urlscan.io logo urlscan.io
SecurityTrails logo

travel.kapook.com Open in urlscan Pro
210.4.137.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://travel.kapook.com/
Effective URL: https://travel.kapook.com/
Submission: On November 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 77 IPs in 10 countries across 42 domains to perform 329 HTTP transactions. The main IP is 210.4.137.32, located in Chachoengsao, Thailand and belongs to INET-TH-AS Internet Thailand Company Limited, TH. The main domain is travel.kapook.com. The Cisco Umbrella rank of the primary domain is 651187.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 13th 2023. Valid for: a year.
This is the only time travel.kapook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 210.4.137.32 4618 (INET-TH-A...)
33 202.183.165.12 9891 (CSLOX-IDC...)
1 202.183.165.228 4750 (CSLOXINFO...)
1 202.183.165.170 4750 (CSLOXINFO...)
2 23.213.164.238 16625 (AKAMAI-AS)
3 23.45.238.46 16625 (AKAMAI-AS)
21 151.101.193.44 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 203.154.58.214 4618 (INET-TH-A...)
1 202.183.165.195 9891 (CSLOX-IDC...)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 22 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:401... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 205.185.216.10 20446 (STACKPATH...)
1 6 2a02:2638:3::c 44788 (ASN-CRITE...)
7 141.226.228.48 200478 (TABOOLA-AS)
2 151.101.129.44 54113 (FASTLY)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 104.21.79.241 13335 (CLOUDFLAR...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 65.9.66.97 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 119.81.216.16 36351 (SOFTLAYER)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 34.241.138.233 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
6 2a00:1450:400... 15169 (GOOGLE)
3 162.19.138.120 16276 (OVH)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 202.183.165.226 4750 (CSLOXINFO...)
1 18.195.18.229 16509 (AMAZON-02)
1 35.244.159.8 396982 (GOOGLE-CL...)
3 23.56.202.187 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
2 202.183.165.130 4750 (CSLOXINFO...)
3 2602:803:c003... 26667 (RUBICONPR...)
12 178.79.242.181 22822 (LLNW)
6 23.218.210.30 16625 (AKAMAI-AS)
3 2602:803:c003... 26667 (RUBICONPR...)
1 202.183.165.194 4750 (CSLOXINFO...)
3 69.173.144.139 26667 (RUBICONPR...)
28 2a00:1450:400... 15169 (GOOGLE)
10 27.254.43.250 9891 (CSLOX-IDC...)
37 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 142.250.184.194 15169 (GOOGLE)
1 52.48.43.143 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
3 4 172.217.18.98 15169 (GOOGLE)
3 5 172.64.151.101 13335 (CLOUDFLAR...)
3 4 185.89.210.180 29990 (ASN-APPNEX)
1 162.19.138.83 16276 (OVH)
4 202.183.165.44 9891 (CSLOX-IDC...)
1 2 18.203.173.246 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
3 142.250.186.66 15169 (GOOGLE)
4 2600:9000:223... 16509 (AMAZON-02)
5 2600:1f13:800... 16509 (AMAZON-02)
1 185.64.189.226 62713 (AS-PUBMATIC)
2 188.65.124.90 41690 (DAILYMOTI...)
3 2a00:1450:400... 15169 (GOOGLE)
5 178.79.242.16 22822 (LLNW)
6 188.65.124.59 41690 (DAILYMOTI...)
1 188.65.124.91 41690 (DAILYMOTI...)
1 188.65.124.66 41690 (DAILYMOTI...)
329 77
2    210.4.137.32 (Chachoengsao, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 210-4-137-32.inter.net.th
travel.kapook.com
33    202.183.165.12 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
PTR: p138-nasbkkST3.C.csloxinfo.net
my.kapook.com
www.kapook.com
1    202.183.165.228 (Thailand)

ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH)
PTR: p354-nasbkkST3.C.csloxinfo.net
cdn.thelead.tech
1    202.183.165.170 (Thailand)

ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH)
PTR: p296-nasbkkST3.C.csloxinfo.net
horoscope-preview.kapook.com
2    23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    23.45.238.46 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-238-46.deploy.static.akamaitechnologies.com
ssl-avd.innity.net
avd.innity.net
21    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
images.taboola.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    203.154.58.214 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-58-214.northern.inet.co.th
lvs.truehits.in.th
1    202.183.165.195 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
PTR: p321-nasbkkST3.C.csloxinfo.net
cacheportal.kapook.com
6    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.thaibuffer.com
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
22    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
9    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4016:80b::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
apv-launcher.minute.ly
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
7    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
pips.taboola.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    104.21.79.241 (None, )

ASN13335 (CLOUDFLARENET, US)
ads.adnuntius.delivery
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:7600:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    119.81.216.16 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 10.d8.5177.ip4.static.sl-reverse.com
avd.innity.com
1    2606:4700:20::681a:bda (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.minute.ly
1    34.241.138.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-138-233.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
6    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6ce14ed4a481a746b441d57ad249034d.safeframe.googlesyndication.com
baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
c3c654c49e520c851321dc55bd170e78.safeframe.googlesyndication.com
be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
3    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2606:4700:10::6816:49ae (United States)

ASN13335 (CLOUDFLARENET, US)
counter.snackly.co
1    202.183.165.226 (Thailand)

ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH)
PTR: p352-nasbkkST3.C.csloxinfo.net
connect.thelead.tech
1    18.195.18.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-18-229.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
1    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
3    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
5    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    202.183.165.130 (Thailand)

ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH)
PTR: p256-nasbkkST3.C.csloxinfo.net
api-center.kapook.com
3    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
smarttag.rubiconproject.com
12    178.79.242.181 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net
api.dmcdn.net
static1.dmcdn.net
s1.dmcdn.net
6    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    2602:803:c003:200::67 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    202.183.165.194 (Thailand)

ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH)
PTR: p320-nasbkkST3.C.csloxinfo.net
common-api.kapook.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
28    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    27.254.43.250 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
s359.kapook.com
37    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
1    52.48.43.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
5    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    202.183.165.44 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
PTR: p170-nasbkkST3.C.csloxinfo.net
videoupload.kapook.com
2    18.203.173.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-173-246.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
4    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
3    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2600:9000:223f:2a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
5    2600:1f13:800:7782:100a:68b6:1699:c2e6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
2    188.65.124.90 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com
www.dailymotion.com
3    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net
static1.dmcdn.net
vendorlist.dmcdn.net
6    188.65.124.59 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed2.dm.gg
pebed.dm-event.net
1    188.65.124.91 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: st.dc3.dailymotion.com
speedtest.dailymotion.com
1    188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com
dmxleo.dailymotion.com
Apex Domain
Subdomains		 Transfer
71 googlesyndication.com
6ce14ed4a481a746b441d57ad249034d.safeframe.googlesyndication.com
baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
c3c654c49e520c851321dc55bd170e78.safeframe.googlesyndication.com
be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
527 KB
54 kapook.com
travel.kapook.com — Cisco Umbrella Rank: 651187
my.kapook.com — Cisco Umbrella Rank: 150016
horoscope-preview.kapook.com
www.kapook.com — Cisco Umbrella Rank: 161923
cacheportal.kapook.com — Cisco Umbrella Rank: 188090
api-center.kapook.com — Cisco Umbrella Rank: 168774
common-api.kapook.com
s359.kapook.com — Cisco Umbrella Rank: 172677
videoupload.kapook.com
4 MB
35 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
812 KB
31 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
pm-widget.taboola.com — Cisco Umbrella Rank: 3595
trc.taboola.com — Cisco Umbrella Rank: 705
trc-events.taboola.com — Cisco Umbrella Rank: 2170
am-trc-events.taboola.com — Cisco Umbrella Rank: 16673
images.taboola.com — Cisco Umbrella Rank: 1923
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com — Cisco Umbrella Rank: 1933
358 KB
18 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2300
smarttag.rubiconproject.com — Cisco Umbrella Rank: 14536
eus.rubiconproject.com — Cisco Umbrella Rank: 602
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10151
token.rubiconproject.com — Cisco Umbrella Rank: 458
74 KB
17 dmcdn.net
api.dmcdn.net — Cisco Umbrella Rank: 85345
static1.dmcdn.net — Cisco Umbrella Rank: 8624
vendorlist.dmcdn.net — Cisco Umbrella Rank: 13037
s1.dmcdn.net — Cisco Umbrella Rank: 11609
825 KB
11 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 898
static.adsafeprotected.com — Cisco Umbrella Rank: 587
dt.adsafeprotected.com — Cisco Umbrella Rank: 570
114 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3040
3 KB
6 dm-event.net
pebed.dm-event.net — Cisco Umbrella Rank: 9164
2 KB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
121 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
8 KB
6 thaibuffer.com
assets.thaibuffer.com — Cisco Umbrella Rank: 177231
6 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
316 KB
5 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
image6.pubmatic.com — Cisco Umbrella Rank: 823
t.pubmatic.com — Cisco Umbrella Rank: 2736
130 KB
4 dailymotion.com
www.dailymotion.com — Cisco Umbrella Rank: 9701
speedtest.dailymotion.com — Cisco Umbrella Rank: 9958
dmxleo.dailymotion.com — Cisco Umbrella Rank: 9093
31 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
91 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
3 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
33 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 447
492 KB
3 gstatic.com
www.gstatic.com
32 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
675 B
3 innity.com
avd.innity.com — Cisco Umbrella Rank: 32529
2 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
id.crwdcntrl.net — Cisco Umbrella Rank: 2498
13 KB
3 innity.net
ssl-avd.innity.net — Cisco Umbrella Rank: 49439
avd.innity.net — Cisco Umbrella Rank: 45513
13 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 snackly.co
counter.snackly.co — Cisco Umbrella Rank: 6634
284 B
2 minute.ly
apv-launcher.minute.ly — Cisco Umbrella Rank: 6283
snippet.minute.ly — Cisco Umbrella Rank: 8683
39 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6862
515 B
2 truehits.in.th
lvs.truehits.in.th — Cisco Umbrella Rank: 49877
10 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 thelead.tech
cdn.thelead.tech — Cisco Umbrella Rank: 78583
connect.thelead.tech — Cisco Umbrella Rank: 78566
11 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
277 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
423 B
1 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1584
267 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
13 KB
1 adnuntius.delivery
ads.adnuntius.delivery — Cisco Umbrella Rank: 35716
720 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
94 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
329 42
Domain Requested by
37 tpc.googlesyndication.com securepubads.g.doubleclick.net
baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
travel.kapook.com
tpc.googlesyndication.com
be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
30 my.kapook.com travel.kapook.com
my.kapook.com
cacheportal.kapook.com
28 pagead2.googlesyndication.com securepubads.g.doubleclick.net
travel.kapook.com
tpc.googlesyndication.com
be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
22 securepubads.g.doubleclick.net 1 redirects travel.kapook.com
securepubads.g.doubleclick.net
smarttag.rubiconproject.com
www.googletagservices.com
13 static1.dmcdn.net www.dailymotion.com
10 s359.kapook.com travel.kapook.com
9 www.google.com 1 redirects travel.kapook.com
baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
tpc.googlesyndication.com
be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
9 cdn.taboola.com travel.kapook.com
cdn.taboola.com
8 images.taboola.com travel.kapook.com
6 pebed.dm-event.net www.dailymotion.com
static1.dmcdn.net
6 cdn.ampproject.org securepubads.g.doubleclick.net
6 eus.rubiconproject.com smarttag.rubiconproject.com
eus.rubiconproject.com
6 am-trc-events.taboola.com travel.kapook.com
cdn.taboola.com
6 assets.thaibuffer.com my.kapook.com
travel.kapook.com
5 dt.adsafeprotected.com be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.googletagservices.com securepubads.g.doubleclick.net
baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
5 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
ads.pubmatic.com
4 static.adsafeprotected.com be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
srcdoc
4 s0.2mdn.net travel.kapook.com
s0.2mdn.net
imasdk.googleapis.com
4 videoupload.kapook.com my.kapook.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 googleads.g.doubleclick.net baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
3 imasdk.googleapis.com www.dailymotion.com
static1.dmcdn.net
imasdk.googleapis.com
3 googleads4.g.doubleclick.net travel.kapook.com
3 www.gstatic.com baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
static1.dmcdn.net
www.gstatic.com
3 token.rubiconproject.com eus.rubiconproject.com
3 beacon-ams3.rubiconproject.com travel.kapook.com
3 smarttag.rubiconproject.com ads.rubiconproject.com
3 ads.rubiconproject.com securepubads.g.doubleclick.net
3 id5-sync.com cdn.id5-sync.com
ads.pubmatic.com
3 avd.innity.com avd.innity.net
travel.kapook.com
3 trc.taboola.com cdn.taboola.com
3 www.kapook.com travel.kapook.com
2 vendorlist.dmcdn.net static1.dmcdn.net
2 www.dailymotion.com api.dmcdn.net
www.dailymotion.com
2 fw.adsafeprotected.com 1 redirects travel.kapook.com
2 www.googleadservices.com travel.kapook.com
2 be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 api-center.kapook.com my.kapook.com
2 counter.snackly.co snippet.minute.ly
2 oajs.openx.net 1 redirects travel.kapook.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 www.google.de travel.kapook.com
2 avd.innity.net ssl-avd.innity.net
travel.kapook.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 lvs.truehits.in.th travel.kapook.com
2 www.google-analytics.com travel.kapook.com
www.google-analytics.com
2 ads.pubmatic.com travel.kapook.com
ads.pubmatic.com
2 travel.kapook.com 1 redirects
1 s1.dmcdn.net www.dailymotion.com
1 dmxleo.dailymotion.com static1.dmcdn.net
1 speedtest.dailymotion.com static1.dmcdn.net
1 t.pubmatic.com ads.pubmatic.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 lb.eu-1-id5-sync.com ads.pubmatic.com
1 match.adsrvr.org ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 c3c654c49e520c851321dc55bd170e78.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 common-api.kapook.com my.kapook.com
1 api.dmcdn.net cacheportal.kapook.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 bs.serving-sys.com travel.kapook.com
1 connect.thelead.tech cdn.thelead.tech
1 mug.criteo.com travel.kapook.com
1 image6.pubmatic.com ads.pubmatic.com
1 6ce14ed4a481a746b441d57ad249034d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 snippet.minute.ly apv-launcher.minute.ly
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 ads.adnuntius.delivery ads.pubmatic.com
1 hbopenbid.pubmatic.com ads.pubmatic.com
1 trc-events.taboola.com cdn.taboola.com
1 apv-launcher.minute.ly cdn.taboola.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 cacheportal.kapook.com travel.kapook.com
1 ssl-avd.innity.net my.kapook.com
1 horoscope-preview.kapook.com travel.kapook.com
1 cdn.thelead.tech travel.kapook.com
0 api.rlcdn.com Failed ads.pubmatic.com
329 89
Subject Issuer Validity Valid
*.kapook.com
Sectigo RSA Organization Validation Secure Server CA		 2023-09-13 -
2024-09-12		 a year crt.sh
cdn.thelead.tech
R3		 2023-09-15 -
2023-12-14		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.innity.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-24 -
2024-02-26		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
lvs.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2023-09-15 -
2024-10-14		 a year crt.sh
assets.thaibuffer.com
E1		 2023-10-15 -
2024-01-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.minute.ly
Sectigo RSA Organization Validation Secure Server CA		 2023-05-30 -
2024-05-18		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
adnuntius.delivery
E1		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-12-09		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.snackly.co
Sectigo RSA Organization Validation Secure Server CA		 2022-11-22 -
2023-12-23		 a year crt.sh
connect.thelead.tech
R3		 2023-09-15 -
2023-12-14		 3 months crt.sh
bs.serving-sys.com
Amazon RSA 2048 M02		 2023-03-11 -
2024-04-08		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.dmcdn.net
ZeroSSL RSA Domain Secure Site CA		 2023-09-12 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
www.dailymotion.com
ZeroSSL ECC Domain Secure Site CA		 2023-09-24 -
2023-12-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.dm-event.net
ZeroSSL RSA Domain Secure Site CA		 2023-10-17 -
2024-01-15		 3 months crt.sh
speedtest.dailymotion.com
ZeroSSL ECC Domain Secure Site CA		 2023-10-12 -
2024-01-10		 3 months crt.sh
dmxleo.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2023-10-27 -
2024-01-25		 3 months crt.sh

This page contains 37 frames:

Primary Page: https://travel.kapook.com/
Frame ID: 1DFF292FD236827C12B6E4950F4107CF
Requests: 127 HTTP requests in this frame

Frame: https://cacheportal.kapook.com/iframe_widget.php?portal=travel&portal_id=6&page=home
Frame ID: 946600722A6BA00CE503140A2C017A45
Requests: 15 HTTP requests in this frame

Frame: https://6ce14ed4a481a746b441d57ad249034d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 80071FB190929AF93F286FF9ED207E3E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Frame ID: F8244AF2E73BD3D2D8CEF0C7C2FA7741
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=travel.kapook.com
Frame ID: EC4E7B7CA48DFA65285C107529A8196B
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: E5ECAE895766DD998F981FC1D3BAE483
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvD36vX9s-oj1qehiBTE5DfGkzSu07wYaqfuQ0m1qzoNmPcY6lN1YZcUxxAeVN0u0kjvyJ9M0LilBu_qbdiE8CeV2-H1SR1dAo48Xk9AM5-m4m3tt19XJrquGCGvUsqtv6XxPnUczOIlPANxwEbd9YfuFrCmNFA3Dtvk6ZZZ3J6RnZVO8wUWXfc6tonpN0EpX-ODJWxQn7voWyIvf-wsZyFi1JKDDAzpCK0qkYTZqsrpkTQ0pXyQMpMqNaIAEacmcOq_zP-iTxrrqO9g9HxuOULEn_HUPMUNQpdSH142tK4cECT1LEgQprjGy6pIgQPW8M1RXA8HhCkQe6eArGJpnSO4EVBU7YYfrVxu1_XvEDqQlZWMDRjcS0zRNw_GMrNyIvb&sai=AMfl-YR2ZzBqbVs9VGggli-bhQ4Tcl3TCRYfJLEWHmsfVFCuRufLAbHEtLxWbrhzf2eIhA5_UPsRHFMfxlUvBnMkIxfxQVbQ0BViXSd62-XYI9PBtlfP1jQuVy0qslCU_ZroybhsuIs6C9ph_ELLyxyKkpQ&sig=Cg0ArKJSzB5Z7CAGeWcIEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 103C0B14675381AD0E3601DF77572F00
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_Tf_vw0879TsqvGRZZ2dq2z8EDdNZ2KqL4HsG0skFzc1zX3inYzedJcQ45NRpANkz3sQP923lzC7upRE7UuxlwPhBMjjSDn_3yecFc0vP_j1Zo5FInx0SkTvqP0wRdz6ekBNMx3qtq1iKmS08UcG1G3-uNZcUgYEr0oLKdlyy8QM39O8-id3-s_OgF_vgsXiQjdWcvECQqcJ7Ao4_tidmBDItqYb84A9p2-Gf3hf9753ivqYwHu_T_3En7JUL0mpWyyH0I9dNKTX3S1vasFhsRLp4dup20Fv6NTxvQD59qIXsetwXiROSSDCQfHSYR6_wZrvisqtvKAXjKtZ55Z9q5GHzpHMIzmK-K2K_c4yA6w&sai=AMfl-YTP1q__GAc--HyebhRyQ1m73dv8WWqXagZ_QjXFYPJ1_uPkaoJ0RhcvmZd5Ijb9dHZk5B0FNyipzM-JH0NgmehFj7OxHCC4Lcm1RC_CY2XZYNyDdZA4YH0igDov5uyuGOIcCJZSLamzggIDXTY8Apk&sig=Cg0ArKJSzLKmPviSp2W0EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 94580FF1FB4B8BF8000A2787023DACE1
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8Z_NTcCecZ4JY9Eoc7NY3aPh346KOh6cJziYkbjuDo5RLUGu5Q8z1lNUg7g7oU8dzPsPXo5QvUHLIKchCDMQz-8MMqo-oKSge-euArrvJodICcb0jxEN0OGKlrNMx8q80em-4Whg0_ydjtIC8Y22NBMN82BDXLklW2atL3m862rGH2OYgldfKN5K3aOZyyBRUIyxXMkOfKWXHJkSuDnGomLllXKw9dL7-BTBDyRokkhQadot5bcMuVqtgl8c5oieA27cgFrc34PvuN7qsIArervKC33sDUoZcJCcuK6oRoAEggSILUanEg1FQXGeGE8HniTf-a3Ar-JK2b1fjXwhwKFBtEAmjKZKe-HKHQfzeIg&sai=AMfl-YRBnIUGGbG6pVxa5coddAeDO-BbS4TESV-HXj2SyfcO76QgmqsKa2Xoyw7OnQbrSSK7icw7XLrAR0BVAzsiNjL8FH27yCb4lx8JKGbXSDZmhRbxlYhFJN_oZZCZM9-WgZdEEfEcf3LBTy_awvx1R7s&sig=Cg0ArKJSzDVsVO8aGcnHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6E806E9D73BE168F3DB5A12089192722
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: BB9343A3AAEAA418C2468F260BA7BD3E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 3F4D3F636A4CB9441E9B72298554407B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: F839BBEDCD038CD864A4C8D0EBC49F66
Requests: 3 HTTP requests in this frame

Frame: https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 95CD702A15C369F1C516A78AD9E35134
Requests: 1 HTTP requests in this frame

Frame: https://c3c654c49e520c851321dc55bd170e78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 123EA9C7DCC1DB026C49DD089144CF1E
Requests: 1 HTTP requests in this frame

Frame: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 94A1DF11BBFD25C11913AB915AF6B573
Requests: 1 HTTP requests in this frame

Frame: https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6169939860F4822BFD755D3B7604E626
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F0427D1B6E1224FBC1902915F8486891
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: CC1A91EE47A838086E47944A39873535
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF1FF8BCAC45C13582A62EE8D621BCBA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2841B779F2FBAFCDA36D4CCD1CCBCE3D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A12FDD144DEE874BB24C4A5A40A652C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F46DC05F6B9B71046AB5DBC889AC980E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1C2A7DC668C0D0B0DA54496BAF80CF68
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49595F84870F79FD56881CB61AFE6494
Requests: 2 HTTP requests in this frame

Frame: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4AB6111B773D8F1FF432DF91C8700D7F
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8YCX-wEwAQ&v=APEucNXY2HKWGwzK_Q5nCVMhQMIj42Ku6SEIcUg7l_OVuoiCBKRrhAH3ZEOa8nuL-IAegrcI2dPOz4WsLlkivHPC3wxeSb-F0CVJy2eU1so8Zc3jyTqageb_-WDrbjBE0dO-OrmcS5ZUDls-Q6oSWpAiDxvfGFzV08s-pMB5JRsVxsuLMjU22Fg
Frame ID: 4DF7006423DDC2F74C8ADA23F06EDEE9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: ABF22065E3A71B9BF441C7F83F7BD03F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 523D230A61886712691D48A7208E1515
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12615323307018942999/index.html?ev=01_250
Frame ID: 4784F4EE5DE771114799FEB71D248F3B
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 510F6C24107ED44E03B2B3D4F010B6FF
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_728x90.js
Frame ID: A257ACC33C4F9BD580BB910F83ACCEB3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 61A9658B13D03F57410566D082AC1B9D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E8B72E5C993AEF38003DF079F3EFC487
Requests: 2 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Frame ID: 9C5CBD3CA767B3A804737BB30C4B0DCE
Requests: 29 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 47E2C7B46DDC29CCB4D570E9984B3AFD
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Frame ID: AB1C036E07140778F0F71A42AA2C6CBD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 87C84235A18A34A12D25592CF3F63498
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

สถานที่ท่องเที่ยว ที่พัก โรงแรม ร้านอาหาร ร้านกาแฟ

Page URL History Show full URLs

  1. http://travel.kapook.com/ HTTP 301
    https://travel.kapook.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

329
Requests

97 %
HTTPS

37 %
IPv6

42
Domains

89
Subdomains

77
IPs

10
Countries

8186 kB
Transfer

17826 kB
Size

46
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://travel.kapook.com/ HTTP 301
    https://travel.kapook.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftravel.kapook.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftravel.kapook.com%2F&rid=esp&cc=1
Request Chain 76
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=kapook.com&sn=ChromeSyncframe&so=0&topUrl=travel.kapook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=khQm0XxlZUZMdGlRTUIwVVprd2RmaWFBTGVLNjF5blFOWmJwSTlWRG9XM2QzNU1MTEhNVDB5TGx2RlJSM1Q1clkyMHA3bUlwa1BkMTBiOUVMVDd6UjkyZWY4VThTMjJTekpRTHd5SjR6QkFtVWpVZXJLZlozUUNOTUJKd29WeGZVOVhBbHdUeW5mMTJHUmQ0VHNPTzg1bTM5UEtXY1c3bWdnTmZKODhrUDk3Wmk3SVdLS281UEEyVThWcU1XVi81cGFMdTVWMGdab0h2bFNnUjB3U0xUem1PcnNzS01zV1pjeWNCOUpHSVdwR1cyMHgrTTJKdEh5OTRGTk01NTl4cm5oTUJaSFY4aVRvazlBM1k3TkNCcjB3UHFEQT09fA&cppv=2
Request Chain 212
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 227
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=Cfk3F7AZRZculK_6K7_UPwtGKgASg86fmb_yXqtWwBtKAu_KRDhABIIOEsyhglYKAgMgHoAGXvd7HA8gBAakCQVRMzzHVXT7gAgCoAwHIA8MEqgSwAk_Q9UHIt9kAGcIJNL2hw-SdmU8sc8eV6y8i4V_sYfx_xf5J2uWyzmEhiE0Uvu3145qBpaoLA9l06LAu8WTx553xCdTq0EbaLsh-PAQWtDEhAoUlcUoykD_sqDnuJUwXrD7HVBEdeKoakhN5_Ma9lMX3GTbl73dE-jCFEjBwDIYoyX5qyqcVRipUI4fjuMNFUYxtbcKF9MXYjoWsuE32vyqp_7WDar9530kRD936tEZswGZBTjcDDzB3vfexi-bs4qVgaKFpheOEMkYOd1dN5Lf-Q5Fu9OGvT2tFWMFKBjyel2ec8ePcST8WMC8K5DmuLzo0IAdPzk-e1J2WOkSY9GIFugFfrLImykHTnPaMu8srr4B5AVJ2V_VE-jy8jKkeYNpeKxm-1vHbO56khOE1GKrABJGz6-5Q4AQBiAWpkuagAZIFBAgEGAGSBQQIBRgEoAZRgAfRwqE4qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQpuYM0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJI2h0dHA6Ly93d3cuc21pbGV3aWZpLmNvbS93aWZpLWphcGFugAoDyAsBogwMKgoKCOS0sQLutbEC4g0TCIG6pP_5voIDFX7FuwgdwqgCQNgTC4gUA9AVAZgWAYAXAbIXHgocCAASFHB1Yi0yMjUyMTY4NDE5MzA3ODgwGMvCEw&sigh=Pq6pcyDIi7I&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNgde_4caUXfm9Z3loCP-JtNP72FzoVqKDzxNGrxxJ1mE3rMgaS2_VyAFOXE7Aad62iamB2O99GAE&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226291937699058590959%22,%22debug_reporting%22:true,%22destination%22:%22https://smilewifi.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22955752087%22],%224%22:[%2211-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213255662454735961905%22}&andc=true
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0wBbB1e_L4m0tq6NFWPQE&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0wBbB1e_L4m0tq6NFWPQE&google_cver=1&C=1
Request Chain 241
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVEG7Z2-4AfEphrM19aufwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0wBbB1e_L4m0tq6NFWPQE&google_cver=1
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIc975AVqHcjpqfWrYkZPUY&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIc975AVqHcjpqfWrYkZPUY%26google_cver%3D1
Request Chain 243
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NzUzMjM4MzU3NjA3MDUyNA%3D%3D
Request Chain 273
  • https://fw.adsafeprotected.com/rfw/st/1704526/75903736/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014774340&ias_pubId=pub-3006603784355312&ias_chanId=1&ias_placementId=20650305072&bidurl=https://travel.kapook.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gXWpoZBU7FmQ3pfBpUAf8E&adContainerId=brand_safety_7QZRZf6fJ4fnx_AP0LywOA&cbFunctionName=goog_wrapCb_7QZRZf6fJ4fnx_AP0LywOA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Ftravel.kapook.com&adsafe_type=g&adsafe_url=https%3A%2F%2Ftravel.kapook.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fbe9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fbe9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:57d815b2-2156-cc8d-772d-d4f8d5c89a1f,c:tMhZYE,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-8ddb4989b-b7z2s,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:5,mot:0,app:0,maw:0,fm:tVpTmr9+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5*.1704526-75903736%7C1b51%7C1b52%7C1b53%7C1c1%7C1c2%7C1c31%7C1c32%7C1c4%7C1c5,idMap:1b5*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:26,oid:53555eeb-817e-11ee-a4b8-0e9ffc5b65d8,v:19.8.459,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js

329 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
travel.kapook.com/
Redirect Chain
  • http://travel.kapook.com/
  • https://travel.kapook.com/
131 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
210.4.137.32 Chachoengsao, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
210-4-137-32.inter.net.th
Software
/
Resource Hash
cd1e1fe35247d35b12992d8b7f715a61a44917da5e0c52d9d03048eb6838efec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 12 Nov 2023 17:10:00 GMT
kp-cache-status
EXPIRED
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
166
Content-Type
text/html
Date
Sun, 12 Nov 2023 17:09:59 GMT
Location
https://travel.kapook.com/
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
fontface.css
my.kapook.com/fonts/kittithada_roman/ 		387 B
390 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/kittithada_roman/fontface.css
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 08:33:12 GMT
etag
W/"646b28c8-183"
content-type
text/css
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
fontface.css
my.kapook.com/fonts/chatthai/ 		321 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/chatthai/fontface.css
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 08:33:12 GMT
etag
W/"646b28c8-141"
content-type
text/css
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
theme.css
my.kapook.com/css/portal/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css/portal/theme.css
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
dfcf458b30011a32f23756a0ea7319562728a39429ce0b32f95cef3a98a28104

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
gzip
last-modified
Tue, 06 Jun 2023 03:34:43 GMT
etag
W/"647ea953-2a1f"
content-type
text/css
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
template.css
my.kapook.com/css/portal/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css/portal/template.css
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
c31d43c6a53bebc8ee3b306ef6c2e9c76ce1b9d0951eeab787df1178c9cb8feb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 08:33:11 GMT
etag
W/"646b28c7-28ec"
content-type
text/css
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
main.css
my.kapook.com/signin_2017/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/signin_2017/css/main.css
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
8e02f8b007cd163f883dfcc333097df59ddfbfe23d25a1a7f1da36d30a8f17ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
gzip
last-modified
Tue, 06 Jun 2023 03:34:43 GMT
etag
W/"647ea953-11c0"
content-type
text/css
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
jquery-3.2.1.min.js
my.kapook.com/jquery/ 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery-3.2.1.min.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 08:33:40 GMT
etag
W/"646b28e4-15283"
content-type
application/javascript
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
lead-latest.js
cdn.thelead.tech/lead/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thelead.tech/lead/lead-latest.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.228 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),
Reverse DNS
p354-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
f191536821e73c14b5d46ae722b8c0acadd4db28476a0b4cf53c6bd78b344682
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 29 Aug 2022 14:43:48 GMT
etag
"630cd0a4-294e"
content-type
application/javascript
cache-control
must-revalidate, max-age=3600
accept-ranges
bytes
content-length
10574
dmp.js
my.kapook.com/js_tag/ 		1 KB
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/js_tag/dmp.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
7b725ae865db1ff6a60a6dc326de6c6689138e473de067d5309b8562ed8addc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 08:33:53 GMT
etag
W/"646b28f1-466"
content-type
application/javascript
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
track.js
my.kapook.com/asset/js/ 		546 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/asset/js/track.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
94dbbf524205a3bc95b68260212087b64f446c6a9adba09afb677fd1d1e745e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 08:33:09 GMT
etag
W/"646b28c5-222"
content-type
application/javascript
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
deva-theme.png
horoscope-preview.kapook.com/images/ 		756 KB
757 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://horoscope-preview.kapook.com/images/deva-theme.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.170 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),
Reverse DNS
p296-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
7279eefe0970c580a6bdc1fd8d3da4ffa784287907f11bf5d682b88b5a0f921e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 13 Jul 2023 04:57:04 GMT
accept-ranges
bytes
etag
"64af8420-bcf16"
content-length
773910
content-type
image/png
logo-kapook.png
my.kapook.com/img-portal/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-portal/logo-kapook.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
18c32489ad4b5869d199970a70ada9cae17a82d7588f9f6145289cfe0087433f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
last-modified
Mon, 22 May 2023 08:33:14 GMT
etag
"646b28ca-7206"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
29190
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
footer2018.css
my.kapook.com/css/portal/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css/portal/footer2018.css
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
1c01c6e4102f57bf88bff2d9a53d97f4f4dca2dc87cd1489253a711e5a1b1c95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
gzip
last-modified
Tue, 06 Jun 2023 03:34:43 GMT
etag
W/"647ea953-17b0"
content-type
text/css
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
ic-sv-01.png
my.kapook.com/img-services/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-01.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
eb00caeeb5864d2c296487be10f4254f93fb6b66653755703eedbeb3a75b12e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
last-modified
Mon, 22 May 2023 08:33:35 GMT
etag
"646b28df-b5a"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
2906
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
ic-sv-02.png
my.kapook.com/img-services/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-02.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
261bb00bef911c5669e21d2eb97c372fa56ac5b0fd511886d7365980168e9481

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
last-modified
Mon, 22 May 2023 08:33:35 GMT
etag
"646b28df-954"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
2388
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
ic-sv-03.png
my.kapook.com/img-services/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-03.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
b5a3530e4b2177e1c71bbe14b92236b2fc7d1c8799108057e64890d936e431b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
last-modified
Mon, 22 May 2023 08:33:35 GMT
etag
"646b28df-988"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
2440
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
ic-sv-04.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-04.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
54822c5709873bcf9afc8091b8441dee5f4acc246672adc5c720899a6fc21f32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
last-modified
Mon, 22 May 2023 08:33:35 GMT
etag
"646b28df-8e8"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
2280
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
icon-fb.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-fb.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
8819b0d3268b13f643a92860ff6db03177c44398768eddae4c7572187dfcd480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
last-modified
Mon, 22 May 2023 08:33:35 GMT
etag
"646b28df-6f6"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1782
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
icon-tw.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-tw.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
59ce937613311d1ed6f8b028b62172ac1090a451188e0dfcb48d00e65152a5ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
last-modified
Mon, 22 May 2023 08:33:35 GMT
etag
"646b28df-7c7"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1991
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
icon-yt.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-yt.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
9c45c6581f154b44f31a426c185f9e63eca4a3bece818d4538e32eb6ad45078b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
last-modified
Mon, 22 May 2023 08:33:35 GMT
etag
"646b28df-6bb"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1723
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
icon-ig.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-ig.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
f8f28263933a84466cc21cbf27d39d2aab3db9a6e447d0a9c07d56f75e568c5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
last-modified
Mon, 22 May 2023 08:33:35 GMT
etag
"646b28df-84e"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
2126
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
app-store.jpg
www.kapook.com/assets_2017/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kapook.com/assets_2017/images/app-store.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
eda51ab7248feccf81e351757e504a158c1dd25a63c58304eb8111829ab438a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
last-modified
Fri, 08 Sep 2023 11:21:15 GMT
etag
"8fe-604d72cbb8d8d"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
2302
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:04 GMT
google-play.jpg
www.kapook.com/assets_2017/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kapook.com/assets_2017/images/google-play.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
613d3c9b1ae664647fc29af09983332254942b09d13dbc83eb8918e70843c639

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
last-modified
Fri, 08 Sep 2023 11:21:01 GMT
etag
"7cf-604d72bec46ed"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
1999
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:04 GMT
angular.min.js
my.kapook.com/angular/1.6.1/ 		162 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/1.6.1/angular.min.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
dd2acb8cf7913dad687ccdbcd2bf8e31c52325928b5891ebe9246d46eddd45bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 08:33:06 GMT
etag
W/"646b28c2-28886"
content-type
application/javascript
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
signin-drt.js
my.kapook.com/signin_2020/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/signin_2020/js/signin-drt.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
760ab9911c00c318c2ccfa343765c3c40fe4fd218137dc639cff9aacec12f8f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
gzip
last-modified
Tue, 06 Jun 2023 03:34:43 GMT
etag
W/"647ea953-c3e"
content-type
application/javascript
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
lazysizes.min.js
www.kapook.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kapook.com/js/lazysizes.min.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
06821251a29e71f8fd4f60349667c54d163b16d7bc8b1d47144c7f5042683eef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
gzip
last-modified
Fri, 08 Sep 2023 11:13:55 GMT
etag
"1b91-604d7128a4396-gzip"
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
3307
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:04 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156743/740/ 		405 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
21791dfaff28df4fbf2b1935f522bf65f395bd713b0cccf6f201378c0f7638c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
gzip
last-modified
Fri, 03 Feb 2023 02:41:46 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=62954
accept-ranges
bytes
content-length
126196
expires
Mon, 13 Nov 2023 10:39:16 GMT
container_56d8ee121c51b14f6e964404.js
ssl-avd.innity.net/143/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl-avd.innity.net/143/container_56d8ee121c51b14f6e964404.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/js_tag/dmp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.45.238.46 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-238-46.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
aaf3814524bd89364709ba29a2bfc51a8934b7e55b925b9d706d3c3ae9f9f53b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 17:10:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:15:51 GMT
Server
nginx/1.20.2
ETag
"5f48bd37-20f7-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1964345
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3228
Expires
Tue, 05 Dec 2023 10:49:07 GMT
loader.js
cdn.taboola.com/libtrc/kapook/ 		797 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/kapook/loader.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
125fe72b07102cb28c61d4f46befb1b818054d51c156e61de07c1afa5c3e577f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
llJXLP6J._YCqVzyOn1Q2TwDzofg3wEb
content-encoding
gzip
via
1.1 varnish
date
Sun, 12 Nov 2023 17:10:02 GMT
x-amz-request-id
YH6WM6XQH11RY34M
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
20
x-amz-replication-status
FAILED
content-length
43404
x-amz-id-2
3GD240BJDeT212+E7XUFWoMiEzBQVAPe2qTERuUTQTVMf5uyxw0dCKkfW3n+eEPs6lfrv9PkFZM=
x-served-by
cache-cph2320058-CPH
last-modified
Sun, 12 Nov 2023 17:10:02 UTC
server
nginx
x-timer
S1699809003.798906,VS0,VE44
etag
"bc859fbf7dbbe1db77f65c55e432867c8949b192"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
11
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Nov 2023 15:49:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4821
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 12 Nov 2023 17:49:41 GMT
a0000034.js
lvs.truehits.in.th/dataa/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs.truehits.in.th/dataa/a0000034.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-58-214.northern.inet.co.th
Software
nginx/1.23.3 /
Resource Hash
2a519ee541368c16d1dc0c9b318178352db8c1f0d0b4e2a91d05dc0b109c44d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
last-modified
Thu, 9 Nov 2023 07:02:00 GMT
server
nginx/1.23.3
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type
application/x-javascript
cache-control
max-age=604800
content-length
9647
expires
Sun, 19 Nov 2023 17:10:03 GMT
iframe_widget.php
cacheportal.kapook.com/ Frame 9466 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cacheportal.kapook.com/iframe_widget.php?portal=travel&portal_id=6&page=home
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.195 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p321-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
ccae9f42d88f7019f9330509a932a59cafd3500dec0199ed615bdf008d61c51f

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
access-control-allow-methods
OPTIONS, HEAD, GET, POST, PUT, DELETE
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 12 Nov 2023 17:10:04 GMT
kp-cache-status
EXPIRED
vary
Accept-Encoding
arrow-down.svg
assets.thaibuffer.com/portal_config_desktop/header/svg/ 		213 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.thaibuffer.com/portal_config_desktop/header/svg/arrow-down.svg
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6501f17d0120035bb709b4bb2e848af8bf31f4b9ec55834387015602daadb02c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
643
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"19770ccece5e18822ea2bb910318ca9f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kN81rwsbMhewoLIu9BSgSn%2BuVLpQrjYOna9VqzKW3r8OOl6ZgUPPxxOd%2FRTykC9XGJtMebpcCjg2%2BHJeC3LN9lV7FLtQeOoT2mzC4xcLq7cJCcp6nITV9uCtxNoK6A8N%2FrPugv7q%2B6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cf-ray
825062db9dc6b79a-AMS
ico-travel.svg
my.kapook.com/svg-portal/ 		28 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/svg-portal/ico-travel.svg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
3f92ea558a79cf8f388e91a35473822588830912921d184272f0f0fddffaab6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 08:34:09 GMT
etag
W/"646b2901-6f51"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:02 GMT
kit55p-webfont.woff2
my.kapook.com/fonts/kittithada_roman/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/kittithada_roman/kit55p-webfont.woff2
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/fonts/kittithada_roman/fontface.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
1d2a8c794add60a46cd6b6baccd0f696f532a5890f4ae056e77ea862782f3cd6

Request headers

Referer
https://my.kapook.com/fonts/kittithada_roman/fontface.css
Origin
https://travel.kapook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
last-modified
Mon, 22 May 2023 08:33:12 GMT
etag
"646b28c8-5160"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid
content-length
20832
expires
Sun, 19 Nov 2023 17:10:03 GMT
CSChatThaiUI.woff2
my.kapook.com/fonts/chatthai/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/chatthai/CSChatThaiUI.woff2
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/fonts/chatthai/fontface.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
7c56eaccdfaf45898b493d44f6063c20f365137a89bc2a883f2b7a53a3f5ea2d

Request headers

Referer
https://my.kapook.com/fonts/chatthai/fontface.css
Origin
https://travel.kapook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
last-modified
Mon, 22 May 2023 08:33:12 GMT
etag
"646b28c8-3fb4"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid
content-length
16308
expires
Sun, 19 Nov 2023 17:10:03 GMT
collect
www.google-analytics.com/j/ 		16 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=713246250&t=pageview&_s=1&dl=https%3A%2F%2Ftravel.kapook.com%2F&ul=en-us&de=UTF-8&dt=%E0%B8%AA%E0%B8%96%E0%B8%B2%E0%B8%99%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%97%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7%20%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%9E%E0%B8%B1%E0%B8%81%20%E0%B9%82%E0%B8%A3%E0%B8%87%E0%B9%81%E0%B8%A3%E0%B8%A1%20%E0%B8%A3%E0%B9%89%E0%B8%B2%E0%B8%99%E0%B8%AD%E0%B8%B2%E0%B8%AB%E0%B8%B2%E0%B8%A3%20%E0%B8%A3%E0%B9%89%E0%B8%B2%E0%B8%99%E0%B8%81%E0%B8%B2%E0%B9%81%E0%B8%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=1181852763&gjid=1217403976&cid=2050826997.1699809003&tid=UA-36103152-15&_gid=1166201078.1699809003&_r=1&_slc=1&z=1947134372
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
86d4c73c2b90cb0fee28a5cde2e6900150106c769af4e53b2dd1bb9a12f6e5a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-36103152-15&cid=2050826997.1699809003&jid=1181852763&gjid=1217403976&_gid=1166201078.1699809003&_u=IEBAAAAAAAAAACAAI~&z=1391057335
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 12 Nov 2023 17:10:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		280 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DBZBLF8EQ4&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3fbbd700e04cb4c5110e7cbc4c7f427fb82fe071eda1f784c63a6a720536d356
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95611
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 12 Nov 2023 17:10:02 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		103 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b14bb1c4ca01a7ed992cc4e6f128792e6a9ab713670dd14ca0007267724b9bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31804
x-xss-protection
0
server
cafe
etag
713 / 19673 / 31079574 / config-hash: 5108900474499610176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:10:02 GMT
circle-list.png
assets.thaibuffer.com/img-services/ 		989 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.thaibuffer.com/img-services/circle-list.png
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/footer2018.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a67b319836d86d61b5073a465f042bc9d0583ee4705bde230cf7e542c0ac8a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3703
alt-svc
h3=":443"; ma=86400
content-length
989
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"c612cecd4a605db3c41a7ab5a03711a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWf6uGVwdUqfcU%2F94nG%2FHUUMFmDhAkDMdijESI%2FPlXQIZyG1p61hfRjfbubZW2fy4%2FoCqwA%2BmBNJOk1OfikSSB3uE8bB6P4EO8LFRtroX5tdPt38BfXdOZCDpyLGF7VPfSsIAdwUtBSCTct35y273iV6TVw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
accept-ranges
bytes
cf-ray
825062dc0e58b79a-AMS
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/143/container_56d8ee121c51b14f6e964404.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.45.238.46 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-238-46.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 17:10:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:40:46 GMT
Server
nginx/1.20.2
ETag
"61725cee-5149-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1430596
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6407
Expires
Wed, 29 Nov 2023 06:33:19 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.45.238.46 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-238-46.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 17:10:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.20.2
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=979871
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2875
Expires
Fri, 24 Nov 2023 01:21:14 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36103152-15&cid=2050826997.1699809003&jid=1181852763&_u=IEBAAAAAAAAAACAAI~&z=820489045
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36103152-15&cid=2050826997.1699809003&jid=1181852763&_u=IEBAAAAAAAAAACAAI~&z=820489045
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4016:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
load.js
pm-widget.taboola.com/kapook/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/kapook/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97707ea3f73f231a87204527acb38ba3de793a8711839f731329ab27fd951c9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
k.hsBIBWCbV0G5mrg_nZ8J10hV9nkCNy
content-encoding
gzip
via
1.1 varnish
date
Sun, 12 Nov 2023 17:10:03 GMT
x-amz-request-id
R0VQZ0HJQAYV38Z6
age
2421
x-cache
HIT
content-length
1118
x-amz-id-2
3uE5fVdBnsQRBWBO46tGCTdciDPMn/16hWXxSIuFXWJLFvrQwMAlJcGI8ZyJRuSmc0E2NAM37vI=
x-served-by
cache-cph2320058-CPH
last-modified
Fri, 29 Sep 2023 09:01:32 GMT
server
AmazonS3
x-timer
S1699809003.058686,VS0,VE1
etag
"4c5a69a1af1fabe3cedff0aa28df7bbc"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
impl.20231109-4-RELEASE.js
cdn.taboola.com/libtrc/ 		817 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231109-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c3d81f36dc03519cce27e07bfcbded028976029fd657bf53c6e094dd6e00d43b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
69eghUIhFH6olSunzUAcLIL_EHGkxid_
content-encoding
br
via
1.1 varnish
date
Sun, 12 Nov 2023 17:10:02 GMT
x-amz-request-id
8X0HPC8GT04DHNQT
age
23933
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173215
x-amz-id-2
TGHUUha1jcug5Jb8TXDRErQooWOw8ik+js3Mo+XNmWWuvOLxyWzSK5ZnuxWEMMXfxNkuq4AHiIE=
x-served-by
cache-cph2320058-CPH
last-modified
Thu, 09 Nov 2023 10:30:47 GMT
server
AmazonS3-br
x-timer
S1699809003.955752,VS0,VE0
etag
"9b0d1da371b386f982de4dc25b6e1a2b"
vary
Accept-Encoding
content-type
application/javascript
abp
91
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
16113
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-DBZBLF8EQ4&gtm=45je3b81v878394901&_p=1699809002804&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=2050826997.1699809003&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Ftravel.kapook.com%2F&dt=%E0%B8%AA%E0%B8%96%E0%B8%B2%E0%B8%99%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%97%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7%20%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%9E%E0%B8%B1%E0%B8%81%20%E0%B9%82%E0%B8%A3%E0%B8%87%E0%B9%81%E0%B8%A3%E0%B8%A1%20%E0%B8%A3%E0%B9%89%E0%B8%B2%E0%B8%99%E0%B8%AD%E0%B8%B2%E0%B8%AB%E0%B8%B2%E0%B8%A3%20%E0%B8%A3%E0%B9%89%E0%B8%B2%E0%B8%99%E0%B8%81%E0%B8%B2%E0%B9%81%E0%B8%9F&sid=1699809002&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5303
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DBZBLF8EQ4&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DBZBLF8EQ4&cid=2050826997.1699809003&gtm=45je3b81v878394901&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DBZBLF8EQ4&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DBZBLF8EQ4&cid=2050826997.1699809003&gtm=45je3b81v878394901&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=346224165
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4016:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/ 		428 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9b20c45fa7937a540df46f96c90d6a36a0f3c2cc4be9f500e89168b0ea330a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 19:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
78457
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137198
x-xss-protection
0
server
cafe
etag
1612709275544178178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 10 Nov 2024 19:22:26 GMT
MIN-900320.js
apv-launcher.minute.ly/api/launcher/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apv-launcher.minute.ly/api/launcher/MIN-900320.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
60226320cb0692f161a56a013f4dbd66e60e578533a2c995195677c911e508c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 17:10:03 GMT
Content-Encoding
gzip
X-HW
1699809003.dop256.fr8.t,1699809003.cds141.fr8.shn,1699809003.dop256.fr8.t,1699809003.cds341.fr8.c
Content-Type
text/javascript; charset=utf-8; charset=utf-8
Cache-Control
max-age=30
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11033
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231109-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
309220
expires
60
json
trc.taboola.com/kapook/trc/3/ 		20 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/kapook/trc/3/json?tim=18%3A10%3A03.075&lti=deflated&data=%7B%22id%22%3A777%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22category%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1699777047730%2C%22vi%22%3A1699809003073%2C%22cv%22%3A%2220231109-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftravel.kapook.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Ftravel.kapook.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7402%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-c2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22alternating-thumbnails-home%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Category%20Thumbnails%22%2C%22orig_uip%22%3A%22Desktop%20Category%20Thumbnails%22%2C%22cd%22%3A1308.671875%2C%22mw%22%3A1200%7D%5D%2C%22cacheKey%22%3A%22category%3D%2F%2CDesktop%20Category%20Thumbnails%3Dalternating-thumbnails-home%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231109-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
912652253daf051b40f3a569eadce6f019d81a72cf0861e3ddc83e2fe8782a6b

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
441
date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.6154166666666666
x-fastly-to-nlb-rtt
13929
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-cph2320058-CPH
x-log-content-encoding
gzip
server
nginx
x-timer
S1699809003.105015,VS0,VE441
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://travel.kapook.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk-metrics
trc-events.taboola.com/kapook/log/3/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/kapook/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231109-4-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://travel.kapook.com
pragma
no-cache
date
Sun, 12 Nov 2023 17:10:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pmk-20220605.6.js
pm-widget.taboola.com/kapook/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/kapook/pmk-20220605.6.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/kapook/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2af6e197da6339b0018c3522f839555fa8c22d5eab720d12fa5d24e90ba8ebd

Request headers

Referer
https://travel.kapook.com/
Origin
https://travel.kapook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
9BaXjtccCzaPlHP37gFETeM2DtHaAYpc
content-encoding
gzip
via
1.1 varnish
date
Sun, 12 Nov 2023 17:10:03 GMT
x-amz-request-id
8NCB8V7XH6YWPQ68
age
1101226
x-cache
HIT
content-length
28789
x-amz-id-2
O3IBSwGnkWmwloU9c6e3x+3QoLXul/eNRLvFFG+De5VolrVW8mTdHiEHPB8IsfvuI2KYjH26g1U=
x-served-by
cache-cph2320027-CPH
last-modified
Fri, 29 Sep 2023 09:01:31 GMT
server
AmazonS3
x-timer
S1699809003.223886,VS0,VE1
etag
"0d657641b275c54f1ce3e0a8f320f280"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1
my-profile.html
my.kapook.com/signin_2020/templates/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/signin_2020/templates/my-profile.html
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/angular/1.6.1/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
23434d0a4c8b9f6bc076f2c8c52bee7a43018e2c39121a37273af892424a61e2

Request headers

Accept
application/json, text/plain, */*
Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 08:34:04 GMT
etag
W/"646b28fc-4cc"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
access-control-allow-headers
X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid
expires
Sun, 19 Nov 2023 17:10:03 GMT
ico-travel2.svg
my.kapook.com/svg-portal/ 		27 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/svg-portal/ico-travel2.svg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
36abbe66c39563f37a606823d165dc071c18f1dddac382dac18e057ec796e04a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 08:34:08 GMT
etag
W/"646b2900-6d70"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:03 GMT
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=868
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://travel.kapook.com
date
Sun, 12 Nov 2023 17:10:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
i
ads.adnuntius.delivery/ 		99 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adnuntius.delivery/i?tzo=-60&format=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.79.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
685f32974986dd646327f5832e284355def02bc5db81f694270f011164c0c4d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id
52ace3f3b29b2fbec206c5b306f7550a
x-adn-backend-server-id
fcf719b7
content-length
99
pragma
no-cache
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqCOENOzYEXYeVMerovxMMGpYk5kAhM0%2FMOUfaJ3P%2FKosf4RkYn6rj06KnVI7keD0JbpE1VP2cl9lcTu4qSviI6C9kaNYi32gsMhR%2BX9WD%2FUudU2wEZoSKdpVBOzYOczNyHbxdBUdvBK"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://travel.kapook.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
825062de6a6365b0-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Nov 2023 17:10:03 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 15:16:17 GMT
content-encoding
gzip
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
132248
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=216000
x-amz-cf-id
oLW2J6uryS3efl85S8NnJ8TYCNaTA1TGK5SA9NjOpIyIg5llbsm8xQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7600:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Sun, 12 Nov 2023 05:04:04 GMT
Via
1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
43560
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
EDMBV_SMfsogO6dDJkhbP1n1rolNvikgPAeeKhQOEn94-y63xFTKDA==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:29:26 GMT
content-encoding
gzip
age
1521637
x-guploader-uploadid
ABPtcPqHbjqPhKh2g3rLNDONjQOKU61Px7tzqzBh7WkCYt0i0BsdHalj9-b0OPiPUoULQhA2lZHQGq8cBXCis3HntxktCwlYb4qI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 25 Oct 2024 02:29:26 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		147 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:47:12 GMT
server
cloudflare
x-amz-request-id
YC5PVTJA3BNXFYZM
age
1551
etag
W/"c129d5681852fdb4346e144820aba0c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
825062deca019bce-FRA
x-amz-id-2
CbS0Gp/ofiRCwhVm+AL7CUBACi2A+dDOg9FtWrKdFXdP8MEnxNmSV2qtKO3YJqcY0XQ0+29lp1A=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16982
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230031-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=426IlhqsuVK1zGvI0d2pnKRtHf%2Fm%2FfYf3qwGRh4JFuLrjtGyPpVhLdwuZdetRhEP8Rh7Q%2F70BgRuuDkB0K7si7UOZuQs5rGu7CPJvmU9XUtWySjDmh7Qq7VKQpRnRg%2FtmoduvkbP9NKVn9CW7%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
825062defd989040-FRA
/
avd.innity.com/dc/cb/ 		59 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
a595a65daf494f67a9b30589aa1074b76a410023f863218449a65932153e968a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 17:10:03 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Nov 2023 17:10:03 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
mi-scraper-1.17.1.09.js
snippet.minute.ly/publishers/900320/ 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.minute.ly/publishers/900320/mi-scraper-1.17.1.09.js
Requested by
Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-900320.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b8ca564049e15f7ab62c0adfeaca7785dc44c82b3dd33b4798b1d8af096348

Request headers

Referer
https://travel.kapook.com/
Origin
https://travel.kapook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 20 Sep 2023 07:24:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1695194664"
x-hw
1699809003.dop214.fr8.t,1699809003.cds201.fr8.c
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shMRXiSGq9rVgmQWsMV4YvgZAGtm4d3xatgTAYUtimICOwTyoX57n%2FTU8rWlr%2FB0%2BSr7Wk6r6ESxYcRp8csEcdyRo05xbZdUuAvOMWSDFMkYpvcQUvdt9MsmvYKz9OpzWD%2Bi%2F2eJ8A2z45YMPcK%2B"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=26921945
access-control-allow-credentials
true
cf-ray
825062df6b021a47-FRA
access-control-allow-headers
Content-Type
map
bcp.crwdcntrl.net/6/ 		60 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.138.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-138-233.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a6665e633b989fda1f6b11856b7a056658c11c410f8b5ae9076aae3d171b6817

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:03 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache
x-server
10.45.11.230
access-control-allow-credentials
true
content-length
60
expires
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftravel.kapook.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftravel.kapook.com%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Ftravel.kapook.com%2F&rid=esp&cc=1
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
bdfe8209e133c15ab18d7dbe37db12aa8585d878dd78ef7d7e9f3f840388afd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-M8qF8Dm0yJuAdoqBNOQfDYpaCuE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://travel.kapook.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sun, 12 Nov 2023 17:10:03 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://travel.kapook.com
location
/esp?url=https%3A%2F%2Ftravel.kapook.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ads
securepubads.g.doubleclick.net/gampad/ 		276 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1288756167641233&correlator=545879443328030&eid=31079444%2C31079378%2C31079574%2C44780988%2C31079527&output=ldjh&gdfp_req=1&vrg=202311080101&ptt=17&impl=fifs&iu_parts=16357739%2CBoom_Box_300x250_Travel_Page%2CTravel_300_2_PC%2CLB_Travel_Page%2Ctravel_970_pc%2C1px_travel_PC%2CSkin_travel%2Cgallery_desktop_728%2CTravel_inter_mob%2CTravel_1x1_ad_refresh_pc%2COutstream_adbeyond_Travel_PC&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10&prev_iu_szs=1x1%7C300x250%2C300x250%7C1x1%7C300x600%2C728x90%7C1x1%2C970x250%7C1x1%2C1x1%2C1500x900%7C1x1%2C728x90%7C1x1%2C1x1%2C1x1%2C1x1&ifi=1&didk=1682882488~4236928933~1682882490~1682882491~3265627195~3600267607~2399143414~2790979439~3170997573~348204334&sfv=1-0-40&ists=4&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1699809003342&lmt=1699809003&adxs=1100%2C-9%2C436%2C315%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=1228%2C-9%2C2338%2C1349%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1%7C2%7C3%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftravel.kapook.com%2F&vis=1&psz=300x0%7C0x-1%7C728x0%7C970x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=300x0%7C0x-1%7C728x0%7C970x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C2%2C4%2C4%2C2%2C2%2C2%2C2%2C2%2C2&ohw=300%2C0%2C1200%2C1200%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=2050826997.1699809003&ga_sid=1699809003&ga_hid=713246250&ga_fc=true&dlt=1699809000439&idt=2713&prev_scp=pwtsid_pubmatic%3D2054cd6842a3acf%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D217ed7fc159bb8b%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D22ccf2d81ff4e0c%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D23330622a3a0fc8%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D245332c4a8f48de%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D253190ecdec947b%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D266b2a8119b19bb%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D274e319782b3334%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D28909ab9cdbc6c8%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D295fd500a90fa91%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&adks=4290934971%2C1256818172%2C2748875677%2C3443358116%2C2192446135%2C638819275%2C509936929%2C271686517%2C4018730071%2C1371145546&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c358fa188485b3d82ab7db02d4820cc10abf303022b6da2cb075cd31a44935c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32569
x-xss-protection
0
google-lineitem-id
5448011002,5448342164,5447068941,5447033993,6392414331,-1,-2,-2,6051946243,6117574540
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138319728879,138319729599,138319729872,138319990111,138449519978,-1,-2,-2,138396216713,138406028419
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6ce14ed4a481a746b441d57ad249034d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8007 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6ce14ed4a481a746b441d57ad249034d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:03 GMT
expires
Mon, 11 Nov 2024 17:10:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl_page_level_ads.js?cb=31079574
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1feae27bce64848747874eb049b0b945cbad02d0a88c21df9eb42a80005a8fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:06:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
226
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13738
x-xss-protection
0
server
cafe
etag
16881063792315815319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 11 Nov 2024 17:06:17 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F824 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=99879
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 12 Nov 2023 17:10:03 GMT
expires
Mon, 13 Nov 2023 20:54:42 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame EC4E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=travel.kapook.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:03 GMT
server
Kestrel
server-processing-duration-in-ticks
356937
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://travel.kapook.com
date
Sun, 12 Nov 2023 17:10:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
PugMaster
image6.pubmatic.com/AdServer/ Frame F824 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86263038&p=156743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-length
0
sid
mug.criteo.com/ Frame EC4E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=kapook.com&sn=ChromeSyncframe&so=0&topUrl=travel.kapook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=khQm0XxlZUZMdGlRTUIwVVprd2RmaWFBTGVLNjF5blFOWmJwSTlWRG9XM2QzNU1MTEhNVDB5TGx2RlJSM1Q1clkyMHA3bUlwa1BkMTBiOUVMVDd6UjkyZWY4VThTMjJTekpRTHd5SjR6QkFtVWpVZXJLZlozUUNOTUJKd2...
449 B
663 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=khQm0XxlZUZMdGlRTUIwVVprd2RmaWFBTGVLNjF5blFOWmJwSTlWRG9XM2QzNU1MTEhNVDB5TGx2RlJSM1Q1clkyMHA3bUlwa1BkMTBiOUVMVDd6UjkyZWY4VThTMjJTekpRTHd5SjR6QkFtVWpVZXJLZlozUUNOTUJKd29WeGZVOVhBbHdUeW5mMTJHUmQ0VHNPTzg1bTM5UEtXY1c3bWdnTmZKODhrUDk3Wmk3SVdLS281UEEyVThWcU1XVi81cGFMdTVWMGdab0h2bFNnUjB3U0xUem1PcnNzS01zV1pjeWNCOUpHSVdwR1cyMHgrTTJKdEh5OTRGTk01NTl4cm5oTUJaSFY4aVRvazlBM1k3TkNCcjB3UHFEQT09fA&cppv=2
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
af6015ed9a788013d885faa706c5f1f4a1490a255f7252f6526e2e71f484539d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1184133
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=khQm0XxlZUZMdGlRTUIwVVprd2RmaWFBTGVLNjF5blFOWmJwSTlWRG9XM2QzNU1MTEhNVDB5TGx2RlJSM1Q1clkyMHA3bUlwa1BkMTBiOUVMVDd6UjkyZWY4VThTMjJTekpRTHd5SjR6QkFtVWpVZXJLZlozUUNOTUJKd29WeGZVOVhBbHdUeW5mMTJHUmQ0VHNPTzg1bTM5UEtXY1c3bWdnTmZKODhrUDk3Wmk3SVdLS281UEEyVThWcU1XVi81cGFMdTVWMGdab0h2bFNnUjB3U0xUem1PcnNzS01zV1pjeWNCOUpHSVdwR1cyMHgrTTJKdEh5OTRGTk01NTl4cm5oTUJaSFY4aVRvazlBM1k3TkNCcjB3UHFEQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
276129
content-length
0
expires
0
_.gif
counter.snackly.co/ 		0
38 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/900320/mi-scraper-1.17.1.09.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://travel.kapook.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
825062e06c441c30-FRA
access-control-allow-headers
Content-Type
content-length
0
expires
Sun, 12 Nov 2023 17:10:03 GMT
_.gif
counter.snackly.co/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/900320/mi-scraper-1.17.1.09.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://travel.kapook.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
825062e06c411c30-FRA
access-control-allow-headers
Content-Type
content-length
0
expires
Sun, 12 Nov 2023 17:10:03 GMT
goggen.php
lvs.truehits.in.th/ 		91 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs.truehits.in.th/goggen.php?hc=a0000034&rand=587947&bv=0&rf=bookmark&web=JXchjyHKh5fjKMeMJkvK7Q%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=07C4B5FE.1&fp=d&fv=-&truehitspage=travel_home&truehitsurl=https%3a//travel.kapook.com/
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-58-214.northern.inet.co.th
Software
nginx/1.23.3 /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/jpeg
pragma
no-cache
date
Sun, 12 Nov 2023 17:10:03 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx/1.23.3
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
bulk
connect.thelead.tech/event/ 		77 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.thelead.tech/event/bulk
Requested by
Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.226 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),
Reverse DNS
p352-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
29b27277ffdae0b8e724a5dc20c151b08db25da34f0100384d149f537c8b714b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 12 Nov 2023 17:10:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
77
vary
Origin
content-type
application/json
userx.20231109-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231109-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fe6520a378ad338c66db239d1b57c2d0ac504e3f92e4d19ef082ab0d7682c89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
5mRD6Ht1WFBi8hai5.dYubrA_FWDYttX
content-encoding
gzip
via
1.1 varnish
date
Sun, 12 Nov 2023 17:10:03 GMT
x-amz-request-id
Q0QA35HN6XCVV40S
age
9513
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
YQ0v8JssJ85FPw5Yg42nviivrYBCh3ll19tOLaIi+30qtS/QwjKqMc9yH432tJ9DWG4FyID5kTw=
x-served-by
cache-cph2320058-CPH
last-modified
Sun, 12 Nov 2023 14:31:30 GMT
server
AmazonS3
x-timer
S1699809004.618648,VS0,VE0
etag
"21d91e3113cd6f8870905a47f3231b99"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
91
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
772
distance-from-article.20231109-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231109-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dae93195866088d91dce97b94af44dd44aeef03141a58d764bf8ddb5cc013a26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
flmJVrFYT68JozpGACMbghE9BzBa5WQM
content-encoding
gzip
via
1.1 varnish
date
Sun, 12 Nov 2023 17:10:03 GMT
x-amz-request-id
H1SA6WEWZAFFASBC
age
9545
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
rm44pC4F7sKGKfCM36Un4+Ayq7E4rwxvOcc9qyp3AIYoH0EiKeIYO+0tdI4ZYLpLyQP1knOIfso=
x-served-by
cache-cph2320058-CPH
last-modified
Sun, 12 Nov 2023 14:30:58 GMT
server
AmazonS3
x-timer
S1699809004.621878,VS0,VE0
etag
"fd99de1c982f0fb6a1e799595017751e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
93
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5344
article-detection.20231109-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231109-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7b2066c7c54bc80624a8290b3c4c810c177738a708be26dc5cf547a7fb4931e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
9509GLiqTpMXhLkZezbdI66E.p.fUPyt
content-encoding
gzip
via
1.1 varnish
date
Sun, 12 Nov 2023 17:10:03 GMT
x-amz-request-id
R9M0B1YWVA2M3PZV
age
9552
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
2U6Zojb2+19OY3lYZvMTOzKMyhsOg1yWAgUgUtY+a6idB5Ejk6GjuYGSJmzWCArwk++wgVSuz00=
x-served-by
cache-cph2320058-CPH
last-modified
Sun, 12 Nov 2023 14:30:52 GMT
server
AmazonS3
x-timer
S1699809004.621860,VS0,VE0
etag
"f0e85283e0020647322ee9774aaa19b7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
90
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5341
floating-unit.20231109-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231109-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
042fee0b1bc726389e3a8d5b3b294f6fff68bd6e222eb47cf2f7e69e5d45a1f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
z5hrcU3tYhE0zEoQGHIbKM62og6E94j7
content-encoding
gzip
via
1.1 varnish
date
Sun, 12 Nov 2023 17:10:03 GMT
x-amz-request-id
NY47GP99VBRAP01B
age
9534
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2493
x-amz-id-2
eyXV04rFDwrsyHyr0JWirfYYncMPc30ebwsPUbhxjW/5ncfvd93ikB54Fu6JPSxu9IgD1kbEW78=
x-served-by
cache-cph2320058-CPH
last-modified
Sun, 12 Nov 2023 14:31:08 GMT
server
AmazonS3
x-timer
S1699809004.621857,VS0,VE0
etag
"0bf97dafc1b2a624047a5ae86bb3221c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
613
adServer.bs
bs.serving-sys.com/Serving/ 		42 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=display&c=19&pli=1079663566&gdpr=1&gdpr_consent=&us_privacy=${US_PRIVACY}&adid=1091576290&ord=[timestamp]
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.18.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-18-229.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
42
expires
Sun, 05-Jun-2005 22:00:00 GMT
supply-feature
am-trc-events.taboola.com/kapook/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/kapook/log/3/supply-feature?route=AM:AM:V&tvi2=4948&tvi48=11593&tvi50=13623&lti=deflated&ri=0420227ee89d3b694fda592b5791d626&sd=v2_221d2f868b9af5189173a2c2462d52c8_f5c123b7-a697-4108-a545-d03197210ff0-tuctc4a8c6b_1699809003_1699809003_CNawjgYQgaNGGMGMjKS8MSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABopYPC59r-lppmcAA&ui=f5c123b7-a697-4108-a545-d03197210ff0-tuctc4a8c6b&pi=/&wi=-403804868470246669&pt=category&vi=1699809003073&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=18%3A10%3A03.598&id=1003&llvl=2&cv=20231109-4-RELEASE&
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 12 Nov 2023 17:10:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
social
am-trc-events.taboola.com/kapook/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/kapook/log/3/social?route=AM:AM:V&tvi2=4948&tvi48=11593&tvi50=13623&lti=deflated&ri=0420227ee89d3b694fda592b5791d626&sd=v2_221d2f868b9af5189173a2c2462d52c8_f5c123b7-a697-4108-a545-d03197210ff0-tuctc4a8c6b_1699809003_1699809003_CNawjgYQgaNGGMGMjKS8MSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABopYPC59r-lppmcAA&ui=f5c123b7-a697-4108-a545-d03197210ff0-tuctc4a8c6b&pi=/&wi=-403804868470246669&pt=category&vi=1699809003073&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Ftravel.kapook.com%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Kapook%20Travel%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7%20%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%81%E0%B8%B4%E0%B8%99%20%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%9E%E0%B8%B1%E0%B8%81%22%2C%22sec%22%3A%22Travel%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%2F%2Fmy.kapook.com%2Fconfig_desktop%2Ffb_img%2Ftravel.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A10%3A03.604&id=4442&llvl=2&cv=20231109-4-RELEASE&
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 12 Nov 2023 17:10:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
bulk-metrics
am-trc-events.taboola.com/kapook/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/kapook/log/3/bulk-metrics?tvi2=4948&tvi48=11593&tvi50=13623&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231109-4-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://travel.kapook.com
pragma
no-cache
date
Sun, 12 Nov 2023 17:10:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
631df4c75b4f02dc29d72a916064592e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bddf01494d1e64c3eb6d0634d87673fed729cf55d7550e9bdae36d2e090ab04c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 12 Nov 2023 17:10:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
age
2762017
edge-cache-tag
533785047141029851524565568207219022138,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
533785047141029851524565568207219022138,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
40
req-referer
https://kapook.com/
content-length
12318
x-request-id
c59f7006685aa495d94ff51ec66a12c0
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000147-IAD, cache-iad-kcgs7200174-IAD, cache-chi-kigq8000087-CHI, cache-iad-kjyo7100122-IAD, cache-cph2320058-CPH
last-modified
Sun, 10 Sep 2023 20:16:03 GMT
server
nginx
surrogate-reporting
width=280,height=234,bytes=18341,owidth=1200,oheight=800,obytes=488780
x-timer
S1699809004.633790,VS0,VE1
etag
"e10de180c93ab80eadb0481be686e0e6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 4, 1
262eea614765c100b27a01c2f26325a4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/262eea614765c100b27a01c2f26325a4.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
53c9770af4af1bf270107ebabbcfbb3166cbbb6ef068948e8b04b30747b1ddeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sun, 12 Nov 2023 17:10:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/262eea614765c100b27a01c2f26325a4.jpg
age
1504830
edge-cache-tag
350970114420182521697021266209702132133,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
350970114420182521697021266209702132133,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
562
expiration
expiry-date="Fri, 13 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://d-3689939673558921950.ampproject.net/
content-length
10468
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200150-IAD, cache-iad-kiad7000177-IAD, cache-iad-kiad7000128-IAD, cache-cph2320058-CPH
last-modified
Tue, 12 Sep 2023 16:48:24 GMT
server
nginx
surrogate-reporting
width=280,height=234,bytes=16275,owidth=1200,oheight=627,obytes=546410
x-timer
S1699809004.650493,VS0,VE3
etag
"7ca9e4c391863dfc60690fd11cb41e76"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 1
519b38a2fd4bb7de8f469dbfd8e091f9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/519b38a2fd4bb7de8f469dbfd8e091f9.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0f5101bdf5ad926d0a55a6be0766ea779623edd7b0117db993140063f232aa5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 12 Nov 2023 17:10:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/519b38a2fd4bb7de8f469dbfd8e091f9.jpg
age
802581
edge-cache-tag
391939146284273195878917597381781736151,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
391939146284273195878917597381781736151,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
94
expiration
expiry-date="Mon, 13 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.chatsports.com/
content-length
22956
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000117-IAD, cache-iad-kiad7000131-IAD, cache-lax-kwhp1940096-LAX, cache-iad-kiad7000149-IAD, cache-cph2320058-CPH
last-modified
Fri, 13 Oct 2023 04:49:08 GMT
server
nginx
surrogate-reporting
width=280,height=234,bytes=38846,owidth=1200,oheight=767,obytes=233852
x-timer
S1699809004.654268,VS0,VE1
etag
"deff7f01eb420ee9473d8596a0528891"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 9, 1
8b7ccc3f81d9256fc0d4dfe15ce0e330.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b7ccc3f81d9256fc0d4dfe15ce0e330.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e49a2aa3262b3b49836dc88be275fe1193b9f74efb8a05f4fec39f2378d1611e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-vcl-time-ms
89
date
Sun, 12 Nov 2023 17:10:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b7ccc3f81d9256fc0d4dfe15ce0e330.png
age
1303304
edge-cache-tag
536429029816880794526711040368051763927,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag
536429029816880794526711040368051763927,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
694
req-referer
https://www.t-online.de/
content-length
5226
x-request-id
37ae16628120b58e9f4dc67d6e00d252
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200111-IAD, cache-iad-kcgs7200040-IAD, cache-chi-kigq8000082-CHI, cache-iad-kjyo7100178-IAD, cache-cph2320058-CPH
last-modified
Thu, 26 Oct 2023 09:44:01 GMT
server
nginx
surrogate-reporting
width=280,height=234,bytes=8357,owidth=1000,oheight=600,obytes=723502
x-timer
S1699809004.679001,VS0,VE89
etag
"a176c2c15279dff85cf66453e74f515f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 12, 0
e729b978708d35fb8b55a78a1d38b287.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e729b978708d35fb8b55a78a1d38b287.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a8e927929be2eb5f041cd13c96724e985331f031112b5ce1270d8c39b8e1049

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-vcl-time-ms
148
date
Sun, 12 Nov 2023 17:10:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e729b978708d35fb8b55a78a1d38b287.png
age
455142
edge-cache-tag
292938725472352549968152836805745019209,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag
292938725472352549968152836805745019209,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
82
req-referer
https://www.freenet.de/
content-length
12040
x-request-id
b126b8dfe701d9baae7a006193e66d47
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000093-IAD, cache-iad-kcgs7200039-IAD, cache-lga21942-LGA, cache-iad-kjyo7100030-IAD, cache-cph2320058-CPH
last-modified
Tue, 07 Nov 2023 10:35:37 GMT
server
nginx
surrogate-reporting
width=600,height=500,bytes=36591,owidth=600,oheight=500,obytes=462992
x-timer
S1699809004.696644,VS0,VE148
etag
"76b08913648b16e995533a1f9b3b5913"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 7, 0
pd
google-bidout-d.openx.net/w/1.0/ Frame E5EC 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 12 Nov 2023 17:10:03 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
debug
am-trc-events.taboola.com/kapook/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/kapook/log/2/debug?tim=18%3A10%3A03.657&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=451&cv=20231109-4-RELEASE&lt=deflated&pct=1
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25989
supply-feature
am-trc-events.taboola.com/kapook/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/kapook/log/3/supply-feature?route=AM:AM:V&tvi2=4948&tvi48=11593&tvi50=13623&lti=deflated&ri=0420227ee89d3b694fda592b5791d626&sd=v2_221d2f868b9af5189173a2c2462d52c8_f5c123b7-a697-4108-a545-d03197210ff0-tuctc4a8c6b_1699809003_1699809003_CNawjgYQgaNGGMGMjKS8MSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABopYPC59r-lppmcAA&ui=f5c123b7-a697-4108-a545-d03197210ff0-tuctc4a8c6b&pi=/&wi=-403804868470246669&pt=category&vi=1699809003073&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%226434.328125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A10%3A03.661&id=4992&llvl=2&cv=20231109-4-RELEASE&
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 12 Nov 2023 17:10:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
next-up-widget.20231109-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231109-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/kapook/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ec7656b1960bd3c9bb1d326a0f9cbdce0be87adc5cbfb16413a79b30848bceb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
g0X41F2KnlbqbKHyTuyU_vXkyc88UDyj
content-encoding
gzip
via
1.1 varnish
date
Sun, 12 Nov 2023 17:10:03 GMT
x-amz-request-id
9WXWA70ZYQ987NJ8
age
9532
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
m2wYmcP4yi2OJwQrtfaz/U4Pedr9X0IFXClHhcagxi3E3nel1jYcsmgwTPDdmHlX3OlUtHrkmCk=
x-served-by
cache-cph2320058-CPH
last-modified
Sun, 12 Nov 2023 14:31:11 GMT
server
AmazonS3
x-timer
S1699809004.684728,VS0,VE0
etag
"57c3924365c79fa90dc0b8ecfefbcd07"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
84
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
587
bulk-metrics
am-trc-events.taboola.com/kapook/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/kapook/log/3/bulk-metrics?tvi2=4948&tvi48=11593&tvi50=13623&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231109-4-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://travel.kapook.com
pragma
no-cache
date
Sun, 12 Nov 2023 17:10:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
6eb63dda-708a-477c-be7c-9bbaa99d4bc1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s359.kapook.com/r/1200/630/pagebuilder/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s359.kapook.com/r/1200/630/pagebuilder/6eb63dda-708a-477c-be7c-9bbaa99d4bc1.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
29b9986f3e1992a2c0f3023a51372a264110e13ced1162735bd0d97df9c18a3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 12 Nov 2023 17:10:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s359.kapook.com/r/1200/630/pagebuilder/6eb63dda-708a-477c-be7c-9bbaa99d4bc1.jpg
age
1241362
edge-cache-tag
398860343978872132736994969228011633425,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
398860343978872132736994969228011633425,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
2759
req-referer
https://calendar.kapook.com/
content-length
7308
x-request-id
c878cdc0505a9e2282d5d42977ff3810
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100057-IAD, cache-iad-kcgs7200128-IAD, cache-lax-kwhp1940100-LAX, cache-iad-kcgs7200111-IAD, cache-cph2320058-CPH
last-modified
Sun, 29 Oct 2023 07:59:57 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=15544,owidth=1200,oheight=630,obytes=296353
x-timer
S1699809004.743516,VS0,VE0
etag
"8b53b91c7a06341d21396a3f72d0e2af"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 15, 2
631df4c75b4f02dc29d72a916064592e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2204c52b03862331837b790411412037ed0e2b58b6523476f5c60f5cf92017fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 12 Nov 2023 17:10:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
age
3153167
edge-cache-tag
533785047141029851524565568207219022138,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
533785047141029851524565568207219022138,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
20
expiration
expiry-date="Thu, 19 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
6018
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000024-IAD, cache-iad-kcgs7200117-IAD, cache-sna10721-LGB, cache-iad-kiad7000159-IAD, cache-cph2320058-CPH
last-modified
Mon, 18 Sep 2023 03:50:36 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=8454,owidth=1200,oheight=800,obytes=488780
x-timer
S1699809004.743961,VS0,VE1
etag
"1180fae574ea17e891be57b47497069b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 228, 1
262eea614765c100b27a01c2f26325a4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/262eea614765c100b27a01c2f26325a4.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9247a713305b206abde789d28a4e68a5808fa61dc85aa26e567845bf01cb1a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 12 Nov 2023 17:10:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/262eea614765c100b27a01c2f26325a4.jpg
age
3143236
edge-cache-tag
350970114420182521697021266209702132133,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
350970114420182521697021266209702132133,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
65
expiration
expiry-date="Fri, 13 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
5620
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100060-IAD, cache-iad-kjyo7100085-IAD, cache-chi-klot8100089-CHI, cache-iad-kcgs7200157-IAD, cache-cph2320058-CPH
last-modified
Tue, 12 Sep 2023 16:59:44 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=8494,owidth=1200,oheight=627,obytes=546410
x-timer
S1699809004.748462,VS0,VE1
etag
"bc70723e8d573b5e8c9a1c445f5ef3f4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2, 1
view
securepubads.g.doubleclick.net/pcs/ Frame 103C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvD36vX9s-oj1qehiBTE5DfGkzSu07wYaqfuQ0m1qzoNmPcY6lN1YZcUxxAeVN0u0kjvyJ9M0LilBu_qbdiE8CeV2-H1SR1dAo48Xk9AM5-m4m3tt19XJrquGCGvUsqtv6XxPnUczOIlPANxwEbd9YfuFrCmNFA3Dtvk6ZZZ3J6RnZVO8wUWXfc6tonpN0EpX-ODJWxQn7voWyIvf-wsZyFi1JKDDAzpCK0qkYTZqsrpkTQ0pXyQMpMqNaIAEacmcOq_zP-iTxrrqO9g9HxuOULEn_HUPMUNQpdSH142tK4cECT1LEgQprjGy6pIgQPW8M1RXA8HhCkQe6eArGJpnSO4EVBU7YYfrVxu1_XvEDqQlZWMDRjcS0zRNw_GMrNyIvb&sai=AMfl-YR2ZzBqbVs9VGggli-bhQ4Tcl3TCRYfJLEWHmsfVFCuRufLAbHEtLxWbrhzf2eIhA5_UPsRHFMfxlUvBnMkIxfxQVbQ0BViXSd62-XYI9PBtlfP1jQuVy0qslCU_ZroybhsuIs6C9ph_ELLyxyKkpQ&sig=Cg0ArKJSzB5Z7CAGeWcIEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Nov 2023 17:10:03 GMT
22392.js
ads.rubiconproject.com/ad/ Frame 103C 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k / PHP/7.2.24
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
x-powered-by
PHP/7.2.24
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=12319
access-control-allow-credentials
true
content-length
8916
expires
Sun, 12 Nov 2023 20:35:22 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 103C 		199 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:10:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9458 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_Tf_vw0879TsqvGRZZ2dq2z8EDdNZ2KqL4HsG0skFzc1zX3inYzedJcQ45NRpANkz3sQP923lzC7upRE7UuxlwPhBMjjSDn_3yecFc0vP_j1Zo5FInx0SkTvqP0wRdz6ekBNMx3qtq1iKmS08UcG1G3-uNZcUgYEr0oLKdlyy8QM39O8-id3-s_OgF_vgsXiQjdWcvECQqcJ7Ao4_tidmBDItqYb84A9p2-Gf3hf9753ivqYwHu_T_3En7JUL0mpWyyH0I9dNKTX3S1vasFhsRLp4dup20Fv6NTxvQD59qIXsetwXiROSSDCQfHSYR6_wZrvisqtvKAXjKtZ55Z9q5GHzpHMIzmK-K2K_c4yA6w&sai=AMfl-YTP1q__GAc--HyebhRyQ1m73dv8WWqXagZ_QjXFYPJ1_uPkaoJ0RhcvmZd5Ijb9dHZk5B0FNyipzM-JH0NgmehFj7OxHCC4Lcm1RC_CY2XZYNyDdZA4YH0igDov5uyuGOIcCJZSLamzggIDXTY8Apk&sig=Cg0ArKJSzLKmPviSp2W0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Nov 2023 17:10:03 GMT
22392.js
ads.rubiconproject.com/ad/ Frame 9458 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k / PHP/7.2.24
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
x-powered-by
PHP/7.2.24
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=12319
access-control-allow-credentials
true
content-length
8916
expires
Sun, 12 Nov 2023 20:35:22 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9458 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:10:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6E80 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8Z_NTcCecZ4JY9Eoc7NY3aPh346KOh6cJziYkbjuDo5RLUGu5Q8z1lNUg7g7oU8dzPsPXo5QvUHLIKchCDMQz-8MMqo-oKSge-euArrvJodICcb0jxEN0OGKlrNMx8q80em-4Whg0_ydjtIC8Y22NBMN82BDXLklW2atL3m862rGH2OYgldfKN5K3aOZyyBRUIyxXMkOfKWXHJkSuDnGomLllXKw9dL7-BTBDyRokkhQadot5bcMuVqtgl8c5oieA27cgFrc34PvuN7qsIArervKC33sDUoZcJCcuK6oRoAEggSILUanEg1FQXGeGE8HniTf-a3Ar-JK2b1fjXwhwKFBtEAmjKZKe-HKHQfzeIg&sai=AMfl-YRBnIUGGbG6pVxa5coddAeDO-BbS4TESV-HXj2SyfcO76QgmqsKa2Xoyw7OnQbrSSK7icw7XLrAR0BVAzsiNjL8FH27yCb4lx8JKGbXSDZmhRbxlYhFJN_oZZCZM9-WgZdEEfEcf3LBTy_awvx1R7s&sig=Cg0ArKJSzDVsVO8aGcnHEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Nov 2023 17:10:03 GMT
22392.js
ads.rubiconproject.com/ad/ Frame 6E80 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k / PHP/7.2.24
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
x-powered-by
PHP/7.2.24
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=12319
access-control-allow-credentials
true
content-length
8916
expires
Sun, 12 Nov 2023 20:35:22 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6E80 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:10:03 GMT
me
api-center.kapook.com/v1/market/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-center.kapook.com/v1/market/me
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.130 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),
Reverse DNS
p256-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
kuid
Access-Control-Request-Method
GET
Origin
https://travel.kapook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid,Kcuid,Token,Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
https://travel.kapook.com
allow
OPTIONS, GET
date
Sun, 12 Nov 2023 17:10:05 GMT
vary
Accept-Encoding
me
api-center.kapook.com/v1/market/ 		55 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-center.kapook.com/v1/market/me
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/angular/1.6.1/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.130 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),
Reverse DNS
p256-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
237109949b73d2ee41a8d07042fc132ef14bcb34f443374eb98622686f62ca9f

Request headers

Accept
application/json, text/plain, */*
Kuid
Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://travel.kapook.com
access-control-allow-credentials
true
access-control-allow-headers
X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid,Kcuid,Token,Origin
content-length
79
ic_create.svg
assets.thaibuffer.com/signin_2017/svg/ 		630 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.thaibuffer.com/signin_2017/svg/ic_create.svg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
591e83b3346c9a91bb0ac1c9c658fae064d1b61e238b2efb2f213215323a9882
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2698
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"69a3bec5f075f8dfd9febaa6c4b9b8fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uR01sCrcgJoGIatSheoTMPACG0Aog8w8xtmz5YpjdXXyJPW%2FaCLvS9FCsNKJ%2BYjSywq%2FrWfGg7NFFcee7KFmePoV8MeO8O7Jfk6BB6j40TZLP7I%2FFcQjfWvSaOufhQw5D6p6w8idJlhf1EGvYxA6dnW071o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cf-ray
825062e24f0d37e8-FRA
ic_settings.svg
assets.thaibuffer.com/signin_2017/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.thaibuffer.com/signin_2017/svg/ic_settings.svg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27cccbf9ebf3d40c6f0e333a63884e8970b1ad2d87b45665cdba5bc299895fff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4436
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"6be24dc42247340a17ed9d0d6586c962"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMaPfrQUcmHnRZfHL8CkVurxgN7PbW%2Ff9yfT%2FnsTQEqGqxq2WSjqkoSYklWPFLWC1fV4LVGSBFf9Kfwg9BKJwiMNX3ftxEmOpBwKhLo4Kwyoa4gfi6K4UjUFP3MrPiL0%2FFeC2qWmHVE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cf-ray
825062e24f1037e8-FRA
sign-out.svg
assets.thaibuffer.com/signin_2017/svg/ 		709 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.thaibuffer.com/signin_2017/svg/sign-out.svg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dfde2ba9c506a2ff3279b128416b5c9b53f819ffffa56c0756d7619a74543fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2698
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ac1a0233bba8d1c33826333c7f56bad5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSbe%2B3UcaH4hShxiEs9VfftjVnNeqQbuPXQydthM48CmufoFcUY5kW9pUMOVstswePoDWehxP1JqkgUzbjxAl5va2ax3XBAxW2uzdRhQ6V2cWlTAAOs9bweUXv%2FBdLgjB3IUdFKPwyU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cf-ray
825062e24f1237e8-FRA
switch2.svg
assets.thaibuffer.com/portal_config_desktop/header/svg/ 		756 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.thaibuffer.com/portal_config_desktop/header/svg/switch2.svg
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a298162070e6c98a3babbbacfb38fb188d1ea28e7f14c61524426b4414f2cba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
993
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"9268bf98e0473a17fecc41217f394c06"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRVBlrEDVOzcwSQtVLtCs%2F8QrzNUsi8jYDbiJpKXaqJspy0zhIwI7eZ87EgAlagRfffZYKwtHEJkloTIxpqf3wqYPu3whao0SpK%2FLCXrQhreMbm4GyUTbqwop%2B2jCFLejfSrZPb0GIU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cf-ray
825062e24f1437e8-FRA
1774480-15.js
smarttag.rubiconproject.com/a/22392/330930/ Frame 103C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774480-15.js?&cb=0.03593293357765326&tk_st=1&rf=https%3A//travel.kapook.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e1ddd8d3beb13fe24b547b9d153907154ce86c56940afaf6dc8a3ade70821b29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Wed, 17 Sep 1975 21:32:10 GMT
1774478-57.js
smarttag.rubiconproject.com/a/22392/330930/ Frame 6E80 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774478-57.js?&cb=0.6698515156232534&tk_st=1&rf=https%3A//travel.kapook.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4332e8074a3e0437193b2ba885f90299fbf1b72bfa88fadfbde19b963947ea24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Wed, 17 Sep 1975 21:32:10 GMT
1774484-2.js
smarttag.rubiconproject.com/a/22392/330930/ Frame 9458 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774484-2.js?&cb=0.05477674946942801&tk_st=1&rf=https%3A//travel.kapook.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_2&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
55f2625c08eaa7a6a15692b56d75e76ab8529887b2354767b54b7bfba3c13b57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
avd.innity.com/dc/ 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=143&cuid=a1a803fb690aebc4191eb2264010f667&cb=1699809004033&douid=&sess=236231441.143.1699809004027&dur=0&ref=https%3A%2F%2Ftravel.kapook.com%2F&srf=&pk=&pt=%E0%B8%AA%E0%B8%96%E0%B8%B2%E0%B8%99%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%97%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7%20%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%9E%E0%B8%B1%E0%B8%81%20%E0%B9%82%E0%B8%A3%E0%B8%87%E0%B9%81%E0%B8%A3%E0%B8%A1%20%E0%B8%A3%E0%B9%89%E0%B8%B2%E0%B8%99%E0%B8%AD%E0%B8%B2%E0%B8%AB%E0%B8%B2%E0%B8%A3%20%E0%B8%A3%E0%B9%89%E0%B8%B2%E0%B8%99%E0%B8%81%E0%B8%B2%E0%B9%81%E0%B8%9F&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 17:10:04 GMT
Last-Modified
Sun, 12 Nov 2023 17:10:04 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/ 		43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=a1a803fb690aebc4191eb2264010f667&type=cookie&itmcb=1699809004033
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Nov 2023 17:10:04 GMT
Last-Modified
Sun, 12 Nov 2023 17:10:04 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
fontface.css
my.kapook.com/fonts/chatthai/ Frame 9466 		321 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/chatthai/fontface.css
Requested by
Host: cacheportal.kapook.com
URL: https://cacheportal.kapook.com/iframe_widget.php?portal=travel&portal_id=6&page=home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cacheportal.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 08:33:12 GMT
etag
W/"646b28c8-141"
content-type
text/css
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:04 GMT
spinner.gif
my.kapook.com/lottery/images/ Frame 9466 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/lottery/images/spinner.gif
Requested by
Host: cacheportal.kapook.com
URL: https://cacheportal.kapook.com/iframe_widget.php?portal=travel&portal_id=6&page=home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
66af4b6ecf2e600238c6f4bb6a27f06a0d702572729e87b94cc613e929aaa687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cacheportal.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
last-modified
Mon, 22 May 2023 08:34:00 GMT
etag
"646b28f8-1365b"
content-type
image/gif
cache-control
max-age=604800
accept-ranges
bytes
content-length
79451
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:04 GMT
jquery-3.2.1.min.js
my.kapook.com/jquery/ Frame 9466 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery-3.2.1.min.js
Requested by
Host: cacheportal.kapook.com
URL: https://cacheportal.kapook.com/iframe_widget.php?portal=travel&portal_id=6&page=home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cacheportal.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
gzip
last-modified
Mon, 22 May 2023 08:33:40 GMT
etag
W/"646b28e4-15283"
content-type
application/javascript
cache-control
max-age=604800
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:04 GMT
all.js
api.dmcdn.net/ Frame 9466 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/all.js
Requested by
Host: cacheportal.kapook.com
URL: https://cacheportal.kapook.com/iframe_widget.php?portal=travel&portal_id=6&page=home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
a486a5eaec40b9f65f15e630f77f5530b91ccecf1e0d18a5c5c2d218e7584edb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cacheportal.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
gzip
age
80971
server-timing
total;dur=1, dc;desc="dc3"
content-length
11001
last-modified
Tue, 18 Oct 2022 08:55:52 GMT
server
DMS/1.0.42
etag
"634e6a18-7574"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-llid
3e198ecc642426594a67b73a124e183f
expires
Sun, 12 Nov 2023 18:40:33 GMT
notfound.jpg
my.kapook.com/images/ Frame 9466 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/images/notfound.jpg
Requested by
Host: cacheportal.kapook.com
URL: https://cacheportal.kapook.com/iframe_widget.php?portal=travel&portal_id=6&page=home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
8297df6f59960af9ecaa73d9fa3dd3ab128345d6ae8c6f1b5eac6fd119e2690c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cacheportal.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
last-modified
Wed, 26 Jun 2019 06:50:05 GMT
etag
"5d13159d-11853"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
71763
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6E80 		103 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774478-57.js?&cb=0.6698515156232534&tk_st=1&rf=https%3A//travel.kapook.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff1f856dae387b3875dc0bf88df59f71458dcd2d18398e0d8dbc4a272f3f7c48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31797
x-xss-protection
0
server
cafe
etag
236 / 19673 / 31079511 / config-hash: 5108900474499610176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:10:04 GMT
usync.html
eus.rubiconproject.com/ Frame BB93 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774478-57.js?&cb=0.6698515156232534&tk_st=1&rf=https%3A//travel.kapook.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Nov 2023 17:10:04 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
2c84edae-ee41-4fa2-8565-0ef98f25c0f6
beacon-ams3.rubiconproject.com/beacon/d/ Frame 6E80 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/2c84edae-ee41-4fa2-8565-0ef98f25c0f6?oo=0&accountId=22392&siteId=330930&zoneId=1774478&sizeId=57&e=6A1E40E384DA563B4278E6C66190B8612F6E74B8EBB7B37B6C2CB741EEB48AA733165F844FA580ACC6FC459E6E9A11789F0BE1F8337FD75DF4B25800DE2FCEB54B5DBA4FA0789D6FB8EFC21D83CF2A4C63AF685AF18256F34E2484A26994CBAE9D8359D360635B5241C0A617DC393FBB109478760DFABCFE32997889F1DA11D8
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::67 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:04 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
truncated
/ Frame 6E80 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d247b603b07408af80633a6363da609ae63f7415d79826d5118ca17dc2a267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
widget
common-api.kapook.com/ Frame 9466 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://common-api.kapook.com/widget?template_id=6
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.194 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),
Reverse DNS
p320-nasbkkST3.C.csloxinfo.net
Software
/ Express
Resource Hash
86895a53ee30d41959d688527f26be06d7b4d83cd1a93bb80703c681eddb998d

Request headers

Accept
*/*
Referer
https://cacheportal.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
x-powered-by
Express
etag
W/"424-zR0UlxYuihiQXxSkRz+ISZ5kL60"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cacheportal.kapook.com
access-control-allow-credentials
true
access-control-allow-headers
X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,Host, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,kuid,Kcuid,Taxid,Token,Origin,GenerateKey,UserID
content-length
1060
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9458 		103 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774484-2.js?&cb=0.05477674946942801&tk_st=1&rf=https%3A//travel.kapook.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_2&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f1ddd2830203e34f3434ea1fac6e9535a819b299751a11b7f7d9b6a138a8b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31793
x-xss-protection
0
server
cafe
etag
879 / 19673 / 31079592 / config-hash: 5108900474499610176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:10:04 GMT
usync.html
eus.rubiconproject.com/ Frame 3F4D 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774484-2.js?&cb=0.05477674946942801&tk_st=1&rf=https%3A//travel.kapook.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_2&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Nov 2023 17:10:04 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
311af2df-ebdd-4adf-adcd-79256e2430d1
beacon-ams3.rubiconproject.com/beacon/d/ Frame 9458 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/311af2df-ebdd-4adf-adcd-79256e2430d1?oo=0&accountId=22392&siteId=330930&zoneId=1774484&sizeId=2&e=6A1E40E384DA563B5F331ACB53D1A32EA08D3C1EB7605013D2897D7390A7E72C4610E9F307943F9FFF9A6B95E0665FD39F0BE1F8337FD75DF526A231F0D30D814B5DBA4FA0789D6FB8EFC21D83CF2A4C63AF685AF18256F34E2484A26994CBAECADB6A78211568C1E88DF292E44BC6F1109478760DFABCFE32997889F1DA11D8
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::67 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:04 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
truncated
/ Frame 9458 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32b8f7fe771c69d41c0091b53aa3ac56d02d6521839981d948dedfe323d728f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame BB93 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6bab66166f1a4f71f3fe93c6adfe3badd524c44b8b2e616309715633e0294040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 17:10:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 Nov 2023 23:41:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23467
Connection
keep-alive
Content-Length
13279
Expires
Sun, 12 Nov 2023 23:41:11 GMT
khaos.json
token.rubiconproject.com/ Frame BB93 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
usync.js
eus.rubiconproject.com/ Frame 3F4D 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6bab66166f1a4f71f3fe93c6adfe3badd524c44b8b2e616309715633e0294040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 17:10:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 Nov 2023 23:41:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23467
Connection
keep-alive
Content-Length
13279
Expires
Sun, 12 Nov 2023 23:41:11 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 103C 		103 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774480-15.js?&cb=0.03593293357765326&tk_st=1&rf=https%3A//travel.kapook.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b3a318cec363934ec36e78e45a16bed67288d69cacc4e2f310302a24353729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31797
x-xss-protection
0
server
cafe
etag
358 / 19673 / 31079530 / config-hash: 5108900474499610176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:10:04 GMT
usync.html
eus.rubiconproject.com/ Frame F839 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774480-15.js?&cb=0.03593293357765326&tk_st=1&rf=https%3A//travel.kapook.com/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Nov 2023 17:10:04 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
e8feff15-99e5-4705-b9a5-d31d6fe8ab2c
beacon-ams3.rubiconproject.com/beacon/d/ Frame 103C 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/e8feff15-99e5-4705-b9a5-d31d6fe8ab2c?oo=0&accountId=22392&siteId=330930&zoneId=1774480&sizeId=15&e=6A1E40E384DA563BAB0FC55843E44C785A11907476C1E557B2B520823E76D8774A4EE44E5326F2C379A42F6B303B281C9F0BE1F8337FD75D064128D848AD818A56B6A1596DCAB301C9235166DC3A569164F8EA6123DAAC47056FC31072721DF978DA7790A848D72D59C1FC1516A2D351109478760DFABCFE32997889F1DA11D8
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::67 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:03 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
truncated
/ Frame 103C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa4870014f01c1231437c693078dafdb4060f25b9b629736ff7425f635463f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
khaos.json
token.rubiconproject.com/ Frame 3F4D 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/ Frame 6E80 		427 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97099da6fb4c43aa8cd1fa2cfb9dfefe93b07b3eac3fc20fc7094ff482871d39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 10:31:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
23903
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136817
x-xss-protection
0
server
cafe
etag
14142176788290477171
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 11 Nov 2024 10:31:41 GMT
usync.js
eus.rubiconproject.com/ Frame F839 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6bab66166f1a4f71f3fe93c6adfe3badd524c44b8b2e616309715633e0294040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 17:10:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 Nov 2023 23:41:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23467
Connection
keep-alive
Content-Length
13279
Expires
Sun, 12 Nov 2023 23:41:11 GMT
khaos.json
token.rubiconproject.com/ Frame F839 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
bulk
trc.taboola.com/kapook/log/3/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/kapook/log/3/bulk?tvi2=4948&tvi48=11593&tvi50=13623&route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231109-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
17
date
Sun, 12 Nov 2023 17:10:04 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
13965
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-cph2320058-CPH
pragma
no-cache
server
nginx
x-timer
S1699809005.748930,VS0,VE17
content-type
image/gif
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/ Frame 103C 		427 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97099da6fb4c43aa8cd1fa2cfb9dfefe93b07b3eac3fc20fc7094ff482871d39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 13:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
11878
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136817
x-xss-protection
0
server
cafe
etag
14142176788290477171
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 11 Nov 2024 13:52:06 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 6E80 		123 KB
41 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2636775421236974&correlator=3409490008495089&eid=31079443%2C31079233%2C31079380%2C31079511%2C31079527&output=ldjh&gdfp_req=1&vrg=202311060101&ptt=17&impl=fif&iu_parts=16357739%2Ctravel_970_pc&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C970x250&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3D473c3934d8add08b%3AT%3D1699809003%3ART%3D1699809003%3AS%3DALNI_MYQFiJBVuqHKy5BDdfLCTKXK25JCA&gpic=UID%3D00000cc125544923%3AT%3D1699809003%3ART%3D1699809003%3AS%3DALNI_MaIXD61dmQ0_oy2PF06lIvih3XkLQ&abxe=1&dt=1699809004652&lmt=1699809004&adxs=315&adys=1838&biw=1600&bih=1200&isw=970&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=p087ijqjoxvp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Ftravel.kapook.com%2F&ref=https%3A%2F%2Ftravel.kapook.com%2F&top=https%3A%2F%2Ftravel.kapook.com%2F&vis=1&psz=970x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=2050826997.1699809003&ga_sid=1699809005&ga_hid=472836722&ga_fc=true&dlt=1699809003855&idt=776&prev_scp=passback%3Dmagnite&adks=3607522150&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f7735e909657be0df267d90f04a0dfac08e72b5941f7bdf8b92a516389377e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41480
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 95CD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:04 GMT
expires
Mon, 11 Nov 2024 17:10:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame 9458 		429 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 10:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
24615
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 11 Nov 2024 10:19:49 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sun, 12 Nov 2023 17:10:04 GMT
via
1.1 varnish
x-amz-request-id
DDQ4N5PH847FSFFN
age
2997
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
aqXZ5TfXP8iRdMdELepuMA5C/5ciFi+p6Ky8KbHabejFtNJHH4peFIuNVRC4MRKY5KotSYHDQrQ=
x-served-by
cache-cph2320058-CPH
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1699809005.748908,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
30
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
214
ads
securepubads.g.doubleclick.net/gampad/ Frame 103C 		54 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3942912560862543&correlator=433105786327305&eid=31079443%2C31079521%2C31079530%2C31079527&output=ldjh&gdfp_req=1&vrg=202311060101&ptt=17&impl=fif&iu_parts=16357739%2CBoom_Box_300x250_Travel_Page&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x250%7C336x280&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3D473c3934d8add08b%3AT%3D1699809003%3ART%3D1699809003%3AS%3DALNI_MYQFiJBVuqHKy5BDdfLCTKXK25JCA&gpic=UID%3D00000cc125544923%3AT%3D1699809003%3ART%3D1699809003%3AS%3DALNI_MaIXD61dmQ0_oy2PF06lIvih3XkLQ&abxe=1&dt=1699809004726&lmt=1699809004&adxs=1100&adys=1185&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=azuk0mrumykg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Ftravel.kapook.com%2F&ref=https%3A%2F%2Ftravel.kapook.com%2F&top=https%3A%2F%2Ftravel.kapook.com%2F&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=2050826997.1699809003&ga_sid=1699809005&ga_hid=981433719&ga_fc=true&dlt=1699809003825&idt=877&prev_scp=passback%3Dmagnite&adks=1545123407&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
426d1b38bc1c15f3559cc0c402cb1d3f291d762254ecc9063e6aa5802b704d5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12022
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://travel.kapook.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c3c654c49e520c851321dc55bd170e78.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 123E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3c654c49e520c851321dc55bd170e78.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:04 GMT
expires
Mon, 11 Nov 2024 17:10:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9458 		22 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3937491724862891&correlator=2839831232215611&eid=31079519%2C31079592%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=16357739%2CLB_Travel_Page&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3D473c3934d8add08b%3AT%3D1699809003%3ART%3D1699809003%3AS%3DALNI_MYQFiJBVuqHKy5BDdfLCTKXK25JCA&gpic=UID%3D00000cc125544923%3AT%3D1699809003%3ART%3D1699809003%3AS%3DALNI_MaIXD61dmQ0_oy2PF06lIvih3XkLQ&abxe=1&dt=1699809004769&lmt=1699809004&adxs=436&adys=3067&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=1&ucis=ti83uv684hg6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Ftravel.kapook.com%2F&ref=https%3A%2F%2Ftravel.kapook.com%2F&top=https%3A%2F%2Ftravel.kapook.com%2F&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=2050826997.1699809003&ga_sid=1699809005&ga_hid=1702896034&ga_fc=true&dlt=1699809003848&idt=902&prev_scp=passback%3Dmagnite&adks=3348262888&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d889a4f0fb64c3ccfbd8dc37234ce8a80fa44b1bfbf488f7b36c02928dc4b9f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10222
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 94A1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:04 GMT
expires
Mon, 11 Nov 2024 17:10:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6E80 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBVLf10yOh1s-jCx8whq6Y_Ujv2fWZ1-OQF0IJuxRleQEf2qxrJvQKVuP1jADPTQhxaknzbbHUUlOLXJHDCGWHbCAbJzW620qZ_KoO1UpbGr1hDWd2aP-EO7Mb4O79XDpCFQz_lhWSrX11XPqrUPimz4pMTu7iwJKwMzZX1W9-gug3s5uvW263aip5qlAqbvx3gZx5swh4KmHGUfAm1wSWW1vOk6IrmflKe3JIrAQ0igYPj7v9afxqoXuOyu8zPaX3uGIaZzddx6afPEFkZYhoahWNSraTCl3wRQpnBgUk0lYlPZ9dUo3uO5hPNHlPLXUB2c_Ll-qau8-9x4Ac_ADBuB4rGEKp1HL-9Y7p1-NHRPYZ&sai=AMfl-YTsnXOwZFA4kk6e7JsRm87FyJC4v18QffwnvNaDfo_Z94Nl6RwBc_IaPgNCAKmINQ3CZy1BKGr9nUp-RfzT4J8gh0_-e4kQXV4eno96i2gIKtIQnN_0k76gXTNSMAC5L5OIxOJnx9EZJyEi5Gixdvc&sig=Cg0ArKJSzDcRghOHxSH8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Nov 2023 17:10:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6E80 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68a74faccf1effbef222a080bb168c97fb65dc45d65968e4a5ee33143cfb30d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12008
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 103C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugndJyVYgjErOm9j1ePxDXrecdJcZ90A96elooMngO6dNF7mLrM0P2BSa9TzwndnubAa49W-b5Ia90k-yRnRSa5A-8MxF3kUbN4Q7Sfn1M9M50PB6k2XgZXbeE9nvS0lBc2vyChVAr28Nfb5DpEeUaZa94kRBwpzSc98EiKg6DIBXY_W9izbLlQfbRpCflDB4850bBLfbRzK_TL819kNNOpy1bqqN4HygIlCV0aakD1H8EPf0HHEPzxoHzKmCak74wZU4LJ7M5mtiCgSFaVqmN8y8lx4d-geeM56d__lplXJCHRTLaHiCQi63tCHpqU1kt6HFvmYFBd-TycfObxr_a0MPj2kdqfY-1WM_RQLb6Wp-b8qf997QkcgU6lLKUwZv88m0&sai=AMfl-YQZj_-6bJLltpRfloZ4rolzuWyhdyjvIdhGIos5TLMjK6ihd-RnazCLXG8A07JeR0R6VUFoMkpMOID0sbfJPXDg_7y5A_qBDkxY7_MCWCWdg8pxHXD0v1VQvJpfiVb9L35rufLFur2cZom9d-tryoQ&sig=Cg0ArKJSzFIYVNgY4zcrEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Nov 2023 17:10:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 103C 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b9afe9d31fdf33d3e4ceb6377eb6a2e7a915527cd8d00941ec482aee5cad52f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12281
x-xss-protection
0
137ef17a-19f1-4d4e-a49b-c6282cdc51fa.jpg
s359.kapook.com/config-desktop/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s359.kapook.com/config-desktop/137ef17a-19f1-4d4e-a49b-c6282cdc51fa.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
b68390e39dc224f47c93f751681626848277b0e932a3e70f7920060171307000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:06 GMT
last-modified
Mon, 06 Nov 2023 03:16:31 GMT
etag
"65485a8f-cf11"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
53009
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:06 GMT
6cfa2cc6-e1ff-491c-b089-05073143563b.jpg
s359.kapook.com/config-desktop/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s359.kapook.com/config-desktop/6cfa2cc6-e1ff-491c-b089-05073143563b.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
b760b70c887e5837bd3988d9d5ece8e81ac65c6411f5be0c2d6119429031fb0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:06 GMT
last-modified
Thu, 09 Nov 2023 08:24:37 GMT
etag
"654c9745-21a7d"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
137853
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9458 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjuv0z845rmOZ5RWkVwqzBafrgvtsK1OHT7TmXeWexIKh8HwdH_m0DxPS68k8N-_x4tSXZVwjpqhFFRmpv7c1oYcIFj6RoHqeVCG5N83sgK8hzrpF_ERvXmr4uvZyNa32OyTNqDOKCzK9Mss4ZHqyfKYaUUb8hq6A38TsxzxJ1lf_FOKSzKHvitue3jiqj2F1CgbnTadoxpq9kCIFyc3F4ddWjjZSUOGyqGYaQVc_BpN3FOIKaTHBYBXlvaAZpD7Xs_PqjeJf32Q-jig6kmT4aHl9UFEJGS-iXk7Q8VZ6SVqnDiFL2nMbVSo8ZRm7boPN3tPX9rEMn8hhGBssdzxx7CPCyCWp98vLmciK5wi5V0H83&sai=AMfl-YSJZ33NrdT2VFB08m39wBQ-5rVOHuHO7Qf0b_1woySl_zIVv3Wo6WkPait3IhQFjNmxYV7ZJ9XQTzbrEjA-iz7kopyLzDDrhuR1Oy5B5PXu3maAwbLkcpsKfGelGvUCHymai3oK9Ti1PPbSSMniBE0&sig=Cg0ArKJSzCFIbU2OeNCfEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Nov 2023 17:10:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9458 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f0e7f7c9e5509ec27009da90a4d3d94a22fe0b91073fd63be13e3639feb1adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12298
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 103C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Nov 2023 17:10:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6E80 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Nov 2023 17:10:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9458 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Nov 2023 17:10:05 GMT
dc1f05f9-005d-45c8-843b-5caf78eb95ac.jpg
s359.kapook.com/config-desktop/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s359.kapook.com/config-desktop/dc1f05f9-005d-45c8-843b-5caf78eb95ac.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
e2ccb6135d35607dd5cc5635509eb7e738e6ecc5fca4fbd2a9ef53fb188cfa5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:06 GMT
last-modified
Thu, 09 Nov 2023 08:25:02 GMT
etag
"654c975e-1f537"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
128311
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:06 GMT
b844d4e6-733b-49bf-8642-1ea8b4f143a9.jpg
s359.kapook.com/config-desktop/ 		201 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s359.kapook.com/config-desktop/b844d4e6-733b-49bf-8642-1ea8b4f143a9.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d4be81275ce2fc658832db761922b1d12c5ea4304c3e142b1b035075fa67d3e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:06 GMT
last-modified
Mon, 06 Nov 2023 03:17:25 GMT
etag
"65485ac5-325dc"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
206300
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:06 GMT
4703a20e-cc8d-4861-ab90-3fadb0673bdb.jpg
s359.kapook.com/config-desktop/ 		208 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s359.kapook.com/config-desktop/4703a20e-cc8d-4861-ab90-3fadb0673bdb.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
2d0450c75ac5210708c38762c9e88373908b2610436dcc74b07cb082a52d3b1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:06 GMT
last-modified
Mon, 06 Nov 2023 03:17:54 GMT
etag
"65485ae2-33f9c"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
212892
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:06 GMT
b5198586-2764-4281-b5a5-d51cb81f951f.jpg
s359.kapook.com/config-desktop/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s359.kapook.com/config-desktop/b5198586-2764-4281-b5a5-d51cb81f951f.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
fa242f314af3bd4b1d587df6380cca6daaccf3e8e09a60b505bb6051176fa296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:06 GMT
last-modified
Tue, 31 Oct 2023 05:09:31 GMT
etag
"65408c0b-1a47f"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
107647
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:06 GMT
container.html
baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6169 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:04 GMT
expires
Mon, 11 Nov 2024 17:10:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 6169 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
URL: https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 18:19:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
82240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 18:19:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame 6169 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite_fy2021.js
Requested by
Host: baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
URL: https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 18:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
82241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9286
x-xss-protection
0
server
cafe
etag
5170786266788330719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 18:19:24 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame F042 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
URL: https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3494
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 16:11:51 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 6169 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js
Requested by
Host: baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
URL: https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 13:52:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
11877
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 13:52:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 6169 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
URL: https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 18:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
81730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 18:27:55 GMT
l
www.google.com/ads/measurement/ Frame 6169 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRbTTPnSNZdZSiNfyPBHNNsTrPMXB5dCuqz--u1RT77r5OHfJQqysUQE5-15ZhPPWwwsCC0P6zD_Tj-tSJe8BUvWt8NzQ
Requested by
Host: baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
URL: https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6169 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
URL: https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:10:05 GMT
81801f102bbf3ca11da2806ffde236a3.js
www.gstatic.com/mysidia/ Frame 6169 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
URL: https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 17:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15369
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 05:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 17:46:39 GMT
8775817143844627773
tpc.googlesyndication.com/daca_images/simgad/ Frame 6169 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/8775817143844627773?w=600&h=314&tw=1&q=75
Requested by
Host: baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
URL: https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7adfedca59bd2a3363a08a39b6ad05f658f2e93642c825b0106dafa222b89c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29688
x-xss-protection
0
last-modified
Wed, 08 Feb 2017 19:25:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 Nov 2023 17:10:05 GMT
truncated
/ Frame 6169 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e00de4417916c8714e74125c11326c2b1b735260e048035bb9df86629a4c6fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame CC1A 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 10 Nov 2023 02:37:57 GMT
age
225128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Nov 2024 02:37:57 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame CC1A 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 10 Nov 2023 04:12:48 GMT
age
219437
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Nov 2024 04:12:48 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame CC1A 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 10 Nov 2023 03:53:12 GMT
age
220613
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Nov 2024 03:53:12 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame CC1A 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 10 Nov 2023 04:10:49 GMT
age
219556
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16661
x-xss-protection
0
server
sffe
etag
"6d0f8508d14b183a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Nov 2024 04:10:49 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame CC1A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 10 Nov 2023 01:14:32 GMT
age
230133
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Nov 2024 01:14:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame CC1A 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311060101/pubads_impl.js?cb=31079530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 09 Nov 2023 14:54:32 GMT
age
267333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 08 Nov 2024 14:54:32 GMT
truncated
/ Frame CC1A 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a241e1284542f8d93895d520359a8f119bae9db6131f11fba11f437cdfe950d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CC1A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 02:56:39 GMT
x-content-type-options
nosniff
server
cafe
age
51206
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3306
x-xss-protection
0
expires
Mon, 13 Nov 2023 02:56:39 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CC1A 		344 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:58:21 GMT
x-content-type-options
nosniff
server
cafe
age
36704
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 13 Nov 2023 06:58:21 GMT
l
www.google.com/ads/measurement/ Frame CC1A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6IPbIrilvPHeQlqfEK5soUaVwVVbY7feWMoaIlf157tA_rMVPUr7aaPAwDN6yOQ8Wo1m7HMD2f7WHl8HAPfUcXNC6Qw
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
bg1.jpg
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/bg1.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41d685c8f8aad1faa965a43bd9e95c4031c027af46cf63c285f53d60bc3e0fe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 04:14:02 GMT
x-content-type-options
nosniff
age
219363
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16993
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Nov 2024 04:14:02 GMT
bg2.jpg
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/bg2.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa57cb6465ecfd0552067dddd16f69cfbfbf756713117385dda7e7bcb1050d7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 04:14:02 GMT
x-content-type-options
nosniff
age
219363
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16375
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Nov 2024 04:14:02 GMT
bg3.jpg
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/bg3.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5281a3ed7ded471835f14cdac0b1cf295e43b23c7d8fa0c6fe8112572581971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 23:24:56 GMT
x-content-type-options
nosniff
age
582309
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12295
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 04 Nov 2024 23:24:56 GMT
bg4.jpg
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/bg4.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6adcb82ac1c56d24b6371b5a82bba8a42645495fb5b080aab1e2e14469b1d725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 04:11:34 GMT
x-content-type-options
nosniff
age
219511
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18017
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Nov 2024 04:11:34 GMT
logo.png
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/logo.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d54f5f33d060251302360374b5d639b8b6961f6edf71fdec9ee84a46a9cceb2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 23:24:56 GMT
x-content-type-options
nosniff
age
582309
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10141
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 04 Nov 2024 23:24:56 GMT
push4b.png
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/push4b.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
833516392eacde86c60db73a268dae62bb18bdd56b82adfe2ce31125a99d1da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:35:27 GMT
x-content-type-options
nosniff
age
264878
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4808
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Nov 2024 15:35:27 GMT
push4a.png
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/push4a.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2893ebc03822f03fd246ffffcccca7dbbe3d1679e92b6ad76953b4e29070ceda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 23:24:56 GMT
x-content-type-options
nosniff
age
582309
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5703
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 04 Nov 2024 23:24:56 GMT
push3b.png
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/push3b.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e88842d6e3d1a1ee598f6040557c2fdc3190278dfa6a73c8e525b42e9fa94993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 23:24:56 GMT
x-content-type-options
nosniff
age
582309
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3060
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 04 Nov 2024 23:24:56 GMT
push3a.png
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/push3a.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97545e1a3e47febcd6ac74dd5c49f35f080bfbeae7b901bef7d724b96f2bfd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 03:59:54 GMT
x-content-type-options
nosniff
age
220211
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3210
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Nov 2024 03:59:54 GMT
push2a.png
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/push2a.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cec4eec54e24f2e72591b411ae19e42e0ec86e4204f74bde8034d0f635882641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:21:47 GMT
x-content-type-options
nosniff
age
330498
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10555
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Nov 2024 21:21:47 GMT
push1b.png
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/push1b.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
971a1412af002fbae61789f753dcdd6effe4df331795ea99fb49e1628d8fbff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 23:24:56 GMT
x-content-type-options
nosniff
age
582309
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3092
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 04 Nov 2024 23:24:56 GMT
push1a.png
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/push1a.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73e68a48c16c6da2550f2ac9148bce869fb8a966b01e61d7328469677a21565f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 12:45:16 GMT
x-content-type-options
nosniff
age
188689
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5863
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Nov 2024 12:45:16 GMT
cta.png
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/cta.png
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c562eb76b2d9e6382907abd3d2f3694a29f0bb1a335df10ff88da7ad7e622c04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 03:59:54 GMT
x-content-type-options
nosniff
age
220211
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1376
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Nov 2024 03:59:54 GMT
legal.jpg
tpc.googlesyndication.com/sadbundle/3382799344832944138/ Frame CC1A 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3382799344832944138/legal.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
487d03aa235121e6b270fe8519aa7dba066c0153760364e4d2c85d41990a4b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:37:07 GMT
x-content-type-options
nosniff
age
329578
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69431
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 10:05:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Nov 2024 21:37:07 GMT
58925a81-daa6-46c2-a577-b969c54d0789.jpg
s359.kapook.com/config-desktop/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s359.kapook.com/config-desktop/58925a81-daa6-46c2-a577-b969c54d0789.jpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
30551fbc8b5f98e14e92395056a1a8f7a0495e88fee18ea380102cbcec6d475c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:06 GMT
last-modified
Mon, 06 Nov 2023 03:16:55 GMT
etag
"65485aa7-1bbae"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
113582
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF1F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3983
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 16:03:42 GMT
expires
Mon, 11 Nov 2024 16:03:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2841 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1410dea66b49a099be17186a6d7290d6f7d1117d7ad157083992d4746267f273
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PKl4q8M4IepN--spq30GmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-PKl4q8M4IepN--spq30GmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:05 GMT
expires
Sun, 12 Nov 2023 17:10:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 6169 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b2014ed8ad6160249c500029638c83c211b769e0cb85a32d52e95de220b4b56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 2841 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311060101&jk=3942912560862543&rc=
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame F042
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
URL: https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:05 GMT
expires
Sun, 12 Nov 2023 17:10:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:05 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A12 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3983
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 16:03:42 GMT
expires
Mon, 11 Nov 2024 16:03:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F46D 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c91cd4d1e31ed63b8920f21071310c99b4311f85d1c8ce59ac06fee6cf3b5595
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ByhBpZqHlIUPvqwuFvcPQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ByhBpZqHlIUPvqwuFvcPQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:05 GMT
expires
Sun, 12 Nov 2023 17:10:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1C2A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3983
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 16:03:42 GMT
expires
Mon, 11 Nov 2024 16:03:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4959 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ec6f393d93e855b27e2e1b788d7e8b24e3a9d7819ef73568f780679189d42367
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qDJJg1grGYxZrwr15-bRgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-qDJJg1grGYxZrwr15-bRgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:05 GMT
expires
Sun, 12 Nov 2023 17:10:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4AB6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:04 GMT
expires
Mon, 11 Nov 2024 17:10:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame CF1F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 16:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
3983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 16:03:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4DF7 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8YCX-wEwAQ&v=APEucNXY2HKWGwzK_Q5nCVMhQMIj42Ku6SEIcUg7l_OVuoiCBKRrhAH3ZEOa8nuL-IAegrcI2dPOz4WsLlkivHPC3wxeSb-F0CVJy2eU1so8Zc3jyTqageb_-WDrbjBE0dO-OrmcS5ZUDls-Q6oSWpAiDxvfGFzV08s-pMB5JRsVxsuLMjU22Fg
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4AB6 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:10:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AB6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CjTjNJ1ehsLIFl5U-CKeuGr_yfeXX9-4uB-Q593nW5-VnxYqyIdCpwzEMiXN1-pzFajeLjMTWZlWO2Jzj1C9iY_UJikVrkGYsv1HvaUlV1OBsgQTM
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AB6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4858365288530559634&x=1&ct=76
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 4AB6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 13:52:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
11877
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Nov 2023 13:52:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 4AB6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 18:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
81730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 18:27:55 GMT
l
www.google.com/ads/measurement/ Frame 4AB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmtDbq4cIi3q0Nt-XaG2PboN9miPkd6k5nr8trTg1myeH1TSIhQlh3kJ3OZtc4oOAP492k5_Ih-b6u9BCNqlpPB0hOXA
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4AB6 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699570296391874"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 17:10:05 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 6169
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=Cfk3F7AZRZculK_6K7_UPwtGKgASg86fmb_yXqtWwBtKAu_KRDhABIIOEsyhglYKAgMgHoAGXvd7HA8gBAakCQVRMzzHVXT7gAgCoAwHIA8MEqgSwAk_Q9UHIt9kAGcIJNL2hw-SdmU8s...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226291937699058590959%22,%22debug_reporting%22:true,%22destination%22:%22https://smilewifi.com%22,%22event_report_window%22:...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226291937699058590959%22,%22debug_reporting%22:true,%22destination%22:%22https://smilewifi.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22955752087%22],%224%22:[%2211-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213255662454735961905%22}&andc=true
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"6291937699058590959","debug_reporting":true,"destination":"https://smilewifi.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["955752087"],"4":["11-12"],"6":["true"]},"priority":"500","source_event_id":"13255662454735961905"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 12 Nov 2023 17:10:05 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Nov 2023 17:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6291937699058590959","debug_reporting":true,"destination":"https://smilewifi.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["955752087"],"4":["11-12"],"6":["true"]},"priority":"500","source_event_id":"13255662454735961905"}&andc=true
access-control-allow-origin
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F46D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=3937491724862891&rc=
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cfk3F7AZRZculK_6K7_UPwtGKgASg86fmb_yXqtWwBtKAu_KRDhABIIOEsyhglYKAgMgHoAGXvd7HA8gBAakCQVRMzzHVXT7gAgCoAwHIA8MEqgSwAk_Q9UHIt9kAGcIJNL2hw-SdmU8sc8eV6y8i4V_sYfx_xf5J2uWyzmEhiE0Uvu3145qBpaoLA9l06LAu8WTx553xCdTq0EbaLsh-PAQWtDEhAoUlcUoykD_sqDnuJUwXrD7HVBEdeKoakhN5_Ma9lMX3GTbl73dE-jCFEjBwDIYoyX5qyqcVRipUI4fjuMNFUYxtbcKF9MXYjoWsuE32vyqp_7WDar9530kRD936tEZswGZBTjcDDzB3vfexi-bs4qVgaKFpheOEMkYOd1dN5Lf-Q5Fu9OGvT2tFWMFKBjyel2ec8ePcST8WMC8K5DmuLzo0IAdPzk-e1J2WOkSY9GIFugFfrLImykHTnPaMu8srr4B5AVJ2V_VE-jy8jKkeYNpeKxm-1vHbO56khOE1GKrABJGz6-5Q4AQBiAWpkuagAZIFBAgEGAGSBQQIBRgEoAZRgAfRwqE4qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQpuYM0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJI2h0dHA6Ly93d3cuc21pbGV3aWZpLmNvbS93aWZpLWphcGFugAoDyAsBogwMKgoKCOS0sQLutbEC4g0TCIG6pP_5voIDFX7FuwgdwqgCQNgTC4gUA9AVAZgWAYAXAbIXHgocCAASFHB1Yi0yMjUyMTY4NDE5MzA3ODgwGMvCEw&sigh=Pq6pcyDIi7I&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNgde_4caUXfm9Z3loCP-JtNP72FzoVqKDzxNGrxxJ1mE3rMgaS2_VyAFOXE7Aad62iamB2O99GAE&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 12 Nov 2023 17:10:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftravel.kapook.com%2F&domain=travel.kapook.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://travel.kapook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 12 Nov 2023 17:10:04 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
222429
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftravel.kapook.com%2F&domain=travel.kapook.com&cw=1&pbt=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
198624
expires
0
prebid
id5-sync.com/api/config/ 		135 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
95a74a9016350ab24f2b6ac40278f84e06bbef33f491a5c77f3ccbd14b501bde
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://travel.kapook.com
date
Sun, 12 Nov 2023 17:10:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		43 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache
x-server
10.45.29.67
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ 		63 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
68dd06112fc046b2a7905cdd6f36a706823bfabb97dcdd54952f820457c2c719

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://travel.kapook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 12 Dec 2023 17:10:05 GMT
6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
pagead2.googlesyndication.com/bg/ Frame ABF2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 00:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
232436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15097
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 00:36:09 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 5A12 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 16:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
3983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 16:03:42 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 1C2A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 16:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
3983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 16:03:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4959 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311060101&jk=2636775421236974&rc=
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 4DF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0wBbB1e_L4m0tq6NFWPQE&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0wBbB1e_L4m0tq6NFWPQE&google_cver=1&C=1
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0wBbB1e_L4m0tq6NFWPQE&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8YCX-wEwAQ&v=APEucNXY2HKWGwzK_Q5nCVMhQMIj42Ku6SEIcUg7l_OVuoiCBKRrhAH3ZEOa8nuL-IAegrcI2dPOz4WsLlkivHPC3wxeSb-F0CVJy2eU1so8Zc3jyTqageb_-WDrbjBE0dO-OrmcS5ZUDls-Q6oSWpAiDxvfGFzV08s-pMB5JRsVxsuLMjU22Fg
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5IHizmiFON9fnPxO6wSFOuiph6bknQ5dQa6HFgEaLdoiLTkNvIMlQ6piEPfCkbwOaQYsAl8jX6H2vqDdx8oYKAJ3etFq4Opp7nuJXkv78%2FKuoWBNL39y7r9lxVw6rTWTdYvUqgpQlacBw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825062ecfc35196a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdW3ViHs6xXiiglLKdnpWHT5N4QXrYotZxpFhJaRUv8PWpHzs5WhT02FxMpUAxPOJ3HgFdO1UWSOXHKIgc8As6H89GP1CRKD4hmMgv0gKSUgSOQDmMlfHbFEq%2Byggslyu20USWBy2frSiw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEK0wBbB1e_L4m0tq6NFWPQE&google_cver=1&C=1
cache-control
no-cache
cf-ray
825062ec7b47196a-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 4DF7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVEG7Z2-4AfEphrM19aufwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0wBbB1e_L4m0tq6NFWPQE&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0wBbB1e_L4m0tq6NFWPQE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8YCX-wEwAQ&v=APEucNXY2HKWGwzK_Q5nCVMhQMIj42Ku6SEIcUg7l_OVuoiCBKRrhAH3ZEOa8nuL-IAegrcI2dPOz4WsLlkivHPC3wxeSb-F0CVJy2eU1so8Zc3jyTqageb_-WDrbjBE0dO-OrmcS5ZUDls-Q6oSWpAiDxvfGFzV08s-pMB5JRsVxsuLMjU22Fg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svpPZBqfu62gNOME%2Ft2aMzmcn6O0B4AblO1ePOIIXnui%2Fr4pMixZeNak2ndKtIhQHkNqupJ%2Bik%2BGOm56xVAyRfmHQpsayNwCRIigcd6U6UQui%2FGoHAHssgGk3O2pAFvdDum9T6dgq8FKQA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825062ed4a2a9250-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK0wBbB1e_L4m0tq6NFWPQE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 4DF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIc975AVqHcjpqfWrYkZPUY&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIc975AVqHcjpqfWrYkZPUY%26google_cver%3D1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIc975AVqHcjpqfWrYkZPUY%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8YCX-wEwAQ&v=APEucNXY2HKWGwzK_Q5nCVMhQMIj42Ku6SEIcUg7l_OVuoiCBKRrhAH3ZEOa8nuL-IAegrcI2dPOz4WsLlkivHPC3wxeSb-F0CVJy2eU1so8Zc3jyTqageb_-WDrbjBE0dO-OrmcS5ZUDls-Q6oSWpAiDxvfGFzV08s-pMB5JRsVxsuLMjU22Fg
Protocol
H2
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
an-x-request-uuid
11d8c3f2-5dc7-44ab-8016-53c712eb95c7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.21; 217.114.218.21; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
an-x-request-uuid
fb48ea55-2195-4891-8057-74c73d511a8d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIc975AVqHcjpqfWrYkZPUY%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.21; 217.114.218.21; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4DF7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NzUzMjM4MzU3NjA3MDUyNA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NzUzMjM4MzU3NjA3MDUyNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8YCX-wEwAQ&v=APEucNXY2HKWGwzK_Q5nCVMhQMIj42Ku6SEIcUg7l_OVuoiCBKRrhAH3ZEOa8nuL-IAegrcI2dPOz4WsLlkivHPC3wxeSb-F0CVJy2eU1so8Zc3jyTqageb_-WDrbjBE0dO-OrmcS5ZUDls-Q6oSWpAiDxvfGFzV08s-pMB5JRsVxsuLMjU22Fg
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
an-x-request-uuid
c065c2ae-35e8-4b80-a38c-e898e17009fe
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2NzUzMjM4MzU3NjA3MDUyNA%3D%3D
x-proxy-origin
217.114.218.21; 217.114.218.21; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
9a2f13e28b91e7572c32ba13ca389a4fb13519ea877ecb5803f3e6d32b16e568
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://travel.kapook.com
date
Sun, 12 Nov 2023 17:10:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
adview
securepubads.g.doubleclick.net/pagead/ Frame CC1A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbVeR7AZRZarOL_7E7_UP34Wf8A_Dk9iQdO2g-tvzEerb6JnLARABIIOEsyhglYKAgMgHoAGBja-bA8gBCakC0ktZ957tsT7gAgCoAwHIAwiqBMACT9BBoFEHRB309AxmweuiIzshPR8k6gCLuQdqSbJwa6kD0AFjEmyGe9yem8phK87q_mO6yJjYhl94rUJu3uDbgG1T0lueFOv-EyMkeV6iu4msEcmULdVKdnK28HLtEiUcbEzzBPIZxOzBQOCX1c1_26vhTnjZ1MoB9Gu_i0wvzmgVIgLayOk-lA_IotDoKaiIkQ2GTpvNphM7G-xdsnSJNZfmmyMitpz2DIM-06lRaZwhRDrHWguWyNQnQZe1ybtnbbt87t03Vg2_FKwHM4RwsttJxl0dnseZqLwDFi-dOPQffEuhj_j3pZa86qsNZRAuFgP1tyW5ybh91iEFGlKoTyfG-iSMN-kmVxHSVOamGrvQCDQcpl4s4piNGrgrxo--0ghtSddlmxgsBeM00MdZB2a0qIqtGodElDeUUYJ4msPABKWu_vnABOAEAYgFgq-Mi02SBQQIBBgBkgUECAUYBKAGLoAHl-KJ2AGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBColgfSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgk4aHR0cHM6Ly9yZW5hdWx0LWNhcnVuaW9uLXNjaG1hbGthbGRlbi5kZS9LYW1wYWduZS1NZWdhbmWACgPICwGiDAwqCgoI5LSxAu61sQLiDRMI8vOo__m-ggMVfuK7CB3fwgf-2BMK0BUBgBcBshceChwIABIUcHViLTIyNTIxNjg0MTkzMDc4ODAYy8IT&sigh=6OeJTAWiNUQ&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNLRrQd5E643OAc7UaUfEEa86sQVFQiRxf3CV9JQQ4udrMNeDfljU--qP7hYx0UF7sGxCS6JKUGAE&template_id=419&cbvp=2
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AB6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8466633056339&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AB6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8466633056339&version=m202309260101&ct=76&x=1&cor=4858365288530560000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4AB6 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6HqGV6hNOf5EMJHh9Evu1ZzdwJOuOQb0cmQCv1GJptFY6E4ZcNKMkTWuYzzHqC5N9zz4JJwwA-nleyWjZLmRhcuAL4kzqokCxCso2uxWZ1ATMuATk0mxTTSoemmyoD5F29drk7KLwSVcnbl15Pdshsg7zFS5yxTpc0yYv4zsvfqsc3b8&dbm_d=AKAmf-CVFldj2weviidBI1vFSWmuM7UucJIhLUsaHFuOr8oXAz9ejOtwlLbUcfjHt57C9eHKhm9qOuUNixlPlQmoizdzbsGy28I2HWf1i5bceMgUmW0Vcq6YWzBu2iLyWHXeSdH3ecsAFTX8FgM4xjwO7XuOYaaS7xN69QZ5-Q_ZHkD5vrRaFBO67SJDcyaqI6FzvNa_zu4sreFSJ5_SECKGCHC29u4NHv0WF1Wal_5OzhJON4SkmMKoC7mhkyw6pfsHGeBvEj3Wr-Gc7-k3PIhQ6Jo1CHRGTMKCHVaN_fTeRQTaAMr6JZqShiYeWOZ8pQtc89cxA1CRysvZX0VNMgR-VaIdHjhLZb8IJpOOFpB8POWaSp0BuBtO-KEXdqK3GBdpytINUwl9hwAUBv4F6Pj4_Qua55pXyXw-wkAFRskBI6wlif0kIS7tlnxvUHGeEoFExWbaG8MPQEx7fFappodBQEZ0tGruYMUZMMWynAm8usLPa_PGXms4eXecUmsfMcr95qjAGS0ONj322Pbaj19cqyhFA6FUQ0npFsq88aedqs3NpCsYkiUL-h7oSHtDGHGeCRHPZhN8eWkJOs3Ug2fd1HPTtP07jXA7asw7wkcm-0LzIajXydZ7-gWkNXKqxfLRkHjMdYlQNjcLNiP-JEzr8WNP1-XNg-VZG1Vhc4IDxb-4Mlp7P_rfZ38FlM160iSfMvdu-PGhd5ViKbjrDNVzXFAWwtinjw4tLo0Poxfv8ceqILAc4JOSKTFE4IHxiiEWkerT87Dtd44Vrirg07PSeWiZa3p2UmW4snQNHLpLH0klDKFdwjUhV56P72PlJRSEr8MwZ__DWpigOogIS7Q6J78MUiBG7EiPn1nNoTCKC2dBLqio4Azniwf6MxfeyiPXU1FnIul9fzJC0H9Zs8N5CvLaLLZNtL0pDy7sZV6cVdSvD_j1T2ArKoYHt5tuXfVC82Blyxoq4CSJwXo7LQnThdSRROss97xN3l_y6Z-1FUR8N90BlFbHwOCp9l3cFR7CmTt4stMrXxz0fsvMEUZBWDgafVb1HTyXojEHR_I7c8-4J0WKqrefzkeb0DOGCvMuRqTtJLe0S4rKHfx77_XzNNBx4Knoo1acdPHjLSGLF1xGQro_VUWC_lmUbf8_2AAo74iKtWW2qkl3QP5Rde1_y3Ba5LCBZvj3nPwCv4mbBw6U5Ljx779pRMi0uTfYjpuZ-Lhh69mpf-rCG3J2alVpNeb46o-jpx63tcvItJ86D3-JWqrEWsW2_XzZm5feZnbZHyQVgK_onlS7OFzwCU7_tRZOghohgxM7hjuCD57ngWqyYOjLHtZ0K7_p3UX84fSLNhvxXYvqExOopsEmhcJ7-VIY5XBN0l3f2Fi54OkrEZLdtVhrU4Ag3kBSkKfio0ZBwQaoFQ7lDAaqajGomLvJcz4qzIC12mrQWhaiMphuwlZbYiw9W7lfulSLsAWG1VI2C23Tz8Tzh-FEKvoTXlORhzxZgNGSaBJUH7Y5c0P4dSDiCzqJDwuvC6JNoEd6FCwpjsoTbbm268Sk5hng_gLFvBN97AC_5A-DDo1mWPuPevvMeXWPGkqw-_fEsCPQcUQRs3CzrqU2ljtoDTn-fW-Y6VzqUUtdTN3_63ReqFRgoqy5kY0pa_Wt3Yi5OlSt7_6Ak_R3I-3L7gCzEoLF1JxdzJ0wA9QoVmAUQRSpY4-nR5WLtqrJ6AyC2e9wMp5IlpVghUZ8aODrCyiyGZb8OVOOHS6vYvFllrF2t6stxjwAtnZ3oSt73k1LyWnnwaeNRFHf7Fz1D8veOiUYnbjQELwVOKulpzwNqImfciTSeT0eyKYqsvLX78L-ieVFrVIJMWfAswPwdAnI18iNYvpwYH3u7tzgKMsFZL_d_QA5I8pYVfaRnsphfcq1r1zNsMhWOxGhjHZYWKp_LSTH2cmkCh9Y-QlGYTuGuyYcxhvha228KaTVS8PplgD2u-ZMhZB95YAOb2im64n6DvxKZ6swVVRXjDiiQNBY3c9lfhHlDvXy15dzc8uJ1OZEkLRlDT-AJ-_q_eruEEotRyWW78-s80ZRs9sYJvSX8csZb_6NiXgxH68PxjQj0TIJwBZJqO4BRpwGgdJa64Szq16P90AZnq1VDycRaAv9K_vF7mkmzEnA00SEWG09XLG3j5V3YlO4bTaL1zUPOJB_vlePs1MlqY29-01lgAIDTmOYN_CaNAnYtj3G8__ZTa8QmRRjfUFlrOV8KvyVhnUbPTLKap24BzDPQTs9HAkGhyM-QoQt1YrC15May6o6lK1QbC_yTHIPgYX69N4Gs6Gh_UeZGKLn1FR8mDIcqKDK24IA_8DsbS1DkkQKcGriLVmtGGDH99nf7fyYwxQQe83OdDo0e-17urEcotWiFu58OXgyT6M-NZ2GHeJZtpqe3sFiuIpcQWm_gLmLNwV3CtwPjQ4oF5Ck_q-W2Ukn7ni6rlJ_SiHI1pTVEbLhHqU8qNaktv7wA4MHdsfq8j38BVTxii7g_U9L5D6wo_wX3digq30suuCc3QUllz_VAxZ9CLHTFOwLQycPYJfOGQYxFiXYl2MPiRpUcnUxvvfCbFUck9YPQM4O4xo6DRakyrYv0JNFm2A7zuSvdtZBkXuJEk_RzdmPpLwkhVZ2HLEA5V_2Mfn_KPbpoIpkt-AkTrvxIlJ7p1FAQH92HIWKJR7x21rHVrr3WtK2l1g2nsU71F432IWiOPCz5wgvnxeNwN0fI_rYw-Qp8jgPyYIDeIIArbPNpHnb80JzYxnro8JLdPEVprPG1oLwT9mr58JwTDUBFGaLkDmyN6_9P-yvQ8e2NckLzal9CByhzEcws4N2HICJzPHV9aBrtorxyoxu0E7-AAHqx2gkYLYW1BGn_WOAExrHc_exkEoELIeqUCNkhIdv3eQEUWYHBBx5kIRiCbA-_vWAuzyyb59iQU34-WFXGuVwgpL7N-3pvKRJHocZZ2i1quTcO4oBogGgb4V4FJKvsGxR3kOfa4hSvDbxsvTotX4DxCUSRK4uFUIqiNW1m4pD4O5BPWFUNtSW2DoFqeJhg2-hnjSwQdRpi_gi3txUEuSw-vDkTjzXEKEcRmtcm0I7G9T7rLvy_7M6lOHicPaUzijVDL0Z11vJIqVjkoRkk4CZGWmIMp0LsdStJASUG4YztXtuH-iHvO4lWdFPfvc7czyML4eb1abs2vLX2d9rmQlgQP3pkN62ZyxFlukdXrZnaqee0x3MJJtcs8TKT5WSnfKejACJVECmj9bLPWKPscrrM4ZuiDQ3UZOpGujbO1Rb-hFbm9PQJZdkjq61bDZYIDJZxHgB1dunMecfq9MIiIb7SXJSi3tiriSAM7GZQc2RURENdLrmEhZLea5zR430-ev-T4oV-TnUuJeIl5J9TDGyHdzqo9NA8ayrTY3pedOy5yVW8jQUEYftw1rp3CPqTUpACU1Y9Mtrr_gBz_ugV1SMvQvJXHNeFJs5v-ymIOhZj8zDnk8A1NLYr1tlWhxfDCbVgD_t5TjwE55zDmDRI0JDE10XTB-0bHuDq4sGVrT-1abkOpmzCcjiDRJYC65ZVTT0iegzbRuYStQ9yGQDZXMk7hN72wPAer1VR5nbCp_b52vDFl2y1MW4DhRhlvH4VnU--Jp5Hv77yT4zaTJt4G7HztYtz3EEUvtbvfq-YC7hJqb4lWg7O3JVaGweM9GdTZrfzWZIUwgRbxr9J3hmRf7NCoSA_pMp7dQ8i3LNMSmlZ7hPAUYpTLeBBRJ3NFZHiyU1oYMYsJQY1O7hyikMKkYdulNbXjDvCI3wjz0V-zw8yb6USzc8nGlwO894RIw4peOI7FHFUI_TSwHF1QTpG2pY6K0sVvcj8o1QNvFEFZNQbfqINv43d9Xf8mtlp2hP6DRS4bHleJxTPLbszG2a2oDAAUOgUCedSPm2FklSyYMN8333Akzfy0G2IRjVhkf--u5PilewGUPEKM9E99fmYtbcrXju4DYlx0nSWj713ILiod9t79jXTDqtb7WxvVx8t5I&cid=CAQSOwDICaaN8doqhxNNxHDWmPRuGarMmWuBaJV9advQ4tXQTdqrnWCoElthsEBy0rWseaDysErkJpaCNJr3GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftravel.kapook.com&ds=l&xdt=1&iif=1&cor=4858365288530560000&adk=275573854&idt=110&cac=0&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf17f68c28737dc86fe1316ca52f3ea8e473595d8e9621f188994d64a3ca2a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42093
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226291937699058590959%22,%22debug_reporting%22:true,%22destination%22:%22https://smilewifi.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22955752087%22],%224%22:[%2211-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213255662454735961905%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 12 Nov 2023 17:10:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
621.json
id5-sync.com/g/v2/ 		250 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/621.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
9b14a190cefe5729b1ffc61b64b3d3ba5720e028737a8a1f90be3af04c55c052
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://travel.kapook.com
date
Sun, 12 Nov 2023 17:10:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231109-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Sun, 12 Nov 2023 17:10:05 GMT
x-amz-request-id
W0R5QX74Q2PBN68B
age
3273
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
lRET2IwXjaFSp1i3BB9GjPtIDVCIcc4VElrKEqBeVbmOXvFNBRdOilZaej53L9vIVa/7JXMdEcU=
x-served-by
cache-cph2320058-CPH
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1699809006.629699,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
92
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
3776
generate_204
tpc.googlesyndication.com/ Frame CF1F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-gUz0g
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5A12 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mvQvpg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
pips.taboola.com/ 		4 B
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-served-by
cache-cph2320027-CPH
date
Sun, 12 Nov 2023 17:10:05 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://travel.kapook.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
CSChatThaiUI.woff2
my.kapook.com/fonts/chatthai/ Frame 9466 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/chatthai/CSChatThaiUI.woff2
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/fonts/chatthai/fontface.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.183.165.12 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p138-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
7c56eaccdfaf45898b493d44f6063c20f365137a89bc2a883f2b7a53a3f5ea2d

Request headers

Referer
https://my.kapook.com/fonts/chatthai/fontface.css
Origin
https://cacheportal.kapook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
last-modified
Mon, 22 May 2023 08:33:12 GMT
etag
"646b28c8-3fb4"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid
content-length
16308
expires
Sun, 19 Nov 2023 17:10:05 GMT
40748
videoupload.kapook.com/api_kapook/video/ Frame 9466 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videoupload.kapook.com/api_kapook/video/40748
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.44 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p170-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
e94f73ce15c8ecfd75fc9cea0797942fca1b85390c65e3ca44d49eaff7afdad7

Request headers

Accept
*/*
Referer
https://cacheportal.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
etag
W/"e03-/8EQzCh+9aKW9A9C7VMTKgMB5Eg"
access-control-allow-methods
OPTIONS, HEAD, GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=5
access-control-allow-headers
Member-Token,X-Requested-With,X-Auth-Token,Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-HTTP-Method-Override
content-length
3587
kp-cache-status
EXPIRED
expires
Sun, 12 Nov 2023 17:10:13 GMT
40625
videoupload.kapook.com/api_kapook/video/ Frame 9466 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videoupload.kapook.com/api_kapook/video/40625
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.44 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p170-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
177816f6f1d39374ba3cd41022cd933ab97bf5c91fb1fe37c78988fa74958d0e

Request headers

Accept
*/*
Referer
https://cacheportal.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
etag
W/"d27-841OcLwdXoU3aBWkLW/FQ29KQ1o"
access-control-allow-methods
OPTIONS, HEAD, GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=5
access-control-allow-headers
Member-Token,X-Requested-With,X-Auth-Token,Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-HTTP-Method-Override
content-length
3367
kp-cache-status
EXPIRED
expires
Sun, 12 Nov 2023 17:10:13 GMT
7879
videoupload.kapook.com/api_kapook/video/ Frame 9466 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videoupload.kapook.com/api_kapook/video/7879
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.44 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p170-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
01599c23721805d7cea27fe86aabc5340e1244773a243f40b201a38240a7fffa

Request headers

Accept
*/*
Referer
https://cacheportal.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:07 GMT
etag
W/"ddf-B5wmXdlrt9b079ola7yYlbTbGQQ"
access-control-allow-methods
OPTIONS, HEAD, GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=5
access-control-allow-headers
Member-Token,X-Requested-With,X-Auth-Token,Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-HTTP-Method-Override
content-length
3551
kp-cache-status
EXPIRED
expires
Sun, 12 Nov 2023 17:10:12 GMT
7956
videoupload.kapook.com/api_kapook/video/ Frame 9466 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videoupload.kapook.com/api_kapook/video/7956
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.44 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p170-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
a6f0ecf6ad0b385fe1b997f460d8292e2248a8f5e799edd1940ee18ad2b369c3

Request headers

Accept
*/*
Referer
https://cacheportal.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
etag
W/"1401-iUGA2aJ693E73723JFh9YoXFl60"
access-control-allow-methods
OPTIONS, HEAD, GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=5
access-control-allow-headers
Member-Token,X-Requested-With,X-Auth-Token,Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-HTTP-Method-Override
content-length
5121
kp-cache-status
EXPIRED
expires
Sun, 12 Nov 2023 17:10:13 GMT
generate_204
tpc.googlesyndication.com/ Frame 1C2A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SQ0pBg
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1704526/75903736/ Frame 4AB6 		253 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1704526/75903736/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014774340&ias_pubId=pub-3006603784355312&ias_chanId=1&ias_placementId=20650305072&bidurl=https://travel.kapook.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gXWpoZBU7FmQ3pfBpUAf8E
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.173.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-173-246.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3e61bf4298311f14452c8aa0abec275c00f0833607dd7a914fe9f3ea670cd7f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:05 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 4AB6 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
Origin
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 13 Nov 2023 06:30:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 4AB6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6HqGV6hNOf5EMJHh9Evu1ZzdwJOuOQb0cmQCv1GJptFY6E4ZcNKMkTWuYzzHqC5N9zz4JJwwA-nleyWjZLmRhcuAL4kzqokCxCso2uxWZ1ATMuATk0mxTTSoemmyoD5F29drk7KLwSVcnbl15Pdshsg7zFS5yxTpc0yYv4zsvfqsc3b8&dbm_d=AKAmf-CVFldj2weviidBI1vFSWmuM7UucJIhLUsaHFuOr8oXAz9ejOtwlLbUcfjHt57C9eHKhm9qOuUNixlPlQmoizdzbsGy28I2HWf1i5bceMgUmW0Vcq6YWzBu2iLyWHXeSdH3ecsAFTX8FgM4xjwO7XuOYaaS7xN69QZ5-Q_ZHkD5vrRaFBO67SJDcyaqI6FzvNa_zu4sreFSJ5_SECKGCHC29u4NHv0WF1Wal_5OzhJON4SkmMKoC7mhkyw6pfsHGeBvEj3Wr-Gc7-k3PIhQ6Jo1CHRGTMKCHVaN_fTeRQTaAMr6JZqShiYeWOZ8pQtc89cxA1CRysvZX0VNMgR-VaIdHjhLZb8IJpOOFpB8POWaSp0BuBtO-KEXdqK3GBdpytINUwl9hwAUBv4F6Pj4_Qua55pXyXw-wkAFRskBI6wlif0kIS7tlnxvUHGeEoFExWbaG8MPQEx7fFappodBQEZ0tGruYMUZMMWynAm8usLPa_PGXms4eXecUmsfMcr95qjAGS0ONj322Pbaj19cqyhFA6FUQ0npFsq88aedqs3NpCsYkiUL-h7oSHtDGHGeCRHPZhN8eWkJOs3Ug2fd1HPTtP07jXA7asw7wkcm-0LzIajXydZ7-gWkNXKqxfLRkHjMdYlQNjcLNiP-JEzr8WNP1-XNg-VZG1Vhc4IDxb-4Mlp7P_rfZ38FlM160iSfMvdu-PGhd5ViKbjrDNVzXFAWwtinjw4tLo0Poxfv8ceqILAc4JOSKTFE4IHxiiEWkerT87Dtd44Vrirg07PSeWiZa3p2UmW4snQNHLpLH0klDKFdwjUhV56P72PlJRSEr8MwZ__DWpigOogIS7Q6J78MUiBG7EiPn1nNoTCKC2dBLqio4Azniwf6MxfeyiPXU1FnIul9fzJC0H9Zs8N5CvLaLLZNtL0pDy7sZV6cVdSvD_j1T2ArKoYHt5tuXfVC82Blyxoq4CSJwXo7LQnThdSRROss97xN3l_y6Z-1FUR8N90BlFbHwOCp9l3cFR7CmTt4stMrXxz0fsvMEUZBWDgafVb1HTyXojEHR_I7c8-4J0WKqrefzkeb0DOGCvMuRqTtJLe0S4rKHfx77_XzNNBx4Knoo1acdPHjLSGLF1xGQro_VUWC_lmUbf8_2AAo74iKtWW2qkl3QP5Rde1_y3Ba5LCBZvj3nPwCv4mbBw6U5Ljx779pRMi0uTfYjpuZ-Lhh69mpf-rCG3J2alVpNeb46o-jpx63tcvItJ86D3-JWqrEWsW2_XzZm5feZnbZHyQVgK_onlS7OFzwCU7_tRZOghohgxM7hjuCD57ngWqyYOjLHtZ0K7_p3UX84fSLNhvxXYvqExOopsEmhcJ7-VIY5XBN0l3f2Fi54OkrEZLdtVhrU4Ag3kBSkKfio0ZBwQaoFQ7lDAaqajGomLvJcz4qzIC12mrQWhaiMphuwlZbYiw9W7lfulSLsAWG1VI2C23Tz8Tzh-FEKvoTXlORhzxZgNGSaBJUH7Y5c0P4dSDiCzqJDwuvC6JNoEd6FCwpjsoTbbm268Sk5hng_gLFvBN97AC_5A-DDo1mWPuPevvMeXWPGkqw-_fEsCPQcUQRs3CzrqU2ljtoDTn-fW-Y6VzqUUtdTN3_63ReqFRgoqy5kY0pa_Wt3Yi5OlSt7_6Ak_R3I-3L7gCzEoLF1JxdzJ0wA9QoVmAUQRSpY4-nR5WLtqrJ6AyC2e9wMp5IlpVghUZ8aODrCyiyGZb8OVOOHS6vYvFllrF2t6stxjwAtnZ3oSt73k1LyWnnwaeNRFHf7Fz1D8veOiUYnbjQELwVOKulpzwNqImfciTSeT0eyKYqsvLX78L-ieVFrVIJMWfAswPwdAnI18iNYvpwYH3u7tzgKMsFZL_d_QA5I8pYVfaRnsphfcq1r1zNsMhWOxGhjHZYWKp_LSTH2cmkCh9Y-QlGYTuGuyYcxhvha228KaTVS8PplgD2u-ZMhZB95YAOb2im64n6DvxKZ6swVVRXjDiiQNBY3c9lfhHlDvXy15dzc8uJ1OZEkLRlDT-AJ-_q_eruEEotRyWW78-s80ZRs9sYJvSX8csZb_6NiXgxH68PxjQj0TIJwBZJqO4BRpwGgdJa64Szq16P90AZnq1VDycRaAv9K_vF7mkmzEnA00SEWG09XLG3j5V3YlO4bTaL1zUPOJB_vlePs1MlqY29-01lgAIDTmOYN_CaNAnYtj3G8__ZTa8QmRRjfUFlrOV8KvyVhnUbPTLKap24BzDPQTs9HAkGhyM-QoQt1YrC15May6o6lK1QbC_yTHIPgYX69N4Gs6Gh_UeZGKLn1FR8mDIcqKDK24IA_8DsbS1DkkQKcGriLVmtGGDH99nf7fyYwxQQe83OdDo0e-17urEcotWiFu58OXgyT6M-NZ2GHeJZtpqe3sFiuIpcQWm_gLmLNwV3CtwPjQ4oF5Ck_q-W2Ukn7ni6rlJ_SiHI1pTVEbLhHqU8qNaktv7wA4MHdsfq8j38BVTxii7g_U9L5D6wo_wX3digq30suuCc3QUllz_VAxZ9CLHTFOwLQycPYJfOGQYxFiXYl2MPiRpUcnUxvvfCbFUck9YPQM4O4xo6DRakyrYv0JNFm2A7zuSvdtZBkXuJEk_RzdmPpLwkhVZ2HLEA5V_2Mfn_KPbpoIpkt-AkTrvxIlJ7p1FAQH92HIWKJR7x21rHVrr3WtK2l1g2nsU71F432IWiOPCz5wgvnxeNwN0fI_rYw-Qp8jgPyYIDeIIArbPNpHnb80JzYxnro8JLdPEVprPG1oLwT9mr58JwTDUBFGaLkDmyN6_9P-yvQ8e2NckLzal9CByhzEcws4N2HICJzPHV9aBrtorxyoxu0E7-AAHqx2gkYLYW1BGn_WOAExrHc_exkEoELIeqUCNkhIdv3eQEUWYHBBx5kIRiCbA-_vWAuzyyb59iQU34-WFXGuVwgpL7N-3pvKRJHocZZ2i1quTcO4oBogGgb4V4FJKvsGxR3kOfa4hSvDbxsvTotX4DxCUSRK4uFUIqiNW1m4pD4O5BPWFUNtSW2DoFqeJhg2-hnjSwQdRpi_gi3txUEuSw-vDkTjzXEKEcRmtcm0I7G9T7rLvy_7M6lOHicPaUzijVDL0Z11vJIqVjkoRkk4CZGWmIMp0LsdStJASUG4YztXtuH-iHvO4lWdFPfvc7czyML4eb1abs2vLX2d9rmQlgQP3pkN62ZyxFlukdXrZnaqee0x3MJJtcs8TKT5WSnfKejACJVECmj9bLPWKPscrrM4ZuiDQ3UZOpGujbO1Rb-hFbm9PQJZdkjq61bDZYIDJZxHgB1dunMecfq9MIiIb7SXJSi3tiriSAM7GZQc2RURENdLrmEhZLea5zR430-ev-T4oV-TnUuJeIl5J9TDGyHdzqo9NA8ayrTY3pedOy5yVW8jQUEYftw1rp3CPqTUpACU1Y9Mtrr_gBz_ugV1SMvQvJXHNeFJs5v-ymIOhZj8zDnk8A1NLYr1tlWhxfDCbVgD_t5TjwE55zDmDRI0JDE10XTB-0bHuDq4sGVrT-1abkOpmzCcjiDRJYC65ZVTT0iegzbRuYStQ9yGQDZXMk7hN72wPAer1VR5nbCp_b52vDFl2y1MW4DhRhlvH4VnU--Jp5Hv77yT4zaTJt4G7HztYtz3EEUvtbvfq-YC7hJqb4lWg7O3JVaGweM9GdTZrfzWZIUwgRbxr9J3hmRf7NCoSA_pMp7dQ8i3LNMSmlZ7hPAUYpTLeBBRJ3NFZHiyU1oYMYsJQY1O7hyikMKkYdulNbXjDvCI3wjz0V-zw8yb6USzc8nGlwO894RIw4peOI7FHFUI_TSwHF1QTpG2pY6K0sVvcj8o1QNvFEFZNQbfqINv43d9Xf8mtlp2hP6DRS4bHleJxTPLbszG2a2oDAAUOgUCedSPm2FklSyYMN8333Akzfy0G2IRjVhkf--u5PilewGUPEKM9E99fmYtbcrXju4DYlx0nSWj713ILiod9t79jXTDqtb7WxvVx8t5I&cid=CAQSOwDICaaN8doqhxNNxHDWmPRuGarMmWuBaJV9advQ4tXQTdqrnWCoElthsEBy0rWseaDysErkJpaCNJr3GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftravel.kapook.com&ds=l&xdt=1&iif=1&cor=4858365288530560000&adk=275573854&idt=110&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 20:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
75610
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:09:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 4AB6 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6HqGV6hNOf5EMJHh9Evu1ZzdwJOuOQb0cmQCv1GJptFY6E4ZcNKMkTWuYzzHqC5N9zz4JJwwA-nleyWjZLmRhcuAL4kzqokCxCso2uxWZ1ATMuATk0mxTTSoemmyoD5F29drk7KLwSVcnbl15Pdshsg7zFS5yxTpc0yYv4zsvfqsc3b8&dbm_d=AKAmf-CVFldj2weviidBI1vFSWmuM7UucJIhLUsaHFuOr8oXAz9ejOtwlLbUcfjHt57C9eHKhm9qOuUNixlPlQmoizdzbsGy28I2HWf1i5bceMgUmW0Vcq6YWzBu2iLyWHXeSdH3ecsAFTX8FgM4xjwO7XuOYaaS7xN69QZ5-Q_ZHkD5vrRaFBO67SJDcyaqI6FzvNa_zu4sreFSJ5_SECKGCHC29u4NHv0WF1Wal_5OzhJON4SkmMKoC7mhkyw6pfsHGeBvEj3Wr-Gc7-k3PIhQ6Jo1CHRGTMKCHVaN_fTeRQTaAMr6JZqShiYeWOZ8pQtc89cxA1CRysvZX0VNMgR-VaIdHjhLZb8IJpOOFpB8POWaSp0BuBtO-KEXdqK3GBdpytINUwl9hwAUBv4F6Pj4_Qua55pXyXw-wkAFRskBI6wlif0kIS7tlnxvUHGeEoFExWbaG8MPQEx7fFappodBQEZ0tGruYMUZMMWynAm8usLPa_PGXms4eXecUmsfMcr95qjAGS0ONj322Pbaj19cqyhFA6FUQ0npFsq88aedqs3NpCsYkiUL-h7oSHtDGHGeCRHPZhN8eWkJOs3Ug2fd1HPTtP07jXA7asw7wkcm-0LzIajXydZ7-gWkNXKqxfLRkHjMdYlQNjcLNiP-JEzr8WNP1-XNg-VZG1Vhc4IDxb-4Mlp7P_rfZ38FlM160iSfMvdu-PGhd5ViKbjrDNVzXFAWwtinjw4tLo0Poxfv8ceqILAc4JOSKTFE4IHxiiEWkerT87Dtd44Vrirg07PSeWiZa3p2UmW4snQNHLpLH0klDKFdwjUhV56P72PlJRSEr8MwZ__DWpigOogIS7Q6J78MUiBG7EiPn1nNoTCKC2dBLqio4Azniwf6MxfeyiPXU1FnIul9fzJC0H9Zs8N5CvLaLLZNtL0pDy7sZV6cVdSvD_j1T2ArKoYHt5tuXfVC82Blyxoq4CSJwXo7LQnThdSRROss97xN3l_y6Z-1FUR8N90BlFbHwOCp9l3cFR7CmTt4stMrXxz0fsvMEUZBWDgafVb1HTyXojEHR_I7c8-4J0WKqrefzkeb0DOGCvMuRqTtJLe0S4rKHfx77_XzNNBx4Knoo1acdPHjLSGLF1xGQro_VUWC_lmUbf8_2AAo74iKtWW2qkl3QP5Rde1_y3Ba5LCBZvj3nPwCv4mbBw6U5Ljx779pRMi0uTfYjpuZ-Lhh69mpf-rCG3J2alVpNeb46o-jpx63tcvItJ86D3-JWqrEWsW2_XzZm5feZnbZHyQVgK_onlS7OFzwCU7_tRZOghohgxM7hjuCD57ngWqyYOjLHtZ0K7_p3UX84fSLNhvxXYvqExOopsEmhcJ7-VIY5XBN0l3f2Fi54OkrEZLdtVhrU4Ag3kBSkKfio0ZBwQaoFQ7lDAaqajGomLvJcz4qzIC12mrQWhaiMphuwlZbYiw9W7lfulSLsAWG1VI2C23Tz8Tzh-FEKvoTXlORhzxZgNGSaBJUH7Y5c0P4dSDiCzqJDwuvC6JNoEd6FCwpjsoTbbm268Sk5hng_gLFvBN97AC_5A-DDo1mWPuPevvMeXWPGkqw-_fEsCPQcUQRs3CzrqU2ljtoDTn-fW-Y6VzqUUtdTN3_63ReqFRgoqy5kY0pa_Wt3Yi5OlSt7_6Ak_R3I-3L7gCzEoLF1JxdzJ0wA9QoVmAUQRSpY4-nR5WLtqrJ6AyC2e9wMp5IlpVghUZ8aODrCyiyGZb8OVOOHS6vYvFllrF2t6stxjwAtnZ3oSt73k1LyWnnwaeNRFHf7Fz1D8veOiUYnbjQELwVOKulpzwNqImfciTSeT0eyKYqsvLX78L-ieVFrVIJMWfAswPwdAnI18iNYvpwYH3u7tzgKMsFZL_d_QA5I8pYVfaRnsphfcq1r1zNsMhWOxGhjHZYWKp_LSTH2cmkCh9Y-QlGYTuGuyYcxhvha228KaTVS8PplgD2u-ZMhZB95YAOb2im64n6DvxKZ6swVVRXjDiiQNBY3c9lfhHlDvXy15dzc8uJ1OZEkLRlDT-AJ-_q_eruEEotRyWW78-s80ZRs9sYJvSX8csZb_6NiXgxH68PxjQj0TIJwBZJqO4BRpwGgdJa64Szq16P90AZnq1VDycRaAv9K_vF7mkmzEnA00SEWG09XLG3j5V3YlO4bTaL1zUPOJB_vlePs1MlqY29-01lgAIDTmOYN_CaNAnYtj3G8__ZTa8QmRRjfUFlrOV8KvyVhnUbPTLKap24BzDPQTs9HAkGhyM-QoQt1YrC15May6o6lK1QbC_yTHIPgYX69N4Gs6Gh_UeZGKLn1FR8mDIcqKDK24IA_8DsbS1DkkQKcGriLVmtGGDH99nf7fyYwxQQe83OdDo0e-17urEcotWiFu58OXgyT6M-NZ2GHeJZtpqe3sFiuIpcQWm_gLmLNwV3CtwPjQ4oF5Ck_q-W2Ukn7ni6rlJ_SiHI1pTVEbLhHqU8qNaktv7wA4MHdsfq8j38BVTxii7g_U9L5D6wo_wX3digq30suuCc3QUllz_VAxZ9CLHTFOwLQycPYJfOGQYxFiXYl2MPiRpUcnUxvvfCbFUck9YPQM4O4xo6DRakyrYv0JNFm2A7zuSvdtZBkXuJEk_RzdmPpLwkhVZ2HLEA5V_2Mfn_KPbpoIpkt-AkTrvxIlJ7p1FAQH92HIWKJR7x21rHVrr3WtK2l1g2nsU71F432IWiOPCz5wgvnxeNwN0fI_rYw-Qp8jgPyYIDeIIArbPNpHnb80JzYxnro8JLdPEVprPG1oLwT9mr58JwTDUBFGaLkDmyN6_9P-yvQ8e2NckLzal9CByhzEcws4N2HICJzPHV9aBrtorxyoxu0E7-AAHqx2gkYLYW1BGn_WOAExrHc_exkEoELIeqUCNkhIdv3eQEUWYHBBx5kIRiCbA-_vWAuzyyb59iQU34-WFXGuVwgpL7N-3pvKRJHocZZ2i1quTcO4oBogGgb4V4FJKvsGxR3kOfa4hSvDbxsvTotX4DxCUSRK4uFUIqiNW1m4pD4O5BPWFUNtSW2DoFqeJhg2-hnjSwQdRpi_gi3txUEuSw-vDkTjzXEKEcRmtcm0I7G9T7rLvy_7M6lOHicPaUzijVDL0Z11vJIqVjkoRkk4CZGWmIMp0LsdStJASUG4YztXtuH-iHvO4lWdFPfvc7czyML4eb1abs2vLX2d9rmQlgQP3pkN62ZyxFlukdXrZnaqee0x3MJJtcs8TKT5WSnfKejACJVECmj9bLPWKPscrrM4ZuiDQ3UZOpGujbO1Rb-hFbm9PQJZdkjq61bDZYIDJZxHgB1dunMecfq9MIiIb7SXJSi3tiriSAM7GZQc2RURENdLrmEhZLea5zR430-ev-T4oV-TnUuJeIl5J9TDGyHdzqo9NA8ayrTY3pedOy5yVW8jQUEYftw1rp3CPqTUpACU1Y9Mtrr_gBz_ugV1SMvQvJXHNeFJs5v-ymIOhZj8zDnk8A1NLYr1tlWhxfDCbVgD_t5TjwE55zDmDRI0JDE10XTB-0bHuDq4sGVrT-1abkOpmzCcjiDRJYC65ZVTT0iegzbRuYStQ9yGQDZXMk7hN72wPAer1VR5nbCp_b52vDFl2y1MW4DhRhlvH4VnU--Jp5Hv77yT4zaTJt4G7HztYtz3EEUvtbvfq-YC7hJqb4lWg7O3JVaGweM9GdTZrfzWZIUwgRbxr9J3hmRf7NCoSA_pMp7dQ8i3LNMSmlZ7hPAUYpTLeBBRJ3NFZHiyU1oYMYsJQY1O7hyikMKkYdulNbXjDvCI3wjz0V-zw8yb6USzc8nGlwO894RIw4peOI7FHFUI_TSwHF1QTpG2pY6K0sVvcj8o1QNvFEFZNQbfqINv43d9Xf8mtlp2hP6DRS4bHleJxTPLbszG2a2oDAAUOgUCedSPm2FklSyYMN8333Akzfy0G2IRjVhkf--u5PilewGUPEKM9E99fmYtbcrXju4DYlx0nSWj713ILiod9t79jXTDqtb7WxvVx8t5I&cid=CAQSOwDICaaN8doqhxNNxHDWmPRuGarMmWuBaJV9advQ4tXQTdqrnWCoElthsEBy0rWseaDysErkJpaCNJr3GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftravel.kapook.com&ds=l&xdt=1&iif=1&cor=4858365288530560000&adk=275573854&idt=110&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 17:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
85917
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11881
x-xss-protection
0
server
cafe
etag
5723174479369309319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Nov 2023 17:18:08 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 4AB6 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
213954
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
truncated
/ Frame 4AB6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49379a46beb11e78fb8433866afc09b5bd7415408100878ea800ac6268635e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=f5c123b7-a697-4108-a545-d03197210ff0-tuctc4a8c6b&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Nov 2023 17:10:06 GMT
cache-control
no-store
server
nginx
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 523D 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
319683
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 523D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 16:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
3983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 16:03:42 GMT
index.html
s0.2mdn.net/sadbundle/12615323307018942999/ Frame 4784 		145 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12615323307018942999/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b2d5140d291489e0fe002c514227e7e05ec72629762714b64e28b23e31d51dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
331712
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
24228
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Nov 2023 21:01:34 GMT
expires
Thu, 07 Nov 2024 21:01:34 GMT
last-modified
Mon, 23 Oct 2023 11:02:04 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4AB6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvj7H-OE5GzsbGvSHxZxb5N2aHDccItTv4EaL4aEGKD9SEr_Qy4NL53UeDv-4I6Ic8WdbeBDe7Jh4u7U14-4sxqF5l1JHKGy9eCYLmw_IJR3GyR5LEBYF-FiNID8nD3NuydjHYfJkyHXc86CUdE80hp-A24vSvUcsSc7aZd8mw8YSW78Tgb3qFjWgT3gmcRfHJTrop_0WVsPf7rlmeVZzY9eeKYvqszxzEn-pGFdm6762C92BVcV3ybnlTIaxlxdTHr8TfYp-tS7UTzNTv4uobhAGcSCfPRRoxVPISeYLiu914mBEQaUaFMtbxxgv7uYbyR6PLokiaIi-vQ4X23XzgNwEn0hynj_Vb5lB970F6ox5qOxPSgFPohFFGu30KRMS2u6OC0oY_Yyh8poaeZou7UGwqerxPhXENW5KBnH8YejsA8616dy-bXSxyMpEjO3Ikw-8kB-CruAAlrY97jrttE5wDRl0osvqHNs6YqgGxoQNZrAyqEAmUkuWk56s_XCMqckYndWwq5aGyOZsrcqjpKzEow_ENDHBiaV915iiZcvMBLZWKdiBWk5mp4LdyKh19LAPCQUz_Bt3ntGOOPgyrAFNW9gKjHdAzM1fOoHqtDU5I3ji7SNc11Qz4SAnaiTbHsd5yUZLh7vlA4j6qwfMF-p6NpwXw2ATYxQ3OVmdHS7zBkp5GvKqP01MKEAMtaqVSLtt0G5RpOq1oq28ynal-pWvX1UmOtf8zktQNd1HjaLG_mRN2IAVovU2rmGwUjZ71QlIxcIZc3OaudUVZCnCUXA2JVLpU9ZGwRnkpK8JLHe3UnzDjZjxFKP1GMXnQqjsep7OiqDS6_UEtn9sY57hOIfL4bWnVVcqjsX02JDVZ0iZSkMCUk1Squ0z9kLhbeGQyf04SYNpEh3oy8zc0ZULlPALvp1srA-H_h7ku8w6E9NViJ6eJRE5TBqjJ0M-ToLIhh8PRuivUv6D4nzZs1t2M7MI9amGlfHj5d9Vxdf5eN5FgUkXWfPzDOBIUpEZEZl2GhzWAgC6HVDLZfzIPda1AWZn3TTbtAUF0NsGCHnc-X84WflmIdmzRztijf4JSJwYasVHUb4OTkEHjkRKzTOn9p6Gb5-R2H8I0gYPLcIFShLoder52lvxKW-uv4pK65UkBwqENF7e7wWFgfDkPedSccUexTw5-okHIjwKSWOoDag6De2-gCoFtnX7BEPThUgvHm275QwhCKPLmOKwSPlvDaz9j8TidepFkVrk99lQbcq88zubQ2Uaxn46r1L9_4F6rqyKJLDn1OY9Z6k5mJn-qawvr01Ni8gpbFlvHG0miO0t68XeTZGZaLYvldT5KDb2ywe23fgQYQ9sK3p3uQ8YHXj-OQMT-7plYvxeGDEdtk3aWnFvNo9_MU7Nleu9XMC746oIkEpAoqekWUXrlp3dDScITkBVlwP_Ji4wzJ9gbcr5xvZJPOsr-bH27_nFpGs5Oaji4UPc_T7nFCmg&sai=AMfl-YSQaYO5S9TI7hFSnx8mWfhJCPK40m7ElCXSc9NLio1XAsb6eGIBfOtYyP2J2uhqsEytSCTG7bZUABK471G2xWKnhzAU7Q2RkcwAfpb3iR-xpNHbUdVsnYlxZd5Hsw42Y9Ouktu5CPh4S2kCN-ZP6xz3ZRUEY-kvMW-w-1JcIPOKbH0N1vIEAKnyWHy3-FIScdgNBT1OCbBQhGxcsqUHI3vBOUOBkkNekGeJ2hOMXBymXEzKdDFlufoGPx6ap1esmQY5rxdRqeRp1vlLbkXRRBWfkuo0&sig=Cg0ArKJSzEWVfauJuQkNEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=215&cbvp=1&cstd=213&cisv=r20231106.93305&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 12 Nov 2023 17:10:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 4784 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12615323307018942999/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12615323307018942999/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 07:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 13 Nov 2023 07:13:22 GMT
4a.js
static.adsafeprotected.com/ Frame 4AB6
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1704526/75903736/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014774340&ias_pubId=pub-3006603784355312&ias_chanId=1&ias_placementId=20650305072&bidurl=ht...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2600:9000:223f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 21:05:42 GMT
x-amz-version-id
jwM.JRpcxFXIBH7yV98PwBM2gsjtWEgc
content-encoding
gzip
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
417865
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 07 Nov 2023 21:05:40 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
Vkip0qOYtD-t9OPEu8JEYWfO_DuR2fMGquBJQANvtfoKxIwdpIny_w==

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:06 GMT
server
nginx
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 510F 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
4554056
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
v_Pbfv8s_P9CK8tMqCMLTU9gYDA6IyumoxPQEnG1RGjjj5iDhCBgYw==
dt
dt.adsafeprotected.com/ Frame 4AB6 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1704526&asId=57d815b2-2156-cc8d-772d-d4f8d5c89a1f&tv=%7Bc:tMhZZ5,pingTime:-3,time:52,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:52,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVpTmr9+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5*.1704526-75903736%7C1b51%7C1b52%7C1b53%7C1c1%7C1c2%7C1c31%7C1c32%7C1c4%7C1c5,idMap:1b5*,rmeas:1,rend:0,renddet:na,siq:26%7D&br=c
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:100a:68b6:1699:c2e6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:06 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4AB6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1704526&asId=57d815b2-2156-cc8d-772d-d4f8d5c89a1f&tv=%7Bc:tMhZZ6,pingTime:-6,time:53,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:53,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVpTmr9+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5*.1704526-75903736%7C1b51%7C1b52%7C1b53%7C1c1%7C1c2%7C1c31%7C1c32%7C1c4%7C1c5,idMap:1b5*,rmeas:1,rend:0,renddet:na,siq:26%7D&tpiLookup=ao:travel.kapook.com*%2Ctravel.kapook.com*&br=c
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:100a:68b6:1699:c2e6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:06 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4AB6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1704526&asId=57d815b2-2156-cc8d-772d-d4f8d5c89a1f&tv=%7Bc:tMhZZj,pingTime:-2,time:66,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:834,beZ:836,mfA:839,cmA:841,inA:841,inZ:846,prA:847,prZ:854,si:860,poA:861,poZ:882,cmZ:882,mfZ:882,loA:887,loZ:889,ltA:899,ltZ:899%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:66,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVpTmr9+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5*.1704526-75903736%7C1b51%7C1b52%7C1b53%7C1c1%7C1c2%7C1c31%7C1c32%7C1c4%7C1c5,idMap:1b5*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:26,sinceFw:39,readyFired:true%7D&br=c
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:100a:68b6:1699:c2e6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:06 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame 4AB6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvj7H-OE5GzsbGvSHxZxb5N2aHDccItTv4EaL4aEGKD9SEr_Qy4NL53UeDv-4I6Ic8WdbeBDe7Jh4u7U14-4sxqF5l1JHKGy9eCYLmw_IJR3GyR5LEBYF-FiNID8nD3NuydjHYfJkyHXc86CUdE80hp-A24vSvUcsSc7aZd8mw8YSW78Tgb3qFjWgT3gmcRfHJTrop_0WVsPf7rlmeVZzY9eeKYvqszxzEn-pGFdm6762C92BVcV3ybnlTIaxlxdTHr8TfYp-tS7UTzNTv4uobhAGcSCfPRRoxVPISeYLiu914mBEQaUaFMtbxxgv7uYbyR6PLokiaIi-vQ4X23XzgNwEn0hynj_Vb5lB970F6ox5qOxPSgFPohFFGu30KRMS2u6OC0oY_Yyh8poaeZou7UGwqerxPhXENW5KBnH8YejsA8616dy-bXSxyMpEjO3Ikw-8kB-CruAAlrY97jrttE5wDRl0osvqHNs6YqgGxoQNZrAyqEAmUkuWk56s_XCMqckYndWwq5aGyOZsrcqjpKzEow_ENDHBiaV915iiZcvMBLZWKdiBWk5mp4LdyKh19LAPCQUz_Bt3ntGOOPgyrAFNW9gKjHdAzM1fOoHqtDU5I3ji7SNc11Qz4SAnaiTbHsd5yUZLh7vlA4j6qwfMF-p6NpwXw2ATYxQ3OVmdHS7zBkp5GvKqP01MKEAMtaqVSLtt0G5RpOq1oq28ynal-pWvX1UmOtf8zktQNd1HjaLG_mRN2IAVovU2rmGwUjZ71QlIxcIZc3OaudUVZCnCUXA2JVLpU9ZGwRnkpK8JLHe3UnzDjZjxFKP1GMXnQqjsep7OiqDS6_UEtn9sY57hOIfL4bWnVVcqjsX02JDVZ0iZSkMCUk1Squ0z9kLhbeGQyf04SYNpEh3oy8zc0ZULlPALvp1srA-H_h7ku8w6E9NViJ6eJRE5TBqjJ0M-ToLIhh8PRuivUv6D4nzZs1t2M7MI9amGlfHj5d9Vxdf5eN5FgUkXWfPzDOBIUpEZEZl2GhzWAgC6HVDLZfzIPda1AWZn3TTbtAUF0NsGCHnc-X84WflmIdmzRztijf4JSJwYasVHUb4OTkEHjkRKzTOn9p6Gb5-R2H8I0gYPLcIFShLoder52lvxKW-uv4pK65UkBwqENF7e7wWFgfDkPedSccUexTw5-okHIjwKSWOoDag6De2-gCoFtnX7BEPThUgvHm275QwhCKPLmOKwSPlvDaz9j8TidepFkVrk99lQbcq88zubQ2Uaxn46r1L9_4F6rqyKJLDn1OY9Z6k5mJn-qawvr01Ni8gpbFlvHG0miO0t68XeTZGZaLYvldT5KDb2ywe23fgQYQ9sK3p3uQ8YHXj-OQMT-7plYvxeGDEdtk3aWnFvNo9_MU7Nleu9XMC746oIkEpAoqekWUXrlp3dDScITkBVlwP_Ji4wzJ9gbcr5xvZJPOsr-bH27_nFpGs5Oaji4UPc_T7nFCmg&sai=AMfl-YSQaYO5S9TI7hFSnx8mWfhJCPK40m7ElCXSc9NLio1XAsb6eGIBfOtYyP2J2uhqsEytSCTG7bZUABK471G2xWKnhzAU7Q2RkcwAfpb3iR-xpNHbUdVsnYlxZd5Hsw42Y9Ouktu5CPh4S2kCN-ZP6xz3ZRUEY-kvMW-w-1JcIPOKbH0N1vIEAKnyWHy3-FIScdgNBT1OCbBQhGxcsqUHI3vBOUOBkkNekGeJ2hOMXBymXEzKdDFlufoGPx6ap1esmQY5rxdRqeRp1vlLbkXRRBWfkuo0&sig=Cg0ArKJSzEWVfauJuQkNEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=390&vt=11&dtpt=175&dett=3&cstd=213&cisv=r20231106.93305&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 523D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BuaJB7QZRZf6fJ4fnx_AP0LywOAAAAAA4AeAEAg&bg=!9vWl9brNAAZxrfrxUa07ADQBe5WfOJaV7vjIeJ9r4hqUe9F3v3L_G2K79Z-Rxfk-7pNs_5uf7KDVc3lgDA9KoWj9onM-AgAAAFRSAAAABWgBB5kDLmWXt3YbttI15Lbf6XF4ncFfMog7pKZo7HtAqnV_b3VjzB1QRvbmtoG-Im8mHvE8Te6BcjHCjI-MjRxP4DYa1lNnpVMhpoLfGua_MYXif6pAYSF-PME8T396fYOo_hYQEIGjq32ehXlcxf7LB6M-l1D1f4rSSdDN6OJV3Dvr7vTRpjkybeI0codXKZL2EEG8K5KVBJ3K-zHDl0NZpnMu-V_xzmZ1Ta0qVPLzwHtbgBeH6WwRkDmE6Gs8PRFJKfGu6bOPksOPne8qplqd10UG4uK9SKEPzQKA2E33f6fYOq5Zw05ngpD7pFt_KcXeZwikB6JWUbs1jUNGX4w00QlUiasumT6giyJIpLxvAEPP0l_IPOCKsiOzIYCCIjH90N8eMAOVgTl7kW5KaXC9qVKOnXz1r3CbfSZu13nsT9rUGTKxmPvbqE_cudHZsL_p-edRfm1rnnGsQ9Yg0je9Ba7bB_UGxZcQqqiOmXxOtpbcvlVr_pJ7EemH-YvnfyHioa1pTTRX3lIexg3DJ_sHY5JMg9Pd9S26SDF9hQcTqMd-FV2Vd5sw-fS5STZ2u-HeYY0NEtt337yoHS7iKD83gx5zeA7iN65T9AHjCOEFp5u9rZMBeUy4zOP6maAidEVOR_6Vp2676nGahbifpMHilCT2r244V32OrkJxKfjVn84-9baOVu9f2T8oMvvcnLsAX-DQj1bImFkpA6eZd4aIw0eOr4qzhA4LZmsCawMve7IwKrNo-H5qr9OqvZl8oZQSmOFS1ssonDx76_XWQVO0P5q9WuHr1vrN5bLrUIR38ogk0p4JiZHU8xAU1HekxyUxB5oMYqyxaoS4lNHuVUEAOT5iYUDufdn3DVH8b5VA3dSy5VpjVdtgcaOWAXTD593sOjbYzmlSCIPkCL5U_SvkOyN6CGO-l7wcpzRg6KkhK70GxJBQkXuKzWnsZ6-o3QlOWQr3AVxAilN97M5gRp2amdVH9oMLqdDxdui8e1XrCemJ5XJDmRlqjHXeTRkFJaxwrOFheGm73e98pa-cl5bJHINWzeTpx3pP9tRtuXpgKujOmHmet7-IIyyVSfn28BafAak
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 4AB6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1704526&asId=57d815b2-2156-cc8d-772d-d4f8d5c89a1f&tv=%7Bc:tMhZZY,time:107,type:e,im:%7Bpci:%7Btdr:57%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:107,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVpTmr9+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5*.1704526-75903736%7C1b51%7C1b52%7C1b53%7C1c1%7C1c2%7C1c31%7C1c32%7C1c4%7C1c5,idMap:1b5*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26%7D&br=c
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:100a:68b6:1699:c2e6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:06 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
wl
t.pubmatic.com/ 		17 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=156743
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:06 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4AB6 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrNL3nI6jJAN0mEOef67vdgWQgg930ACjc7Mub7Mlq4HF9ylICM8BO5gDsbBwqSX5caXJ_ZvGfJd3CXaoW2zcDAkSYLA4CHo839L2t0E0WTQV-9dEEBqmtSyfIX1ApJwjRwm9_TghcYXMHK8fPzU5n-MCflgo24d5YrWIdrlwzCJew-nGZSQwYiPO0oaEabc-z5VAxHayzTWsalUwgQ-IEhPg&sai=AMfl-YTNXN5ltZtW4a23DM_y4trb7CsTt81Hc7-P9DMF2nOw7KvhY7VCnBE5emSfu_J_a_AV40NwWqq7mde9vFPxAJaps2texdGo2ACXpQnUFDruNIAsLP0NZScx1YiDBG-mMzM25IPdleyUzcdvl1to_RIz&sig=Cg0ArKJSzOxRimGB8gzNEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
passback_728x90.js
static.adsafeprotected.com/ Frame A257 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_728x90.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding
gzip
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
date
Thu, 09 Nov 2023 16:13:29 GMT
x-amz-cf-pop
FRA56-P5
age
262598
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:52 GMT
server
AmazonS3
etag
W/"696b4c19d35efd706805137a8a4b3831"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
bKgF7pYEgwC5jT61J9D39wRzaus-8cg4LXoQUCqa6QJUr_-JaOErIg==
IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame A257 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date
Sat, 11 Nov 2023 08:21:03 GMT
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
240344
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
10216
last-modified
Fri, 18 Feb 2022 23:29:13 GMT
server
AmazonS3
etag
"b1464a7201f691a1e4cf6fc057919d7f"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
RhQFNK59WIQuOyyPORLWk1AuHfWTXZSF05QJ_b-0V4CGOF-2pvPLSw==
sodar
pagead2.googlesyndication.com/pagead/ Frame 103C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311060101&jk=3942912560862543&bg=!-vml-bbNAAZxrfrxUa07ADQBe5WfOAPVUxRRARYbMzkqGFqconBkX9uAbXuotlw7H_MWadkRVVkHXBv-oFo-MrsrkcLHAgAAAZxSAAAABGgBB5kC2LFvkndEGpRX97C-7esQrCYF61tvnWME35ldqmQVcusONpIotMAXryaWhGeboxqpPWjGsZogZcy2Y-0_llYA376G4NNNzvl5i-MNYXnWEqSIkeYL9EEEbZJtDCzjJgJRmn6NrIK6lMEJygGbPdWunLU3HxWpGWJfyRUoxiyMOafoP6lckI9vKXSxTxMje7D7JaN9m7U2mdPObO60W60eD03dLIuPnY0KFfzHj06ZEW_Q4A6-35HBN8Gyp_H4EaRT9Q18xY_VvcnfB32Qxohsi6e9EHmINpa030bYRbLV5nX5L3xfG_fX6x6Tt1Fdkuu53owYvwHXROBtzOYS6Hgqw4oVjD8XK0CEEeisUC_wIqpd1OxJ2anKthmWcxubhBeDvnrsxzgjl6errsLlW79KgDDOLQ745dZvoNcQQMIRqhr2Mp3ESbKVoaSDM8I_NH_sOtKM_N8_MGsqGapNyv61yXV_WFT9DYKKzc__oQP_Cu1wDK6ks9dp00YVnZX1jgypdNcB0uP8mh4uX11sUPPcQ3C2QqVF4dAenF99QMCIVlIay6IlF18SjRtAs90nNymkCLBVO4RhbfofvyhP-64iGZKtWzNXwHCOGD_LwFbDTlNNdAxo_erCCaoEEm-lMzwqS3CHu23QJpri6JNfBI9xUsVpk8qn0gQVkg7bOyvhgjm-20z_Im4KHlrw-47c_j5D-R0cKQG_IrlGeOQKfilgWJ876wK4435scmXStirxytzmI2ACm_xo2_juo7cvqnETRHnL60F7TVmIvogt_95QC0Uw21VxdTfFPX82lSvltXTMBZpe73WmM3v42u_KBKAXFIVh5SkRM7YhuFp0Tx1-KhFJSgIGQOkZIU6SiBbVqHczh6eHDpHRuuowC5dhQ7vIlT3-qL-COGK9lwUGPxnLkiVrjEMyq05y3ZYtngfrz-PKKqAg5XrwSkBBkYsdmKZDJPHcdb7lbhGU
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9458 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=3937491724862891&bg=!hoWlhcrNAAZxrfrxUa07ADQBe5WfOHOfLGoPo7jHBzFF1pl0J4UnXy6Up7CNP-0j2P-zJu1HUhxhNk4tEthNXmsgf5DgAgAAAUBSAAAAC2gBB5kC2qOormXry4JMB2Vjx3AtKNW1XWRvtDZAhPeJuB1eMm0mNwB3q4nVgZobnYqt3up7VyY36J4XPPXf5xOxYoRHQ_K7cI6-ElBmpGkeORON2myBJIrpWlRCw74FhN10Afb-UzvpKwXAsw36aYjxpshyJLWHWxRKTUktS1H2FzhGAblMK2ASHQIxzOuT6dLYHXT9c5xGOCZ64eeym4U_eZ7onCOXUS34nlzK_08Hwc73uEsa9Da2A0nJoFZFUDAoCcTUBXWZiZqS88odYxQuM5nOZx52tkMBsiepM1JudkZYlYehhYHvyUv7NRYBNL_dpTOZA0W_BQHBjkPNB3fj1JK00o7wnGNmLfNsJyXO_k-4RLzPV_5BEOSBnUbawxg03akGKVAQ5mt4eB1pS8h60zRcxZf1HyxiJbWD5iInYitb7yooVfdSKYRVBy4-Xv9CEBn7UKKgJPagvj7CF7zdV5COJG6sZ1VDcH77Kf9b47-1yg5aFqTqHBp08vSXn7GePP8O8-K1Ws4Y6ytfsWqwR1zuNivi6T9j_yrWccuwHJvVBGVSAtRy9yag32ve4rcU6AxnfDtlT_AEdYHkgjakR7orhGqMGFDgDSKXUFaNTW5KIhuNZBy0UJCcHX4O_9u_LbCNJXGHYnCcRiJZpbnqUKj6a54QIb5-BfAj9hi9yR8vleGD0c_l8MoYB_S3ejNIxBTxhc7U27PU96FLS3mlN6BqpKWxS9fAXna9OkufTLb73KMaplDuOD-4ONAKLBA02XVMteqxToQNKh1uNprcVXWx_kHcxxtYJHW-_1xk_ZS4mKgjuU9FXuSTSOLwk3DLw71B6hV_-Gc4LezTC5YjVmrJhv-k1WORsZsY3WNW7dfk8oXiymHHwYLbN95_90Q9zfc0A60ntxY5qFO0Bl_s4BoEglgWNFCLT_ERbJZioFxo7bEJdgCv3rK1RT5Gg6GiFxs-74sEYe3OmMhniEY
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6E80 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311060101&jk=2636775421236974&bg=!OTqlOnXNAAZxrfrxUa07ADQBe5WfOPV-MVBqVxLsNeTP_aNffltSMjAAlRo6UNGkAehUXVNsGBFfuia6RJKIS6dP3Qi8AgAAAPJSAAAACWgBBwoAW1vhoVqJ2F7tFLWisQacXw-2WAB_lATkpcXQdBJqc5iuXdHFA8V2UTVnBo7rjIEGqzQTnel5KqEKNIHPQectQMWvEooJSXwN6s4Q-AkqEtCR1RpV7mxFAiKlVjyZAs4rSDHIS6s5LEkiVYDVpsNlNrZCYsZABX6IVPAmbzaDbcPv3hCyx2jr6K4CMo4ei1Pk2KK1LRfyY8yQ43FqYtmc9ZEmU2ZLMJZQWXIoXeogqxk1moyhMpx27vqQwSwe1SgL4xh-GakX6sdP0EDKL_e5AownRyPf0OmSxUe99fHof6Ix26wLreA5r3g0am2O7AwNaOt8O6OlwTblL7UVtoDmJUikPnVltWarQQDVCMp6wa0lKJYwtscYwkBL9b5qqoU-C_tz-ZcF2i_iZZF9mjd_is5ONNIFwQTxIbQRmVZNQQdxpka3ADhjrIFzsmHYMndAgWYE91m8yCikhfBVdCLr2tIYjoM58E1cHKLYRN1zc8gWXFL-c2WUBUFtvkskrxa0D89kgk2Z5Tq_tKUxxsdZ4e2_5l43nc-bGhO2Bsu1xl6Uc3g9mQzIGjVtvS8hjizvVRdFRKuPq8xbCkmsz5Z9v14Q3wm9xIoh_ih3N2CcSF8CGuNe7U6nQzsaO6HeQDSM2zXwtc240VpBOgi3MK8JuvoG33YaNnGrUhU7EzSP9biEcYb_rZoZJ3oV3pvwTghAxVf_KtBDmAmyBICWhk1oFir2zKyEFsfq4mu51_loKEe1DFElW7p8S4KSB3U4IVbyCK9AWTHAKNY38puishGViV2xw4posruKj6u9DXEOq3jwSLFLYlTaEApEI7pCzoxiKdNxXV-LIwHF01ttDCtx3Dt_zv_H7d0Zx3B55Vdz0lDpkMemA-5apb8AqlF5iK4KSmI46ZyiisfaNE159V7oXQb0hwXKHje1lbyyaKuqiUjiPcWVimJfOR3eR8XHl-nR9-2731O4MMDeGhouB6z18xd2r_NoNu9LcqP6_yA_fvSJy0gvJRZpsaLFRC3WCRzvslDQ-zdX_a6EGsVbvcE7ssoVIxMR1Z0W4H-KaFhmbl8-yYR83UpK0AB5u7dV
Requested by
Host: travel.kapook.com
URL: https://travel.kapook.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame 4AB6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1704526&asId=57d815b2-2156-cc8d-772d-d4f8d5c89a1f&tv=%7Bc:tMi05p,pingTime:-10,time:444,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjEyMyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1699809006495%7C%7Cc8a0d5fb57c3bb42dd4c6bd1ac422c33%7C%7C4df39c49faab03d0511dbe678c90b7cd%7C%7Cb68ef28fc45ae2e526368dc6285297a9%7C%7C86d0d2d1cc5f2ec18fea5ad22a69a71b%7C%7Ceeb0db37095b6723a348d0f47f42922e%7C%7C0ba7b8bfba601d070e85faf1eb2f4dba%7C%7C69736106e9baba415e2dcf7ad31d407f%7C%7C1663701684%7D
Requested by
Host: be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
URL: https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:100a:68b6:1699:c2e6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:06 GMT
server
nginx
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311080101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f4d41dd8c18c365649237e8a7f8dabf25b97631509a5314161860e58580cbf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12393
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079574
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Nov 2023 17:10:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AB6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8466633056339&version=m202309260101&ct=76&x=1&cor=4858365288530560000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 17:10:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 61A9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3986
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 16:03:42 GMT
expires
Mon, 11 Nov 2024 16:03:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E8B7 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
305fec0843ef2b16dcbe659285326a6baa6cd78199dd9bdfbb8d7a3229c455bd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Kl4DNy_NCtMsC74QyLU13w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travel.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Kl4DNy_NCtMsC74QyLU13w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 17:10:08 GMT
expires
Sun, 12 Nov 2023 17:10:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame E8B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311080101&jk=1288756167641233&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
c6d1b6e0-d6b3-4eb8-baa4-f68e20c39d8e.jpg
s359.kapook.com/testupload/ Frame 9466 		733 KB
734 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s359.kapook.com/testupload/c6d1b6e0-d6b3-4eb8-baa4-f68e20c39d8e.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
1d37b318ae98952aafbf66e61ca15a558a6e93679ae5dc41c4f2e191b30ee4bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cacheportal.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
last-modified
Thu, 20 Jun 2019 04:06:11 GMT
etag
"5d0b0633-b724f"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
750159
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:08 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 61A9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 16:03:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
3986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 16:03:42 GMT
generate_204
tpc.googlesyndication.com/ Frame 61A9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uS4ghg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
3a6b30c3-ea4f-45f0-aaa1-8116491ebb05.jpg
s359.kapook.com/testupload/ Frame 9466 		666 KB
667 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s359.kapook.com/testupload/3a6b30c3-ea4f-45f0-aaa1-8116491ebb05.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
da6f5853a7f7edb5796e3795cda40711f13e29bbcd2f9a45d6059766b4a1a4e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cacheportal.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
last-modified
Wed, 19 Jun 2019 10:16:26 GMT
etag
"5d0a0b7a-a6943"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
682307
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:08 GMT
x8p91vy
www.dailymotion.com/embed/video/ Frame 9C5C 		65 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/all.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
981ad41d371f5f92ec811c3e9caba32759aab339c5059a314900ebf560abd824
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

Referer
https://cacheportal.kapook.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
21250
Content-Security-Policy
upgrade-insecure-requests
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type
text/html; charset=utf-8
Date
Sun, 12 Nov 2023 17:10:08 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Link
<https://static1.dmcdn.net>; rel=preconnect
Referrer-Policy
strict-origin-when-cross-origin
Server
DMS/1.0.42
Server-Timing
total;dur=18, dc;desc="dc3"
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin
*
Vary
X-DM-SSL,Accept-Encoding
eabadaf4-4572-46a9-9ebb-688a780b6c68.jpg
s359.kapook.com/testupload/ Frame 9466 		410 KB
411 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s359.kapook.com/testupload/eabadaf4-4572-46a9-9ebb-688a780b6c68.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.254.43.250 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d64809103f6b66e37f1d6a7ef749a17ea93788d8445b5171c946cea5eae08f25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cacheportal.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
last-modified
Fri, 20 Oct 2023 10:51:51 GMT
etag
"65325bc7-668a5"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
420005
kp-cache-status
HIT
expires
Sun, 19 Nov 2023 17:10:08 GMT
dmp.infopack.94d7a1ed02d3f4c1179d.js
static1.dmcdn.net/playerv5/ Frame 9C5C 		55 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.infopack.94d7a1ed02d3f4c1179d.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
3bcaeeac16beba97a799ef71722669f55a73bcf540e40320956a61eafbb5a6f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
age
355159
server-timing
total;dur=1, dc;desc="dc3"
content-length
14387
last-modified
Wed, 08 Nov 2023 14:26:30 GMT
server
DMS/1.0.42
etag
"654b9a96-da9d"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
0628f627f984a4166a452456d02f068a
expires
Fri, 08 Dec 2023 14:30:49 GMT
dmp.jq_flight.1d9782312a093aadb89f.js
static1.dmcdn.net/playerv5/ Frame 9C5C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.jq_flight.1d9782312a093aadb89f.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
5e24b61f7ae7a4e552208ab7eb54601da5fd5af5a24a5cf542839398a33a9630

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
age
1141953
server-timing
total;dur=1, dc;desc="dc3"
content-length
14946
last-modified
Thu, 26 Oct 2023 12:05:29 GMT
server
DMS/1.0.42
etag
"653a5609-a5e2"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
9dbd889b1410e0306ac95cf3fe61115e
expires
Wed, 29 Nov 2023 11:57:35 GMT
dmp.photon_vendor.4d691f5427958445345e.js
static1.dmcdn.net/playerv5/ Frame 9C5C 		321 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_vendor.4d691f5427958445345e.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
4b9ccae59d778f61af4962b6eba73404430dfce2065f29b3ae606e2c93d14f54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
age
2047648
server-timing
total;dur=1, dc;desc="dc3"
content-length
97732
last-modified
Thu, 19 Oct 2023 15:17:23 GMT
server
DMS/1.0.42
etag
"65314883-503ed"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
b788b199f5210d0bfb8069e1eaed5e5f
expires
Sun, 19 Nov 2023 00:22:40 GMT
dmp.photon_boot.149a336ccec2db6926ca.js
static1.dmcdn.net/playerv5/ Frame 9C5C 		117 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_boot.149a336ccec2db6926ca.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
e3f17937c7feeb38828661b6ccb147bbd4ae288da811e21ab88a32887cfa5aae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
age
281985
server-timing
total;dur=1, dc;desc="dc3"
content-length
37708
last-modified
Thu, 09 Nov 2023 10:49:30 GMT
server
DMS/1.0.42
etag
"654cb93a-1d237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
0feabad08b2fa344ccd473b286b283d2
expires
Sat, 09 Dec 2023 10:50:23 GMT
dmp.photon_app.40e04e86e07d6a5417e6.js
static1.dmcdn.net/playerv5/ Frame 9C5C 		172 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_app.40e04e86e07d6a5417e6.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
ce70fec7afcb42536f531714b742b4c5482af591e7801e03e08da0a55569fd6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
age
281985
server-timing
total;dur=1, dc;desc="dc3"
content-length
59511
last-modified
Thu, 09 Nov 2023 10:49:30 GMT
server
DMS/1.0.42
etag
"654cb93a-2af64"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
03966f8a446794e68d17a22b32720ab0
expires
Sat, 09 Dec 2023 10:50:23 GMT
dmp.photon_player.46040f5d17788a043db4.js
static1.dmcdn.net/playerv5/ Frame 9C5C 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_player.46040f5d17788a043db4.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
fcbf8cef206b4d0011533936101876b0523f3056f2414afed692a469dab6b382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
age
360109
server-timing
total;dur=1, dc;desc="dc3"
content-length
20023
last-modified
Wed, 08 Nov 2023 13:06:05 GMT
server
DMS/1.0.42
etag
"654b87bd-10ed2"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
7c54e35ceb2a33c9535674ef7e68295c
expires
Fri, 08 Dec 2023 13:08:19 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 9C5C 		363 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8ed9456b74c249bdb7a50d95659d7f1cfeec6014d19c253680509cba050f599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127386
x-xss-protection
0
expires
Sun, 12 Nov 2023 17:10:08 GMT
dmp.advertising.a1304fe20b506856d3b6.js
static1.dmcdn.net/playerv5/ Frame 9C5C 		181 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.advertising.a1304fe20b506856d3b6.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
bd1f6ebf42232520f13d49b07774337ab61302075878b67d8c1790bdef01f63c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
age
263608
server-timing
total;dur=2, dc;desc="dc3"
content-length
50607
last-modified
Thu, 09 Nov 2023 15:54:27 GMT
server
DMS/1.0.42
etag
"654d00b3-2d56b"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
fc111efaf4f1a564ffc760092029fb9b
expires
Sat, 09 Dec 2023 15:56:40 GMT
dmp.locale-en-US.7ea9e0789b5df615c7aa.json
static1.dmcdn.net/playerv5/ Frame 9C5C 		2 KB
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.locale-en-US.7ea9e0789b5df615c7aa.json
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
fe5a5f3469030993701e2cb0c63a1a66b1a3d59f87d35a5fc0fb0503fb534cd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
age
271783
server-timing
total;dur=2, dc;desc="dc3"
content-length
604
last-modified
Thu, 09 Nov 2023 13:08:56 GMT
server
DMS/1.0.42
etag
"654cd9e8-7fa"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
3e72d3cdfeb9b5d223da6a63ee680702
expires
Sat, 09 Dec 2023 13:40:25 GMT
/
pebed.dm-event.net/ Frame 9C5C 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://www.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sun, 12 Nov 2023 17:10:08 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
/
pebed.dm-event.net/ Frame 9C5C 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.2 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://www.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Sun, 12 Nov 2023 17:10:08 GMT
Server
edward-ed/2.2.2
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
/
pebed.dm-event.net/ Frame 9C5C 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://www.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Sun, 12 Nov 2023 17:10:08 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
x8p91vy
www.dailymotion.com/player/metadata/video/ Frame 9C5C 		10 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymotion.com/player/metadata/video/x8p91vy?embedder=https%3A%2F%2Fcacheportal.kapook.com%2F&locale=en-US&dmV1st=ef50cd98-ac86-4368-b889-f91fae92d9e5&dmTs=252029&is_native_app=0
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
79e15de027054650267ec8eab0147da3acf903383f816b79bde5db33ba451a37
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Date
Sun, 12 Nov 2023 17:10:08 GMT
Server
DMS/1.0.42
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary
X-DM-SSL,Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Server-Timing
total;dur=119, dc;desc="dc3"
Timing-Allow-Origin
*
Content-Length
5460
/
pebed.dm-event.net/ Frame 9C5C 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://www.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Sun, 12 Nov 2023 17:10:08 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
vendor-list-v204.json
vendorlist.dmcdn.net/v2/archives/ Frame 9C5C 		418 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.dmcdn.net/v2/archives/vendor-list-v204.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.infopack.94d7a1ed02d3f4c1179d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
AmazonS3 /
Resource Hash
b0978fb0412437ad74f3482f09b3c0084254e06ca8a3956467c7a388746ab840

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
GSRcJmcaUJWitICBWr9S2xwSG6ODE9pk
content-encoding
gzip
via
1.1 07a270ab1aab3273835b92a016f8a5dc.cloudfront.net (CloudFront)
date
Sun, 12 Nov 2023 17:10:08 GMT
x-amz-cf-pop
CDG52-P1
age
460294
x-amz-server-side-encryption
AES256
content-length
55946
last-modified
Thu, 29 Jun 2023 16:05:24 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
178.79.244.142
x-amz-cf-id
J4dZPkXyyAP1CICQmKWb1ym-BUkddrNcaA0Cwz0ohdU3CicLjS7t3A==
x-llid
ae3c29d3d1528aee408036b606526cb6
expires
Tue, 14 Nov 2023 09:18:34 GMT
dmp.quality_switch_mse.6a13042003b6018133af.js
static1.dmcdn.net/playerv5/ Frame 9C5C 		388 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.quality_switch_mse.6a13042003b6018133af.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
041e8c6602095e4f4dbe24c0788a7fe211cfa6b9b515dfa35eef1e00b5bdb875

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
age
376560
server-timing
total;dur=1, dc;desc="dc3"
content-length
118644
last-modified
Wed, 08 Nov 2023 08:28:44 GMT
server
DMS/1.0.42
etag
"654b46bc-61136"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
be2423bc129f2561439ad2c17074c200
expires
Fri, 08 Dec 2023 08:34:08 GMT
ABCFavorit-Medium.woff2
static1.dmcdn.net/ Frame 9C5C 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/ABCFavorit-Medium.woff2
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
2d7e04f93797dca868560733bfe7342aabd013ae8bba52073a35bc5fd99e830b

Request headers

Referer
https://www.dailymotion.com/
Origin
https://www.dailymotion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
last-modified
Thu, 20 Jul 2023 12:37:15 GMT
server
DMS/1.0.42
age
676141
etag
"64b92a7b-ce44"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
total;dur=1, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
52804
x-llid
57f2711eab97327847b0e8992136b8df
expires
Mon, 04 Dec 2023 21:21:07 GMT
ABCFavorit-Regular.woff2
static1.dmcdn.net/ Frame 9C5C 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/ABCFavorit-Regular.woff2
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
cae765e89c38588186de4b36811acb8e873a674a2ca9223dca8fb391a012082b

Request headers

Referer
https://www.dailymotion.com/
Origin
https://www.dailymotion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
last-modified
Thu, 20 Jul 2023 12:37:31 GMT
server
DMS/1.0.42
age
337913
etag
"64b92a8b-c320"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
total;dur=1, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
49952
x-llid
42db658097adc38e6ad25c36cc4d242b
expires
Fri, 08 Dec 2023 19:18:15 GMT
latencies.js
speedtest.dailymotion.com/ Frame 9C5C 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://speedtest.dailymotion.com/latencies.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.40e04e86e07d6a5417e6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.91 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
st.dc3.dailymotion.com
Software
/
Resource Hash
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sun, 12 Nov 2023 17:10:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Sep 2020 07:44:45 GMT
Content-Type
application/javascript
Cache-Control
max-age=21600, public
Accept-Ranges
bytes
Content-Length
2041
Expires
Sun, 12 Nov 2023 23:10:08 GMT
vendor-list-v25.json
vendorlist.dmcdn.net/v3/archives/ Frame 9C5C 		530 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.dmcdn.net/v3/archives/vendor-list-v25.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.infopack.94d7a1ed02d3f4c1179d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
AmazonS3 /
Resource Hash
61c3f279c024c4b28081fb6bda43f4e25dd8e7d9efbe3ade1d4ee0b188f88e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
tKdlwoOnw_GuFP84h.C9QwQb.UKCEEKj
content-encoding
gzip
via
1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
date
Sun, 12 Nov 2023 17:10:08 GMT
x-amz-cf-pop
CDG52-P1
age
261317
x-amz-server-side-encryption
AES256
content-length
66845
last-modified
Thu, 02 Nov 2023 16:07:35 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
178.79.244.142
x-amz-cf-id
PY5CzDH0mlCkeKe500t6-BkouJsdHavoJCFcjwtjNusaBqqTZBkuaA==
x-llid
85cc3c156a545b46dbbd3f48f5da7054
expires
Thu, 16 Nov 2023 16:34:51 GMT
/
pebed.dm-event.net/ Frame 9C5C 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.4d691f5427958445345e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sun, 12 Nov 2023 17:10:08 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
dmp.omweb.d252f0b4c506271f4ce7.js
static1.dmcdn.net/playerv5/ Frame 9C5C 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.omweb.d252f0b4c506271f4ce7.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
c9f581d340bfc6744ba2045f76253c9cf32ea544ed3f777cc9f4f53e81e9e858

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
age
463268
server-timing
total;dur=1, dc;desc="dc3"
content-length
13985
last-modified
Tue, 07 Nov 2023 07:47:39 GMT
server
DMS/1.0.42
etag
"6549eb9b-a187"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
600c6e59d9b26d1f36a5ad51b47b2250
expires
Thu, 07 Dec 2023 08:29:00 GMT
dmp.omid_session_client.b1d60b053fa0dabbdda9.js
static1.dmcdn.net/playerv5/ Frame 9C5C 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.omid_session_client.b1d60b053fa0dabbdda9.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
e51bf4a5da89c223a83617078b466770b1e4d590f2430e74de39ce765762c840

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
age
380917
server-timing
total;dur=1, dc;desc="dc3"
content-length
13451
last-modified
Tue, 07 Nov 2023 14:16:57 GMT
server
DMS/1.0.42
etag
"654a46d9-11010"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
01a803cff00527e8e474d6dbefd92da2
expires
Fri, 08 Dec 2023 07:21:31 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 47E2 		363 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.advertising.a1304fe20b506856d3b6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8ed9456b74c249bdb7a50d95659d7f1cfeec6014d19c253680509cba050f599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127386
x-xss-protection
0
expires
Sun, 12 Nov 2023 17:10:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311080101&jk=1288756167641233&bg=!-fql-rXNAAZxrfrxUa07ADQBe5WfOCuc8i9Lgh9nMNS2sYGhAnc8P_OuLrEV3a32oKcdRnpt7DMQWv-lcMzlXbGQ2XV0AgAAAFFSAAAACmgBBwoAXGoXFzU1opXXz84ga-wcZkRvAXXkwSsdq5NGZQHfxKip6mdwLgCrWpr6uAfYE7C9X9lRRnDrqnoi0F_XwQeWqQT9pmwV59dk4vrKY9oEXWHpaOYi_VcoegpmjSJ0mQLCAiSr4bURhByVVM7GTagQcSvmcDkfsAqDSNYzhRGO2Lze519Crhj02kUSlDNcrIVCNDYsz6rkWOyXKnrQk4jYtkpKil6eFbfQ7b1hHLHr6EYJT8Pu1bdtZpUxm245oVmRmWzPST7xRdqVhixE6J00WuQG9sIMM1cMluLfS4Bx3sWF0Hs2a8T3Glr-jpkELNI1AWQwHdq6DD6gQA1p2r1GmE54LDXQDpypc81oEDWuCYfiFMYoX2P-Bz3StlI291SDOhx6VV3sWhzYFHLqsZ6j3tIbcBagQuBlKCfS-Jd84-JFYHmPteh6tIYqXBW0H9zdyxnZFh0-lJDdpxfla1ty01dvxYabgOyGCFy-oCnvc2SLMc1mlVAVAgaP3oLpMbEG7ziyhrMrLalmRXvdFmjywzuZ4m0W1kiaudGl8BnqlHPULEeHnCI4cCBzcHiEhpZpRKArwGtfbtIj5RPPgEutwNhwaFyX3AWGOAZIRJ17QY0_uBVzo5QWhgstD6wDdAdaYkupu_hOMsB-qbZTvJ1UqWyZQ7MrgvEccNpJD5H0DFlPQomKch9Y8bzM_XJEt4IWYJ-TDS1bjWmMwm5HmbzhwL7JF-q1rBzSNk_oeZi_fd2eJECD8eluLrSsUVdme6p2ktlniHz7Mok7MvT7GLsOd4Ksy6LotmmPdi8kT7daHZP21I5MztcOIFkVPxgwUMIgZJ_e5iyHEKajntif2ikQ10hKL7bVOjv1MkB4c17K9ZrhYAnpRHGwuc4Bt-VOuy8pYbHNdoFqVMW33VIkPP3ixpPNQyxVRoIOIlF57pU_4Rz_V98itXTEQAahv9xuXauib_emh5TgJSHOobOGcklKJZqUHlOsUNYywQvvpkU9fFZPc8myq1HPswKStg8mn6lNqbFqCBXoNTQYyGqOUtVVBq1GRghV8qQlIE0ApAWPXXfc6A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 9C5C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.40e04e86e07d6a5417e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Nov 2023 17:10:08 GMT
cast_sender.js
www.gstatic.com/eureka/clank/119/ Frame 9C5C 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/119/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 20:16:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 12 Nov 2023 20:16:41 GMT
bridge3.603.0_en.html
imasdk.googleapis.com/js/core/ Frame AB1C 		756 KB
243 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.603.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
294feb6a114a8d5497b34c14bd6666b75f0781447823cb048f2b52bad0237837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymotion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
37846
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
248265
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 06:39:22 GMT
expires
Mon, 11 Nov 2024 06:39:22 GMT
last-modified
Thu, 09 Nov 2023 20:21:08 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 47E2 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Nov 2023 17:10:08 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 87C8 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 16:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 12 Nov 2023 17:12:43 GMT
x8p91vy.m3u8
dmxleo.dailymotion.com/cdn/manifest/video/ Frame 9C5C 		0
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmxleo.dailymotion.com/cdn/manifest/video/x8p91vy.m3u8?auth=1699981808-2562-fvtblp5i-01dec3385346f716ad4134c873f27ab1qd4-aFbtmDff06k2WGxJKkFo89fg1fT79t-bVLu-qDUdEwKVlbsdvpo1Kop0xLjpnO5Jwp9ropRRJjz2qQgNTmYAo5gpRyPRS5fjpfcRHsaof1CDgOl41i9YR2BpojuHmnAImSbqg8O0mUU4B-wCbC_5SSKAXY5vx_D5x6soCJ1wMdqZSGWbGmHxHcjqIW16frX4o-k07tlQYL-lNhdmTQpbHW8RD448OgBXWM2v8za0p6V_q68jWoiG5AMuGrhBh6V7ueFlGGEYvukmE_UEKhv2W5SJbHhokDlxIatP_Twsm3vIt73I8mUdedcbuyeS_qNn8PV76WB64SZjjiNSNQ_eZcKAowwKW4ed0BtHzoh-ZfltAxrZZKZiEQnSnkLQnw9sJw4Xw0V3E5dM8pf6iaooDuGQkr09LO2ObdkoA1Z16qjZpUId4ZEyk3U62OUjOzbQFsnbNUU2GwmN_T4pc19YdsJ-fzkW1MYY8-Ujw9iIIUrZqznqKuTE8gHAWk_PgEibyisrAwihZZShJPYMnGqzGh5kCE3Jl0yBATXJ-7rW6Sg7wWlLxhD3_-r5JPXURLBsjFOYyqRd0pO3k5AJF4lo8w3CZE3qstH5QtLN5uANCI-sMusORaQ_6-sOI1B-HnOUemCgHFy8ycodSogHmvX1c62XHodkT3KIldfHSvTy7bCnAr3TxMzC_CuvqeuTOcx1Ksqets_Kxdtg3SRAOu76U8d-JKoGHVNYfj1d_Frwt0PC7aWOP-lD4Ex_BPRN-PRek2hOwatfdR97EQ7tKlc3kVtkaZeQPuK7ghMPabbZ6BFiNDLAfXGYuXmwkWNz7rDz8_N2speagH_O1R93arj_hnOyuTFJHKrGQ3FyjXYRtzjkR5OcNXsdwUgMTgJt8BvSfdutLuUbo1wakCisblKV5aP-vLcJAB8pEvMtnb7-M4leruQm1-74CBVjrBzoTbP3_EVDsNdMaPp8zTV4pYTuPtOdTFvDKEigdrXYERmeiG3814kMyxaW2_S-C7EIf04izyz_26kY8jJzOJdSuqFHL8TmtJoVq2s5bkyly2XzcqE7ULGGZru_OsxuDAR00BgnQoiOGXdylY_18eBeUDkluUYyir14ZS-f8ckj0rca3WUKnMIkfSulhv2CSGD9C1e7Mjh2lcPOlhBnqe-QUaYc7Up4K3FwyGULKeX7c2BBXekzhOHrjHAEV26gtsr4FqywZ4jnfjPMG8v3bB4zVz7FmglOaanCSiHKthquNFT-_uKS2wiOo3D0JKScxZ5vzcVTJwl949dGRAGqQjF5uYFz-VKMurZ0oUMmC0kDZ1vEO0loSnJzvegAr4bLgtH_hTosYW6e4LjRiO5Mqve6gHhBU_iwy8i585ZiULPxrpi0&af=[APIFRAMEWORKS]&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=0&reader_us_privacy=1---
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.advertising.a1304fe20b506856d3b6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-03-pub-prod-ix7.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-cmhkb
date
Sun, 12 Nov 2023 17:10:09 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET
access-control-allow-origin
https://www.dailymotion.com/
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
/
pebed.dm-event.net/ Frame 9C5C 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://www.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Sun, 12 Nov 2023 17:10:08 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
x720
s1.dmcdn.net/v/VN4hE1bIeIugfQGV7/ Frame 9C5C 		159 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/v/VN4hE1bIeIugfQGV7/x720
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/2 /
Resource Hash
8758c02020e072bdcf969206a977346c1cc07178b29bc852e306db728bd4bcb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:10:09 GMT
content-encoding
gzip
last-modified
Sat, 11 Nov 2023 14:04:03 GMT
server
DMS/2
age
77303
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=2, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
159922
x-llid
48bae42f92142a0ad49f3d727770ffd3
expires
Sun, 12 Nov 2023 19:41:46 GMT
visible
trc.taboola.com/kapook/log/3/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/kapook/log/3/visible?tvi2=4948&tvi48=11593&tvi50=13623&route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231109-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel.kapook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
17
date
Sun, 12 Nov 2023 17:10:10 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
12948
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-cph2320058-CPH
pragma
no-cache
server
nginx
x-timer
S1699809010.411748,VS0,VE17
content-type
image/gif
access-control-allow-origin
https://travel.kapook.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

327 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| documentPictureInPicture function| $ function| jQuery object| PWT object| googletag object| slot1 object| interstitialSlot function| getCookie string| dmpUserMaping_id object| innityDataLayer object| _taboola string| campaignName string| GoogleAnalyticsObject function| ga string| page string| current_cat object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key object| innitytagmgr boolean| bG56d8ee121c51b14f6e964404 object| _innityq object| TRC function| _typeof object| _tblConsole string| pm_pgtp undefined| msg object| google_tag_manager function| onYouTubeIframeAPIReady object| ggeac object| google_js_reporting_queue function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| angular function| whenerr function| varidateemail object| app function| market_edit_button string| base_dir string| base_tpl string| member_logout string| member_login object| default_req boolean| bG5f47736a47e7049801000002 undefined| google_measure_js_timing object| google_reactive_ads_global_state object| _innity_wtl object| _innityoq object| V object| _iampt number| dz boolean| _min_launcher_active object| _minUnifiedSessionToken10 object| _min_tv object| _tvp boolean| _editor_tv_loaded object| _min object| scriptSrcSplitted function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| image function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| regeneratorRuntime object| ox_esp number| google_unique_id object| pbjs object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 boolean| _minAlreadyLoaded string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc string| _norec undefined| stat_frm string| truehitsurl object| ga1 number| VisitorT number| onSeconds string| p_cookie function| truehits_set_no_cookie function| truehits_set_accept_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page number| __thflag string| udf string| arg string| _narg string| rf string| truehitsurl_top string| th_rand object| truehits_div undefined| th_img undefined| th_link function| lead string| nam object| placementData object| __uid2SecureSignalProvider object| __uid2 string| u object| dp object| lazySizes object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| msgData object| tbopt object| GoogleGcLKhOms object| google_image_requests

46 Cookies

Domain/Path Name / Value
.kapook.com/ Name: _ga
Value: GA1.2.2050826997.1699809003
.kapook.com/ Name: _gid
Value: GA1.2.1166201078.1699809003
.kapook.com/ Name: _gat
Value: 1
travel.kapook.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.kapook.com/ Name: _ga_DBZBLF8EQ4
Value: GS1.2.1699809002.1.0.1699809002.60.0.0
.travel.kapook.com/ Name: freq.5f73e63e47e7040e00000000
Value: 1
.kapook.com/ Name: minUnifiedSessionToken10
Value: %7B%22sessionId%22%3A%223090aacb9a-d1d19de5f9-2f28d72f44-fc641cd45a-e9a49c8ba8%22%2C%22uid%22%3A%2245a9a88038-5e49201a03-ab363d2f9b-92699c1afe-9736bdd48f%22%2C%22__sidts__%22%3A1699809003223%2C%22__uidts__%22%3A1699809003223%7D
travel.kapook.com/ Name: minVersion
Value: {"experiment":1933763344,"minFlavor":"Kapook Prodmi-scraper-1.17.1.09.js100"}
.kapook.com/ Name: lotame_domain_check
Value: kapook.com
.criteo.com/ Name: uid
Value: 93f8f9dd-b642-4dd2-b021-7b98a931940a
.openx.net/ Name: i
Value: 1d2a4bff-0949-40a9-9ac2-1b9ac19509e5|1699809003
.kapook.com/ Name: _cbclose
Value: 1
.kapook.com/ Name: _cbclose53935
Value: 1
.kapook.com/ Name: _uid53935
Value: 07C4B5FE.1
.kapook.com/ Name: _ctout53935
Value: 1
travel.kapook.com/ Name: verify
Value: test
travel.kapook.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Df5c123b7-a697-4108-a545-d03197210ff0-tuctc4a8c6b
.kapook.com/ Name: cto_bundle
Value: CdGg1V9Xa2U0NmZMRTNVOHU5M2VEeDElMkZNYjQzUWZhWWZ5M0l1QWVYbHVRa1VFTDRWaExFTnEzJTJGT1pEVnlOMzBvZHVoellLVWFkNWRUV0slMkYwJTJCZktLWGphT3olMkIlMkZIYnJWdiUyRnJUeXJUcjFmU1RUdFdUTGlhNk1yc0RidGxpUTdXbnBXJTJGdXclMkZvN1ZRNmJ6QTI0OTlRMCUyRkhPU09pdyUzRCUzRA
.kapook.com/ Name: __gads
Value: ID=473c3934d8add08b:T=1699809003:RT=1699809003:S=ALNI_MYQFiJBVuqHKy5BDdfLCTKXK25JCA
.kapook.com/ Name: __gpi
Value: UID=00000cc125544923:T=1699809003:RT=1699809003:S=ALNI_MaIXD61dmQ0_oy2PF06lIvih3XkLQ
.doubleclick.net/ Name: IDE
Value: AHWqTUmQbg8ZSgtWXvSs5RHgUv5VaVAcAPFKvfMJoqQ1vjH_WnHPMkSGk-R1DN93Jr4
.innity.com/ Name: iUUID
Value: a1a803fb690aebc4191eb2264010f667
.kapook.com/ Name: iUUID
Value: a1a803fb690aebc4191eb2264010f667
.kapook.com/ Name: innity.dmp.143.sess
Value: 1.1699809004027.1699809004027.1699809004027
.kapook.com/ Name: innity.dmp.143.sess.id
Value: 236231441.143.1699809004027
.kapook.com/ Name: innity.dmp.cks.innity
Value: 1
.kapook.com/ Name: ka_iid
Value: XqgEaAobVVPcTX3TRWsYer
.kapook.com/ Name: ka_sid
Value: BaEgFi3rZejqm9rRToyQ54
.rubiconproject.com/ Name: khaos
Value: LOVQE5OY-4-LFPW
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoDt/DlLIktu7U1ZxogGjlwOA+xFj1I9sfQKCb/4IkTDtqTG1yFY3n/OVXdq62fbuBcwU9v3Cm//jBL9RgbQbtMKxOirMlc0tIhkTnGhAX54b7FQD2yB//h3OlDu/ORdD8=
avd.innity.com/ Name: geo
Value: EU%3BGermany%3BDE%3B%3B%3B
.doubleclick.net/ Name: DSID
Value: NO_DATA
travel.kapook.com/ Name: _lr_retry_request
Value: true
travel.kapook.com/ Name: _lr_env_src_ats
Value: false
.casalemedia.com/ Name: CMPS
Value: 1170
.adnxs.com/ Name: uuid2
Value: 5567532383576070524
travel.kapook.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-12T17%3A10%3A05%22%7D
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E><K2rX*!@wnfH8K6pQK`!5=E<*L5?%K<l!a`-3x(dL6RNk/2aINj7#?D3?[+IaSbC64%nugO%v4VB%nn-H*1<0(
.casalemedia.com/ Name: CMID
Value: ZVEG7R-CFX4qD3K3AUuH4gAA
.casalemedia.com/ Name: CMPRO
Value: 1170
.doubleclick.net/ Name: APC
Value: AfxxVi7NAInp-i9GlhwlSC6V0FCprf1ZorXxXgYRHy_VqsnpoyR6oQ
.googleadservices.com/ Name: ar_debug
Value: 1
.dailymotion.com/ Name: dmvk
Value: 655106f064cf5
.dailymotion.com/ Name: ts
Value: 252029
.dailymotion.com/ Name: v1st
Value: ef50cd98-ac86-4368-b889-f91fae92d9e5
.dailymotion.com/ Name: usprivacy
Value: 1---

5 Console Messages

Source Level URL
Text
network error URL: https://ads.adnuntius.delivery/i?tzo=-60&format=json
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://travel.kapook.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://travel.kapook.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Message:
The resource https://static1.dmcdn.net/playerv5/dmp.photon_player.46040f5d17788a043db4.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.dailymotion.com/embed/video/x8p91vy?api=postMessage&autoplay=false&id=player&mute=false&origin=https%3A%2F%2Fcacheportal.kapook.com&pubtool=jssdk
Message:
The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6ce14ed4a481a746b441d57ad249034d.safeframe.googlesyndication.com
ads.adnuntius.delivery
ads.pubmatic.com
ads.rubiconproject.com
am-trc-events.taboola.com
api-center.kapook.com
api.dmcdn.net
api.rlcdn.com
apv-launcher.minute.ly
assets.thaibuffer.com
avd.innity.com
avd.innity.net
baed308f91df3594ad67cac3715eb15a.safeframe.googlesyndication.com
bcp.crwdcntrl.net
be9721d68fe20bfecde1100aeef37c3b.safeframe.googlesyndication.com
beacon-ams3.rubiconproject.com
bs.serving-sys.com
c3c654c49e520c851321dc55bd170e78.safeframe.googlesyndication.com
cacheportal.kapook.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdn.thelead.tech
cds.taboola.com
cm.g.doubleclick.net
common-api.kapook.com
connect.thelead.tech
counter.snackly.co
dmxleo.dailymotion.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
horoscope-preview.kapook.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
lb.eu-1-id5-sync.com
lvs.truehits.in.th
match.adsrvr.org
mug.criteo.com
my.kapook.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pebed.dm-event.net
pips.taboola.com
pm-widget.taboola.com
region1.analytics.google.com
s0.2mdn.net
s1.dmcdn.net
s359.kapook.com
securepubads.g.doubleclick.net
smarttag.rubiconproject.com
snippet.minute.ly
speedtest.dailymotion.com
ssl-avd.innity.net
static.adsafeprotected.com
static.criteo.net
static1.dmcdn.net
stats.g.doubleclick.net
t.pubmatic.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
travel.kapook.com
trc-events.taboola.com
trc.taboola.com
vendorlist.dmcdn.net
videoupload.kapook.com
www.dailymotion.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kapook.com
api.rlcdn.com
104.21.79.241
119.81.216.16
141.226.224.32
141.226.228.48
142.250.184.194
142.250.186.66
151.101.129.44
151.101.193.44
162.19.138.120
162.19.138.83
172.217.18.98
172.64.151.101
178.79.242.16
178.79.242.181
18.195.18.229
18.203.173.246
185.64.189.112
185.64.189.226
185.64.190.78
185.89.210.180
188.65.124.59
188.65.124.66
188.65.124.90
188.65.124.91
2001:4860:4802:34::36
202.183.165.12
202.183.165.130
202.183.165.170
202.183.165.194
202.183.165.195
202.183.165.226
202.183.165.228
202.183.165.44
203.154.58.214
205.185.216.10
210.4.137.32
23.213.164.238
23.218.210.30
23.45.238.46
23.56.202.187
2600:1f13:800:7782:100a:68b6:1699:c2e6
2600:9000:223f:2a00:8:48e:53c0:93a1
2600:9000:2250:7600:a:e047:753:a221
2602:803:c003:200::31
2602:803:c003:200::67
2606:4700:10::6816:3556
2606:4700:10::6816:49ae
2606:4700:20::681a:bda
2606:4700::6810:5814
27.254.43.250
2a00:1450:4001:801::2002
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2004
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
2a00:1450:4016:80b::2003
2a02:2638:3::3
2a02:2638:3::c
2a06:98c1:3120::3
3.33.220.150
34.102.146.192
34.120.135.53
34.241.138.233
35.244.159.8
52.48.43.143
65.9.66.97
69.173.144.139
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
01599c23721805d7cea27fe86aabc5340e1244773a243f40b201a38240a7fffa
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
041e8c6602095e4f4dbe24c0788a7fe211cfa6b9b515dfa35eef1e00b5bdb875
042fee0b1bc726389e3a8d5b3b294f6fff68bd6e222eb47cf2f7e69e5d45a1f3
06821251a29e71f8fd4f60349667c54d163b16d7bc8b1d47144c7f5042683eef
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0f4d41dd8c18c365649237e8a7f8dabf25b97631509a5314161860e58580cbf7
0f5101bdf5ad926d0a55a6be0766ea779623edd7b0117db993140063f232aa5e
125fe72b07102cb28c61d4f46befb1b818054d51c156e61de07c1afa5c3e577f
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
1410dea66b49a099be17186a6d7290d6f7d1117d7ad157083992d4746267f273
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
177816f6f1d39374ba3cd41022cd933ab97bf5c91fb1fe37c78988fa74958d0e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18c32489ad4b5869d199970a70ada9cae17a82d7588f9f6145289cfe0087433f
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
1c01c6e4102f57bf88bff2d9a53d97f4f4dca2dc87cd1489253a711e5a1b1c95
1c358fa188485b3d82ab7db02d4820cc10abf303022b6da2cb075cd31a44935c
1d2a8c794add60a46cd6b6baccd0f696f532a5890f4ae056e77ea862782f3cd6
1d37b318ae98952aafbf66e61ca15a558a6e93679ae5dc41c4f2e191b30ee4bc
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
1f1ddd2830203e34f3434ea1fac6e9535a819b299751a11b7f7d9b6a138a8b45
1fe6520a378ad338c66db239d1b57c2d0ac504e3f92e4d19ef082ab0d7682c89
1feae27bce64848747874eb049b0b945cbad02d0a88c21df9eb42a80005a8fd0
21791dfaff28df4fbf2b1935f522bf65f395bd713b0cccf6f201378c0f7638c0
2204c52b03862331837b790411412037ed0e2b58b6523476f5c60f5cf92017fe
23434d0a4c8b9f6bc076f2c8c52bee7a43018e2c39121a37273af892424a61e2
237109949b73d2ee41a8d07042fc132ef14bcb34f443374eb98622686f62ca9f
261bb00bef911c5669e21d2eb97c372fa56ac5b0fd511886d7365980168e9481
27cccbf9ebf3d40c6f0e333a63884e8970b1ad2d87b45665cdba5bc299895fff
2893ebc03822f03fd246ffffcccca7dbbe3d1679e92b6ad76953b4e29070ceda
294feb6a114a8d5497b34c14bd6666b75f0781447823cb048f2b52bad0237837
29b27277ffdae0b8e724a5dc20c151b08db25da34f0100384d149f537c8b714b
29b9986f3e1992a2c0f3023a51372a264110e13ced1162735bd0d97df9c18a3b
2a519ee541368c16d1dc0c9b318178352db8c1f0d0b4e2a91d05dc0b109c44d5
2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2d0450c75ac5210708c38762c9e88373908b2610436dcc74b07cb082a52d3b1d
2d247b603b07408af80633a6363da609ae63f7415d79826d5118ca17dc2a267a
2d7e04f93797dca868560733bfe7342aabd013ae8bba52073a35bc5fd99e830b
2f0e7f7c9e5509ec27009da90a4d3d94a22fe0b91073fd63be13e3639feb1adc
30551fbc8b5f98e14e92395056a1a8f7a0495e88fee18ea380102cbcec6d475c
305fec0843ef2b16dcbe659285326a6baa6cd78199dd9bdfbb8d7a3229c455bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
32b8f7fe771c69d41c0091b53aa3ac56d02d6521839981d948dedfe323d728f6
36abbe66c39563f37a606823d165dc071c18f1dddac382dac18e057ec796e04a
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3bcaeeac16beba97a799ef71722669f55a73bcf540e40320956a61eafbb5a6f1
3e61bf4298311f14452c8aa0abec275c00f0833607dd7a914fe9f3ea670cd7f3
3f92ea558a79cf8f388e91a35473822588830912921d184272f0f0fddffaab6d
3fbbd700e04cb4c5110e7cbc4c7f427fb82fe071eda1f784c63a6a720536d356
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41d685c8f8aad1faa965a43bd9e95c4031c027af46cf63c285f53d60bc3e0fe4
426d1b38bc1c15f3559cc0c402cb1d3f291d762254ecc9063e6aa5802b704d5e
42b3a318cec363934ec36e78e45a16bed67288d69cacc4e2f310302a24353729
4332e8074a3e0437193b2ba885f90299fbf1b72bfa88fadfbde19b963947ea24
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
487d03aa235121e6b270fe8519aa7dba066c0153760364e4d2c85d41990a4b53
49379a46beb11e78fb8433866afc09b5bd7415408100878ea800ac6268635e3f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9ccae59d778f61af4962b6eba73404430dfce2065f29b3ae606e2c93d14f54
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7735e909657be0df267d90f04a0dfac08e72b5941f7bdf8b92a516389377e4
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53c9770af4af1bf270107ebabbcfbb3166cbbb6ef068948e8b04b30747b1ddeb
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54822c5709873bcf9afc8091b8441dee5f4acc246672adc5c720899a6fc21f32
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f2625c08eaa7a6a15692b56d75e76ab8529887b2354767b54b7bfba3c13b57
591e83b3346c9a91bb0ac1c9c658fae064d1b61e238b2efb2f213215323a9882
59ce937613311d1ed6f8b028b62172ac1090a451188e0dfcb48d00e65152a5ba
5a298162070e6c98a3babbbacfb38fb188d1ea28e7f14c61524426b4414f2cba
5e00de4417916c8714e74125c11326c2b1b735260e048035bb9df86629a4c6fd
5e24b61f7ae7a4e552208ab7eb54601da5fd5af5a24a5cf542839398a33a9630
60226320cb0692f161a56a013f4dbd66e60e578533a2c995195677c911e508c2
613d3c9b1ae664647fc29af09983332254942b09d13dbc83eb8918e70843c639
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c3f279c024c4b28081fb6bda43f4e25dd8e7d9efbe3ade1d4ee0b188f88e79
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6501f17d0120035bb709b4bb2e848af8bf31f4b9ec55834387015602daadb02c
66af4b6ecf2e600238c6f4bb6a27f06a0d702572729e87b94cc613e929aaa687
685f32974986dd646327f5832e284355def02bc5db81f694270f011164c0c4d4
68a74faccf1effbef222a080bb168c97fb65dc45d65968e4a5ee33143cfb30d2
68dd06112fc046b2a7905cdd6f36a706823bfabb97dcdd54952f820457c2c719
6adcb82ac1c56d24b6371b5a82bba8a42645495fb5b080aab1e2e14469b1d725
6b9afe9d31fdf33d3e4ceb6377eb6a2e7a915527cd8d00941ec482aee5cad52f
6bab66166f1a4f71f3fe93c6adfe3badd524c44b8b2e616309715633e0294040
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
7279eefe0970c580a6bdc1fd8d3da4ffa784287907f11bf5d682b88b5a0f921e
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623
72b8ca564049e15f7ab62c0adfeaca7785dc44c82b3dd33b4798b1d8af096348
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73e68a48c16c6da2550f2ac9148bce869fb8a966b01e61d7328469677a21565f
760ab9911c00c318c2ccfa343765c3c40fe4fd218137dc639cff9aacec12f8f2
79e15de027054650267ec8eab0147da3acf903383f816b79bde5db33ba451a37
7b725ae865db1ff6a60a6dc326de6c6689138e473de067d5309b8562ed8addc6
7c56eaccdfaf45898b493d44f6063c20f365137a89bc2a883f2b7a53a3f5ea2d
7ec7656b1960bd3c9bb1d326a0f9cbdce0be87adc5cbfb16413a79b30848bceb
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8297df6f59960af9ecaa73d9fa3dd3ab128345d6ae8c6f1b5eac6fd119e2690c
833516392eacde86c60db73a268dae62bb18bdd56b82adfe2ce31125a99d1da2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86895a53ee30d41959d688527f26be06d7b4d83cd1a93bb80703c681eddb998d
86d4c73c2b90cb0fee28a5cde2e6900150106c769af4e53b2dd1bb9a12f6e5a4
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8758c02020e072bdcf969206a977346c1cc07178b29bc852e306db728bd4bcb7
8819b0d3268b13f643a92860ff6db03177c44398768eddae4c7572187dfcd480
8a8e927929be2eb5f041cd13c96724e985331f031112b5ce1270d8c39b8e1049
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8b2014ed8ad6160249c500029638c83c211b769e0cb85a32d52e95de220b4b56
8e02f8b007cd163f883dfcc333097df59ddfbfe23d25a1a7f1da36d30a8f17ea
912652253daf051b40f3a569eadce6f019d81a72cf0861e3ddc83e2fe8782a6b
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94dbbf524205a3bc95b68260212087b64f446c6a9adba09afb677fd1d1e745e5
95a74a9016350ab24f2b6ac40278f84e06bbef33f491a5c77f3ccbd14b501bde
97099da6fb4c43aa8cd1fa2cfb9dfefe93b07b3eac3fc20fc7094ff482871d39
971a1412af002fbae61789f753dcdd6effe4df331795ea99fb49e1628d8fbff3
97707ea3f73f231a87204527acb38ba3de793a8711839f731329ab27fd951c9a
981ad41d371f5f92ec811c3e9caba32759aab339c5059a314900ebf560abd824
9a2f13e28b91e7572c32ba13ca389a4fb13519ea877ecb5803f3e6d32b16e568
9b14a190cefe5729b1ffc61b64b3d3ba5720e028737a8a1f90be3af04c55c052
9b2d5140d291489e0fe002c514227e7e05ec72629762714b64e28b23e31d51dc
9c45c6581f154b44f31a426c185f9e63eca4a3bece818d4538e32eb6ad45078b
9dfde2ba9c506a2ff3279b128416b5c9b53f819ffffa56c0756d7619a74543fd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a241e1284542f8d93895d520359a8f119bae9db6131f11fba11f437cdfe950d7
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a486a5eaec40b9f65f15e630f77f5530b91ccecf1e0d18a5c5c2d218e7584edb
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a595a65daf494f67a9b30589aa1074b76a410023f863218449a65932153e968a
a6665e633b989fda1f6b11856b7a056658c11c410f8b5ae9076aae3d171b6817
a67b319836d86d61b5073a465f042bc9d0583ee4705bde230cf7e542c0ac8a38
a6f0ecf6ad0b385fe1b997f460d8292e2248a8f5e799edd1940ee18ad2b369c3
a8ed9456b74c249bdb7a50d95659d7f1cfeec6014d19c253680509cba050f599
a9247a713305b206abde789d28a4e68a5808fa61dc85aa26e567845bf01cb1a8
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aaf3814524bd89364709ba29a2bfc51a8934b7e55b925b9d706d3c3ae9f9f53b
af6015ed9a788013d885faa706c5f1f4a1490a255f7252f6526e2e71f484539d
b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b0978fb0412437ad74f3482f09b3c0084254e06ca8a3956467c7a388746ab840
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14bb1c4ca01a7ed992cc4e6f128792e6a9ab713670dd14ca0007267724b9bc8
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5a3530e4b2177e1c71bbe14b92236b2fc7d1c8799108057e64890d936e431b2
b68390e39dc224f47c93f751681626848277b0e932a3e70f7920060171307000
b760b70c887e5837bd3988d9d5ece8e81ac65c6411f5be0c2d6119429031fb0c
b7b2066c7c54bc80624a8290b3c4c810c177738a708be26dc5cf547a7fb4931e
b97545e1a3e47febcd6ac74dd5c49f35f080bfbeae7b901bef7d724b96f2bfd7
b9b20c45fa7937a540df46f96c90d6a36a0f3c2cc4be9f500e89168b0ea330a5
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd1f6ebf42232520f13d49b07774337ab61302075878b67d8c1790bdef01f63c
bddf01494d1e64c3eb6d0634d87673fed729cf55d7550e9bdae36d2e090ab04c
bdfe8209e133c15ab18d7dbe37db12aa8585d878dd78ef7d7e9f3f840388afd7
c2af6e197da6339b0018c3522f839555fa8c22d5eab720d12fa5d24e90ba8ebd
c31d43c6a53bebc8ee3b306ef6c2e9c76ce1b9d0951eeab787df1178c9cb8feb
c3d81f36dc03519cce27e07bfcbded028976029fd657bf53c6e094dd6e00d43b
c562eb76b2d9e6382907abd3d2f3694a29f0bb1a335df10ff88da7ad7e622c04
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c91cd4d1e31ed63b8920f21071310c99b4311f85d1c8ce59ac06fee6cf3b5595
c9f581d340bfc6744ba2045f76253c9cf32ea544ed3f777cc9f4f53e81e9e858
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
cae765e89c38588186de4b36811acb8e873a674a2ca9223dca8fb391a012082b
ccae9f42d88f7019f9330509a932a59cafd3500dec0199ed615bdf008d61c51f
cd1e1fe35247d35b12992d8b7f715a61a44917da5e0c52d9d03048eb6838efec
ce70fec7afcb42536f531714b742b4c5482af591e7801e03e08da0a55569fd6a
cec4eec54e24f2e72591b411ae19e42e0ec86e4204f74bde8034d0f635882641
cf17f68c28737dc86fe1316ca52f3ea8e473595d8e9621f188994d64a3ca2a80
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d4be81275ce2fc658832db761922b1d12c5ea4304c3e142b1b035075fa67d3e4
d54f5f33d060251302360374b5d639b8b6961f6edf71fdec9ee84a46a9cceb2d
d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1
d64809103f6b66e37f1d6a7ef749a17ea93788d8445b5171c946cea5eae08f25
d889a4f0fb64c3ccfbd8dc37234ce8a80fa44b1bfbf488f7b36c02928dc4b9f3
da6f5853a7f7edb5796e3795cda40711f13e29bbcd2f9a45d6059766b4a1a4e4
dae93195866088d91dce97b94af44dd44aeef03141a58d764bf8ddb5cc013a26
dd2acb8cf7913dad687ccdbcd2bf8e31c52325928b5891ebe9246d46eddd45bd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5
dfa4870014f01c1231437c693078dafdb4060f25b9b629736ff7425f635463f5
dfcf458b30011a32f23756a0ea7319562728a39429ce0b32f95cef3a98a28104
e1ddd8d3beb13fe24b547b9d153907154ce86c56940afaf6dc8a3ade70821b29
e2ccb6135d35607dd5cc5635509eb7e738e6ecc5fca4fbd2a9ef53fb188cfa5e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f17937c7feeb38828661b6ccb147bbd4ae288da811e21ab88a32887cfa5aae
e49a2aa3262b3b49836dc88be275fe1193b9f74efb8a05f4fec39f2378d1611e
e51bf4a5da89c223a83617078b466770b1e4d590f2430e74de39ce765762c840
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e88842d6e3d1a1ee598f6040557c2fdc3190278dfa6a73c8e525b42e9fa94993
e94f73ce15c8ecfd75fc9cea0797942fca1b85390c65e3ca44d49eaff7afdad7
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
eb00caeeb5864d2c296487be10f4254f93fb6b66653755703eedbeb3a75b12e6
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec6f393d93e855b27e2e1b788d7e8b24e3a9d7819ef73568f780679189d42367
ec7adfedca59bd2a3363a08a39b6ad05f658f2e93642c825b0106dafa222b89c
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
eda51ab7248feccf81e351757e504a158c1dd25a63c58304eb8111829ab438a4
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f191536821e73c14b5d46ae722b8c0acadd4db28476a0b4cf53c6bd78b344682
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5281a3ed7ded471835f14cdac0b1cf295e43b23c7d8fa0c6fe8112572581971
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f8f28263933a84466cc21cbf27d39d2aab3db9a6e447d0a9c07d56f75e568c5a
fa242f314af3bd4b1d587df6380cca6daaccf3e8e09a60b505bb6051176fa296
fa57cb6465ecfd0552067dddd16f69cfbfbf756713117385dda7e7bcb1050d7b
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fcbf8cef206b4d0011533936101876b0523f3056f2414afed692a469dab6b382
fe5a5f3469030993701e2cb0c63a1a66b1a3d59f87d35a5fc0fb0503fb534cd4
ff1f856dae387b3875dc0bf88df59f71458dcd2d18398e0d8dbc4a272f3f7c48