom.net
counter.snackly.co
cr.frontend.weborama.fr
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
hilight.kapook.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.taboola.com
imprammp.taboola.com
ipac.ctnsnet.com
lb.eu-1-id5-sync.com
loada.exelator.com
lvs.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
my.kapook.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pm-widget.taboola.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.tribalfusion.com
s359.kapook.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
smarttag.rubiconproject.com
snippet.minute.ly
ssl-avd.innity.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
t.pubmatic.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kapook.com
x.bidswitch.net
ad.mrtnsvr.com
api.rlcdn.com
cm-supply-web.gammaplatform.com
csync.loopme.me
119.81.216.16
141.226.224.32
141.226.228.48
141.94.171.213
141.94.240.143
141.95.32.73
142.250.184.194
142.250.186.66
15.235.15.221
151.101.1.44
151.101.130.49
151.101.193.44
162.19.138.117
162.19.138.120
172.67.212.231
173.231.180.197
178.250.1.9
185.64.189.112
185.64.190.78
185.64.190.82
185.64.191.210
185.86.138.150
193.0.160.130
195.5.165.20
198.47.127.20
198.47.127.205
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
202.183.165.226
202.183.165.228
202.183.165.49
203.150.107.177
205.185.216.42
208.93.169.131
213.155.156.166
23.201.255.110
23.206.23.61
23.213.164.238
23.52.120.246
23.88.86.2
2600:9000:2127:ea00:a:e047:753:6381
2602:803:c003:200::27
2602:803:c003:200::51
2606:4700:10::6816:1957
2606:4700:10::ac43:1b1a
2606:4700:10::ac43:266a
2606:4700:20::681a:ada
2606:4700::6810:5514
2606:4700::6812:19ad
2620:116:800d:21:93ca:31d8:d86e:38f6
27.254.43.243
27.254.43.250
2a00:1450:4001:800::200e
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:400c:c04::9d
2a02:2638:3::3
2a02:2638:3::c
2a02:fa8:8806:20::2040
2a05:d018:d29:3605:290e:3f93:cc5a:81f7
2a06:98c1:3121::3
3.75.62.37
34.102.146.192
34.102.253.54
34.111.129.221
34.111.131.239
34.120.135.53
34.254.143.3
34.98.64.218
35.186.193.173
35.204.74.118
35.71.131.137
37.157.5.133
37.252.171.149
46.228.174.117
52.210.254.58
52.3.75.156
52.57.96.192
52.7.163.13
64.227.64.62
65.9.95.100
67.220.226.232
69.173.144.139
70.42.32.255
77.243.51.121
82.145.213.8
85.114.159.93
98.98.134.241
99.81.194.117
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
0201b03f38c596498518aae7680b92a206a13bb14de7aba507ef82779475aee6
03cc2e44145a52094edf5dd9b5519c4697fe918b1121c173875d45ba2272d18e
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
058988026c3e4408c3bd02318e75cd6a7c0b2961d729334a1fe4444630b9247a
06821251a29e71f8fd4f60349667c54d163b16d7bc8b1d47144c7f5042683eef
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
083c7d61156e60684c436e82f3d0b4315cc68412d9924f9e9f75de31e94d4a80
09907122ad156cd461fc782572267cb7a166328430ef9ecc5aae137badafa4b2
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0f65a5cdcbcb10bcfa6a55d67303cf621219652b659b83065147102c22de5af3
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
10926d9a7f404cdf5a2a3f718c92457edb1edcfc7b1a39cbadd49e98d50c6543
10a65cf4737a384ac6c95abc70b0628ee84b4650553009b9a874bc72408aa4eb
141581c0db576256035e904531c1079aef9402b3ef042eaf95069dc4f4e9b74c
173e2faa74cdc1e72b026704c917491fe3b47891ae62460bc75d1da8b4c254c3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18c32489ad4b5869d199970a70ada9cae17a82d7588f9f6145289cfe0087433f
18cda85e33d7db5e9729346cf2c018e9d810632d9e9d4de761dfb35b36ce3e60
1a0bd3effb0a89526d98aec6b5c0b635bdea305e46cea0fe767b451c458af9ed
1b746d3de79e1de3d5c6dd1377f91456dc95cbc30b0c752d71329ce165c89067
1c01c6e4102f57bf88bff2d9a53d97f4f4dca2dc87cd1489253a711e5a1b1c95
1c17bebf82591d40a0e8056c348811a61c63fb587e56cdb8dfbb7b0954ed6891
1d2a8c794add60a46cd6b6baccd0f696f532a5890f4ae056e77ea862782f3cd6
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
201690a6711de52aae1a39a5984c41f7d7ed033902f6d6ee07246e47184d66d7
20536cece2f587dfe9ccbc4977455328ef12aff9a338567bd28360e92e9e3ca7
21791dfaff28df4fbf2b1935f522bf65f395bd713b0cccf6f201378c0f7638c0
23434d0a4c8b9f6bc076f2c8c52bee7a43018e2c39121a37273af892424a61e2
237109949b73d2ee41a8d07042fc132ef14bcb34f443374eb98622686f62ca9f
2384654f562ac3ca0469dad7c72e94f122cb2dbf6674a9e8bf491d683483fc70
261bb00bef911c5669e21d2eb97c372fa56ac5b0fd511886d7365980168e9481
27cccbf9ebf3d40c6f0e333a63884e8970b1ad2d87b45665cdba5bc299895fff
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2c7b909e5a483cb1465338807dffaf7c13992ad06270711408f362e976077c3f
2cd3d71878e5cf98e359e9f07c7f06f9accb6f0d35fd66affb8b2ae869ebe647
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
353e3170b8f376e1430088e3b54259598a42b38e021cccda5e8f9eaacff690c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3848dfd392dd2cfe0bb713671d1f088629a79886ee49db978940fb39ddb1cf0d
3dca91b6994de65daf676260fcc25918237ca98513ccf3a4485fe5d6d11be620
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41906167d7cc5faa9db19f04286b46893218b792dc89d257f4ce1f483e1f6988
41fb2af396010bf8caf24206fae2441d39e692c4da4641d58ce6dcf68fa8de16
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
44f220214074809830e5330b821917c0e5b41711a41cca7601a2abaee35116b6
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47fd2d89da6d57a193dcdfde77680f8b0511740db8df42efe176f7683e835e8b
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48bf10bb447a208e63c9b540c1cb449c75118a5c3f8b9161dcfa80959de90133
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54822c5709873bcf9afc8091b8441dee5f4acc246672adc5c720899a6fc21f32
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
591e83b3346c9a91bb0ac1c9c658fae064d1b61e238b2efb2f213215323a9882
5935e935f47c9ec067703d2b6b2646bd867151fc10fadad09664dbe09467ce9d
59ce937613311d1ed6f8b028b62172ac1090a451188e0dfcb48d00e65152a5ba
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5a298162070e6c98a3babbbacfb38fb188d1ea28e7f14c61524426b4414f2cba
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8175ec4b5efd3334de676f6bed2c98df5d28512e4aa16d3ab3073ef591b373
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
613d3c9b1ae664647fc29af09983332254942b09d13dbc83eb8918e70843c639
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
648d6787c25b09debbb63f2b318315d57aa7fe1588c2cf11892f512f77fa17f3
648f4dfc463bc2e7bec6650c4b8ab903e9c783aefe939fbee276482f36568898
6501f17d0120035bb709b4bb2e848af8bf31f4b9ec55834387015602daadb02c
6d7cb0a6ec25b60b910f5b75e5d1a0c962229918f0ee47e40d05bc997bbe999b
7080dbe2176411becb632099f93a29afccfdfd5b59e25193034d34f84b593f93
72b8ca564049e15f7ab62c0adfeaca7785dc44c82b3dd33b4798b1d8af096348
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
760ab9911c00c318c2ccfa343765c3c40fe4fd218137dc639cff9aacec12f8f2
784e0a1edee1510280afdd52a2cb5eab405d9ac5d0da9e717199d80d4f27dc3f
7b725ae865db1ff6a60a6dc326de6c6689138e473de067d5309b8562ed8addc6
7c56eaccdfaf45898b493d44f6063c20f365137a89bc2a883f2b7a53a3f5ea2d
7ddc1e3fb109cfe38074692f01c266dbec4d235e820729e492a39f3390f118b8
7e7012efa0af8bf17beab66d49a5b415997513029adb96b85e5fcc5f17849d20
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8819b0d3268b13f643a92860ff6db03177c44398768eddae4c7572187dfcd480
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
8b2378d61c74bed3b4fd0e60f92e43a4139a9e99effd749d7043654b37c1385a
8c26760b7fc2580215a2d08c71e6ec5d97ec433cc36b2dba7be55883c3993a5f
8d6ddddc8f7b5330defd30f5a79cab52aa7a44b6e3016cabad679eb5352e975d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e02f8b007cd163f883dfcc333097df59ddfbfe23d25a1a7f1da36d30a8f17ea
93ab96b22c27e6580421cb451b79a05b8361e5542e5a1168549b8ab0c7aa3587
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94dbbf524205a3bc95b68260212087b64f446c6a9adba09afb677fd1d1e745e5
958be35b66c4d00f92930d924506c00a3f1833322f8efa247a2dbbce02bc8042
95a74a9016350ab24f2b6ac40278f84e06bbef33f491a5c77f3ccbd14b501bde
9761c6d4272f3fe604d3a23430afcd75ce94f04266264bac41f4aacc446087bd
97707ea3f73f231a87204527acb38ba3de793a8711839f731329ab27fd951c9a
98187c8f71e10f25e2a147adc03bdf9055da702c1105815f9510790138b9ddfb
986eddf3bb461b13713e17579cee26f67e96ce9ddca25a3937e621170c6c46ef
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c45c6581f154b44f31a426c185f9e63eca4a3bece818d4538e32eb6ad45078b
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
9dfde2ba9c506a2ff3279b128416b5c9b53f819ffffa56c0756d7619a74543fd
a03c4578f73d61ff2655eeb096a800f0bbd1da1a3477f7db4185fe2210740866
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a3670c271ac874378b66b8c9004ff1a56110f1e66392c3a01152cc59f4da006b
a4c9c1df9a78bc8fac7a55a7119a0cee68b65682971a7a6461abb2448df22e44
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a67b319836d86d61b5073a465f042bc9d0583ee4705bde230cf7e542c0ac8a38
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aaf3814524bd89364709ba29a2bfc51a8934b7e55b925b9d706d3c3ae9f9f53b
ac775a4dd063a646f735cc6babbac9ed5551eb6156d4fd85ff28e58cf6718f85
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acd402b993de0bd25db3fca4d682b1e94646aacdf0020e6f98f356682f0448d4
ae8cad9f0debe5c12426deb8ee5a0658c7d08cf5391f5b99c50f805ce027b12a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b15b14beac6ceca3552776e1d8b2e35b23cd3a8ece0393a7382bff97ab81c5
b5a3530e4b2177e1c71bbe14b92236b2fc7d1c8799108057e64890d936e431b2
b7c86fc6f094a3ff27e06a5ec3e25ba6ea7bb57ffe0c022a9a847f51d36f7fa1
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
bbacf79a0487b5ca46e1db609f45d1a0d99b0b72cf925a3a23b4ec365e382138
bd601594ae4bd70b922d9eb5d37562b60714a43b37327903c80b2eb5b9aa1799
bfd456d0c0c9d8a12b36f54e1883f7a80186d8792a50fadcb6872a2ae9dc8d38
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2af6e197da6339b0018c3522f839555fa8c22d5eab720d12fa5d24e90ba8ebd
c31d43c6a53bebc8ee3b306ef6c2e9c76ce1b9d0951eeab787df1178c9cb8feb
c56b5026c2b172d3dfdc83efa31cbc471f268414e9a5392a5623d57d7196518e
ca50f9583c90f44c8c676def234198e42c54cb00acf5a808915eae463a8155d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d982781caeacf01cd9b0ec341c0da72a535340d7d023f46d5f8ffc547c9774cb
dd2acb8cf7913dad687ccdbcd2bf8e31c52325928b5891ebe9246d46eddd45bd
ddc125b5294cfd30423e2edb5a632f00eac0127bfa0fcf9c78642f9b4fae1158
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5
df4faad6ed83b1fb8145d50b9de9d8e263728a911577d616a40397b0f3d9def3
dfcf458b30011a32f23756a0ea7319562728a39429ce0b32f95cef3a98a28104
e04dd8233ad67a3623183fc30675508241c56961555f40dd9aaf425df4129802
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8cd195956b18b2727fc256200bbaa521b2697a6c5d522647fc429f7f7b1a46a
eb00caeeb5864d2c296487be10f4254f93fb6b66653755703eedbeb3a75b12e6
ec88421507a6bb26e3e6c7c3a95759b4dc46311a64ef1dff0e94263e13fdf5d9
eda51ab7248feccf81e351757e504a158c1dd25a63c58304eb8111829ab438a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f191536821e73c14b5d46ae722b8c0acadd4db28476a0b4cf53c6bd78b344682
f35cdf752bf1ed2ce1878bed2d450b05937782bb67bb30ccfa58c9509aa9b50f
f56622c76c059eeabec9d658d37bb24e3d0037f268348d21b6f3ab9109b35c40
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f744fb574931ce89a4fc3f50ac57af0b322583cedeb1e1fbc466fac791c6ddce
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8f28263933a84466cc21cbf27d39d2aab3db9a6e447d0a9c07d56f75e568c5a
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

hilight.kapook.com Open in urlscan Pro 27.254.43.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

257 Requests

93 %HTTPS

31 %IPv6

73 Domains

123 Subdomains

76 IPs

14 Countries

2725 kBTransfer

8143 kBSize

109 Cookies

114 Outgoing links

Page URL History

Redirected requests

257 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hilight.kapook.com Open in urlscan Pro
27.254.43.243 Public Scan

Screenshot
Live screenshot

Full Image

257
Requests

93 %
HTTPS

31 %
IPv6

73
Domains

123
Subdomains

76
IPs

14
Countries

2725 kB
Transfer

8143 kB
Size

109
Cookies

257 HTTP transactions
3 data transactions